Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/4e8e74-77e6-41eb-9047-59c18ada352f/1/5S5AYzmprlp2h-CmXtMtc_P1yzE.roa
File: 5S5AYzmprlp2h-CmXtMtc_P1yzE.roa (raw, json)
Hash identifier: wfj2ixNPWSb/1a76C+cTHlRgkFoaSSvc88n61/slx4k=
Subject key identifier: E5:2E:40:63:39:A9:AE:5A:76:87:E0:A6:5E:D3:2D:73:F3:F5:CB:31
Certificate issuer: /CN=3c1e3fddf7884d785a708fd4e664b62de910ebe8
Certificate serial: 01856C413AFD7DE3D759BFE2D3D784A1721B
Authority key identifier: 3C:1E:3F:DD:F7:88:4D:78:5A:70:8F:D4:E6:64:B6:2D:E9:10:EB:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PB4_3feITXhacI_U5mS2LekQ6-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/4e8e74-77e6-41eb-9047-59c18ada352f/1/5S5AYzmprlp2h-CmXtMtc_P1yzE.roa
Signing time: Sun 01 Jan 2023 07:34:52 +0000
ROA not before: Sun 01 Jan 2023 07:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204326
IP address blocks: 185.18.240.0/22 maxlen: 24
2a04:d00::/29 maxlen: 48
Validation: Failed, certificate revoked on Fri 27 Jan 2023 13:56:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:41:3a:fd:7d:e3:d7:59:bf:e2:d3:d7:84:a1:72:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c1e3fddf7884d785a708fd4e664b62de910ebe8
Validity
Not Before: Jan 1 07:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e52e406339a9ae5a7687e0a65ed32d73f3f5cb31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e4:1c:55:d1:f8:4c:3d:e3:88:b5:fe:80:77:
3e:48:11:df:2b:d1:bc:2b:8c:9c:aa:48:62:68:2a:
09:c2:8c:bf:58:0e:bf:97:a0:b3:f3:59:8a:46:27:
c9:47:f3:26:be:c9:bc:17:33:44:b0:3c:a7:22:10:
da:b7:21:99:18:ae:be:51:05:d2:bf:38:d0:b6:01:
60:da:35:04:fb:40:44:1b:f8:d4:05:1e:02:2c:ce:
79:93:44:87:92:40:db:aa:42:24:f7:a9:0d:c9:9f:
ec:6f:86:9a:d6:02:58:e8:b2:ed:31:d6:0f:9d:5e:
cf:a2:ec:38:6f:f9:a4:ef:a0:8b:45:77:3f:a9:89:
7c:14:50:dd:b5:22:df:ad:06:b8:89:40:a8:6b:95:
bb:c1:79:63:84:cb:88:2a:b6:38:83:bb:ee:52:f8:
e8:f5:73:31:f5:fd:f1:b7:96:59:8d:1a:9a:4b:7c:
d2:71:1a:06:35:d1:44:58:d3:86:90:f1:ff:27:ca:
c2:72:cc:a8:61:92:16:f3:e2:f1:db:ce:b9:4b:77:
3a:cd:da:b5:f4:e5:21:a0:1d:af:0b:86:97:d7:52:
9e:92:57:cf:a8:08:53:2f:1d:3a:0e:a2:93:fc:10:
6d:22:79:10:07:d5:12:72:e5:82:e3:62:c3:5e:61:
5c:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:2E:40:63:39:A9:AE:5A:76:87:E0:A6:5E:D3:2D:73:F3:F5:CB:31
X509v3 Authority Key Identifier:
keyid:3C:1E:3F:DD:F7:88:4D:78:5A:70:8F:D4:E6:64:B6:2D:E9:10:EB:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PB4_3feITXhacI_U5mS2LekQ6-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/4e8e74-77e6-41eb-9047-59c18ada352f/1/5S5AYzmprlp2h-CmXtMtc_P1yzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/4e8e74-77e6-41eb-9047-59c18ada352f/1/PB4_3feITXhacI_U5mS2LekQ6-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.18.240.0/22
