Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/d19fc2-8949-4fe6-931b-1c4bb58ab720/1/9SWh0Nviy4cgfvph9uhVztN3tRA.roa
File: 9SWh0Nviy4cgfvph9uhVztN3tRA.roa (raw, json)
Hash identifier: F63XxQvgxwAGHMRckOTDx6SkmhtvDKinNzsYhXWN3kg=
Subject key identifier: F5:25:A1:D0:DB:E2:CB:87:20:7E:FA:61:F6:E8:55:CE:D3:77:B5:10
Certificate issuer: /CN=4a8e68702ef5d48c4f2b072d9cb473e62b87b3e4
Certificate serial: 01958A52625EF542E32EAEDA97D227AA4C54
Authority key identifier: 4A:8E:68:70:2E:F5:D4:8C:4F:2B:07:2D:9C:B4:73:E6:2B:87:B3:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/So5ocC711IxPKwctnLRz5iuHs-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/d19fc2-8949-4fe6-931b-1c4bb58ab720/1/9SWh0Nviy4cgfvph9uhVztN3tRA.roa
Signing time: Wed 12 Mar 2025 12:26:49 +0000
ROA not before: Wed 12 Mar 2025 12:26:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8648
IP address blocks: 5.28.40.0/21 maxlen: 21
5.28.47.0/24 maxlen: 24
2a05:e980::/32 maxlen: 32
2a05:e987::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 22 Mar 2025 16:19:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8a:52:62:5e:f5:42:e3:2e:ae:da:97:d2:27:aa:4c:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a8e68702ef5d48c4f2b072d9cb473e62b87b3e4
Validity
Not Before: Mar 12 12:26:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f525a1d0dbe2cb87207efa61f6e855ced377b510
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:75:9c:96:5e:ab:bf:24:35:e2:46:e9:bb:70:
e0:92:0f:25:47:f5:0e:81:3c:33:a8:fd:79:57:dd:
14:99:ae:78:b6:8e:e2:f7:50:1b:bb:a0:33:68:0f:
89:df:48:5d:f8:e5:13:34:14:cf:f4:e6:92:8f:37:
5b:99:87:7f:03:cb:14:61:48:57:6e:bb:26:cc:0a:
75:86:d4:2d:3c:a5:ce:32:78:cc:05:c4:d2:2e:b2:
3c:34:a3:a3:a5:c6:de:a3:1c:b2:d6:05:ed:aa:4d:
04:61:cf:e1:68:09:9c:4c:ad:70:40:85:c7:93:1c:
de:1f:41:2a:7d:36:ce:a6:dd:f5:47:59:d7:6f:ce:
58:df:2e:28:11:5e:b0:44:60:81:b8:18:30:e1:a2:
22:56:3c:12:df:ef:3b:b7:19:8b:6d:3a:07:15:d2:
9c:30:30:e6:e5:16:a7:19:5f:48:3b:61:54:1b:5c:
e3:10:5e:64:06:19:1b:df:a2:e1:32:47:c4:84:9a:
f6:06:dd:88:e7:70:5e:ef:c1:41:4c:55:79:97:7a:
31:f4:bb:b5:41:dc:72:b7:a4:e1:7a:b6:19:a9:09:
5e:f6:4b:3c:03:12:7f:e5:7e:46:f7:f4:1b:81:c2:
fd:c5:43:a5:68:67:9c:ba:d8:7e:49:17:c3:2f:74:
5d:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:25:A1:D0:DB:E2:CB:87:20:7E:FA:61:F6:E8:55:CE:D3:77:B5:10
X509v3 Authority Key Identifier:
keyid:4A:8E:68:70:2E:F5:D4:8C:4F:2B:07:2D:9C:B4:73:E6:2B:87:B3:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/So5ocC711IxPKwctnLRz5iuHs-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/d19fc2-8949-4fe6-931b-1c4bb58ab720/1/9SWh0Nviy4cgfvph9uhVztN3tRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/d19fc2-8949-4fe6-931b-1c4bb58ab720/1/So5ocC711IxPKwctnLRz5iuHs-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.28.40.0/21