IPv6:
2a04:d00::/29
Signature Algorithm: sha256WithRSAEncryption
20:bf:98:20:26:65:13:43:c4:44:cf:de:c0:70:c9:8d:c0:0a:
45:bf:8a:c3:81:ab:4f:bd:b7:8c:82:6a:1e:83:4a:d3:78:d6:
cf:a1:8d:1f:24:6b:34:a4:63:e7:c1:d0:a6:39:1d:18:38:c9:
25:4f:fc:25:09:ab:f6:67:36:40:61:74:27:a7:d3:0c:77:93:
f4:48:0b:00:40:5f:18:85:58:4d:08:a6:1c:35:bd:b1:1b:dc:
7c:d7:31:3f:b7:71:f5:3a:07:be:66:67:6b:25:01:88:2d:6f:
1e:83:1b:c4:3f:23:ec:07:5b:4f:ba:0f:c1:71:f8:3c:d8:eb:
49:15:ea:d6:8e:07:c0:c0:1c:96:d4:f1:05:6a:d5:ec:5a:d3:
71:cd:89:a6:4b:d5:0c:70:4a:73:12:ad:1d:7a:11:fb:94:0e:
cf:41:d8:43:06:15:a5:78:f0:0c:4b:75:2b:60:a9:69:ef:b3:
01:0e:d4:38:00:2f:c6:5f:5e:37:79:07:13:f2:0a:b4:84:f8:
f0:e7:7f:14:40:1c:3c:98:0b:97:c8:9d:1a:66:8c:41:9e:5a:
ef:2f:5e:7c:ab:37:4e:70:7e:82:73:47:68:96:16:35:d6:b5:
20:ed:8b:fe:1a:70:44:57:d8:b6:5f:37:66:93:7b:41:38:33:
dc:42:28:9e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsQTr9fePXWb/i09eEoXIbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMWUzZmRkZjc4ODRkNzg1YTcwOGZkNGU2NjRiNjJkZTkx
MGViZTgwHhcNMjMwMTAxMDczNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTJlNDA2MzM5YTlhZTVhNzY4N2UwYTY1ZWQzMmQ3M2YzZjVjYjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApeQcVdH4TD3jiLX+gHc+SBHfK9G8
K4ycqkhiaCoJwoy/WA6/l6Cz81mKRifJR/Mmvsm8FzNEsDynIhDatyGZGK6+UQXS
vzjQtgFg2jUE+0BEG/jUBR4CLM55k0SHkkDbqkIk96kNyZ/sb4aa1gJY6LLtMdYP
nV7Pouw4b/mk76CLRXc/qYl8FFDdtSLfrQa4iUCoa5W7wXljhMuIKrY4g7vuUvjo
9XMx9f3xt5ZZjRqaS3zScRoGNdFEWNOGkPH/J8rCcsyoYZIW8+Lx2865S3c6zdq1
9OUhoB2vC4aX11KeklfPqAhTLx06DqKT/BBtInkQB9UScuWC42LDXmFcGQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOUuQGM5qa5adofgpl7TLXPz9csxMB8GA1UdIwQY
MBaAFDweP933iE14WnCP1OZkti3pEOvoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEI0XzNmZUlUWGhhY0lfVTVtUzJMZWtRNi1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS80ZThlNzQtNzdlNi00MWViLTkwNDct
NTljMThhZGEzNTJmLzEvNVM1QVl6bXBybHAyaC1DbVh0TXRjX1AxeXpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS80ZThlNzQtNzdlNi00MWViLTkwNDctNTljMThhZGEzNTJm
LzEvUEI0XzNmZUlUWGhhY0lfVTVtUzJMZWtRNi1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRLwMA0E
AgACMAcDBQMqBA0AMA0GCSqGSIb3DQEBCwUAA4IBAQAgv5ggJmUTQ8REz97AcMmN
wApFv4rDgatPvbeMgmoeg0rTeNbPoY0fJGs0pGPnwdCmOR0YOMklT/wlCav2ZzZA
YXQnp9MMd5P0SAsAQF8YhVhNCKYcNb2xG9x81zE/t3H1Oge+ZmdrJQGILW8egxvE
PyPsB1tPug/Bcfg82OtJFerWjgfAwByW1PEFatXsWtNxzYmmS9UMcEpzEq0dehH7
lA7PQdhDBhWlePAMS3UrYKlp77MBDtQ4AC/GX143eQcT8gq0hPjw538UQBw8mAuX
yJ0aZoxBnlrvL158qzdOcH6Cc0dolhY11rUg7Yv+GnBEV9i2Xzdmk3tBODPcQiie
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:34 2024 by rpki-client on console-ams.rpki-client.org