IPv6:
2a05:e980::/32
2a05:e987::/32
Signature Algorithm: sha256WithRSAEncryption
3c:67:a6:70:b2:58:2f:c3:f0:5f:64:91:a6:be:7b:7e:db:dc:
80:d7:47:e1:5f:d2:2a:71:a9:19:93:40:1a:b2:72:15:4b:d0:
21:f9:6f:9c:78:97:95:15:47:61:04:9e:fe:17:d2:45:a2:34:
5d:53:5e:7b:57:31:11:d1:6b:94:01:91:90:06:6f:56:5a:c6:
33:7e:2b:dc:7f:2c:2a:34:78:44:14:2e:3a:53:83:5f:c4:ae:
f3:a1:f2:65:32:94:a4:c9:b2:64:08:12:79:59:66:f3:a8:d5:
e8:29:19:45:61:93:10:b4:43:f2:b6:b4:32:ff:c3:1e:d5:b1:
24:c6:8c:08:5a:90:05:d1:c7:f3:cc:75:20:86:ac:58:e1:86:
e2:af:1d:4a:2b:0b:1a:b6:97:f0:6d:d7:57:74:cb:7c:5d:a2:
eb:7c:79:86:f1:1e:5c:ef:6c:23:51:8c:2a:ea:9d:54:1b:66:
2a:15:79:09:6c:52:27:75:da:91:a5:44:bf:4e:d6:a8:23:3c:
a3:db:fd:83:23:cc:90:77:9e:f6:1f:73:7e:62:bc:73:b7:ac:
2a:1e:b9:26:d2:19:15:93:b2:f0:b4:18:ce:47:88:db:29:42:
b4:5b:09:29:67:68:9a:8e:e4:6e:ba:7e:38:8d:a7:f4:82:c0:
2f:c6:28:de
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZWKUmJe9ULjLq7al9InqkxUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhOGU2ODcwMmVmNWQ0OGM0ZjJiMDcyZDljYjQ3M2U2MmI4
N2IzZTQwHhcNMjUwMzEyMTIyNjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTI1YTFkMGRiZTJjYjg3MjA3ZWZhNjFmNmU4NTVjZWQzNzdiNTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknWcll6rvyQ14kbpu3Dgkg8lR/UO
gTwzqP15V90Uma54to7i91Abu6AzaA+J30hd+OUTNBTP9OaSjzdbmYd/A8sUYUhX
brsmzAp1htQtPKXOMnjMBcTSLrI8NKOjpcbeoxyy1gXtqk0EYc/haAmcTK1wQIXH
kxzeH0EqfTbOpt31R1nXb85Y3y4oEV6wRGCBuBgw4aIiVjwS3+87txmLbToHFdKc
MDDm5RanGV9IO2FUG1zjEF5kBhkb36LhMkfEhJr2Bt2I53Be78FBTFV5l3ox9Lu1
Qdxyt6TherYZqQle9ks8AxJ/5X5G9/QbgcL9xUOlaGecuth+SRfDL3Rd6wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFPUlodDb4suHIH76YfboVc7Td7UQMB8GA1UdIwQY
MBaAFEqOaHAu9dSMTysHLZy0c+Yrh7PkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU281b2NDNzExSXhQS3djdG5MUno1aXVIcy1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9kMTlmYzItODk0OS00ZmU2LTkzMWIt
MWM0YmI1OGFiNzIwLzEvOVNXaDBOdml5NGNnZnZwaDl1aFZ6dE4zdFJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9kMTlmYzItODk0OS00ZmU2LTkzMWItMWM0YmI1OGFiNzIw
LzEvU281b2NDNzExSXhQS3djdG5MUno1aXVIcy1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQDBRwoMBQE
AgACMA4DBQAqBemAAwUAKgXphzANBgkqhkiG9w0BAQsFAAOCAQEAPGemcLJYL8Pw
X2SRpr57ftvcgNdH4V/SKnGpGZNAGrJyFUvQIflvnHiXlRVHYQSe/hfSRaI0XVNe
e1cxEdFrlAGRkAZvVlrGM34r3H8sKjR4RBQuOlODX8Su86HyZTKUpMmyZAgSeVlm
86jV6CkZRWGTELRD8ra0Mv/DHtWxJMaMCFqQBdHH88x1IIasWOGG4q8dSisLGraX
8G3XV3TLfF2i63x5hvEeXO9sI1GMKuqdVBtmKhV5CWxSJ3XakaVEv07WqCM8o9v9
gyPMkHee9h9zfmK8c7esKh65JtIZFZOy8LQYzkeI2ylCtFsJKWdomo7kbrp+OI2n
9ILAL8Yo3g==
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:53:55 2025 by rpki-client