Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/3fa93f-a34f-41cf-8875-d4e882083e4f/1/5Lue1BBrhP-uljYRCo0sqjb0oDs.roa
File: 5Lue1BBrhP-uljYRCo0sqjb0oDs.roa (raw, json)
Hash identifier: MZSjcbifjet8Hnypu0zjI5hL3Rcq4h0448vdIPNV+Mo=
Subject key identifier: E4:BB:9E:D4:10:6B:84:FF:AE:96:36:11:0A:8D:2C:AA:36:F4:A0:3B
Certificate issuer: /CN=d5b6a5ca37ead31fd2a350b0b412d77d95320928
Certificate serial: 018EA87F978CFF768A22C8E3F417165BCB97
Authority key identifier: D5:B6:A5:CA:37:EA:D3:1F:D2:A3:50:B0:B4:12:D7:7D:95:32:09:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1balyjfq0x_So1CwtBLXfZUyCSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/3fa93f-a34f-41cf-8875-d4e882083e4f/1/5Lue1BBrhP-uljYRCo0sqjb0oDs.roa
Signing time: Thu 04 Apr 2024 09:45:17 +0000
ROA not before: Thu 04 Apr 2024 09:45:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5405
IP address blocks: 94.103.180.0/24 maxlen: 24
2a11:4140::/29 maxlen: 36
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:52:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a8:7f:97:8c:ff:76:8a:22:c8:e3:f4:17:16:5b:cb:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5b6a5ca37ead31fd2a350b0b412d77d95320928
Validity
Not Before: Apr 4 09:45:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4bb9ed4106b84ffae9636110a8d2caa36f4a03b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a4:39:73:3e:96:e2:54:e1:77:fd:19:c5:81:
6c:cb:3a:d8:8e:13:45:16:99:54:d2:85:64:e3:9e:
da:02:39:37:7e:b9:cb:e4:fc:64:ab:c1:b0:7c:fe:
a1:f9:a7:56:74:a6:60:14:c3:5b:6d:30:f6:38:2f:
ab:d1:e9:22:cd:b0:25:60:d5:a5:46:ef:2a:37:47:
61:48:8c:f0:7e:56:04:d4:5c:3a:c3:fa:73:85:85:
4d:f0:06:e6:2e:b3:38:ad:85:03:19:c7:d1:81:e4:
75:cb:ab:fb:cf:27:a5:78:b9:54:e1:63:0f:a6:c8:
98:78:7e:df:29:a4:f9:60:1c:da:bc:b5:3c:60:ea:
68:39:48:da:b3:1e:11:cd:cc:33:c0:e6:28:1e:6e:
52:ce:fb:32:2a:fc:fd:f1:f8:8d:40:b8:f8:ff:40:
21:8a:90:69:27:ea:2d:e7:6e:29:50:14:df:1e:6f:
57:e9:71:69:79:91:ff:10:6e:88:2a:3b:c1:fe:0d:
91:2f:9c:0c:0d:5d:49:40:92:59:ba:a1:e8:7c:4f:
47:d3:09:d0:d6:46:21:bf:2f:0c:8e:32:f6:2b:32:
f0:ba:09:d7:45:00:49:cf:5b:bc:5e:9b:6f:37:91:
59:14:da:8d:d1:47:f4:7b:f9:fb:c1:fb:d7:0e:8e:
e3:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:BB:9E:D4:10:6B:84:FF:AE:96:36:11:0A:8D:2C:AA:36:F4:A0:3B
X509v3 Authority Key Identifier:
keyid:D5:B6:A5:CA:37:EA:D3:1F:D2:A3:50:B0:B4:12:D7:7D:95:32:09:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1balyjfq0x_So1CwtBLXfZUyCSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/3fa93f-a34f-41cf-8875-d4e882083e4f/1/5Lue1BBrhP-uljYRCo0sqjb0oDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/3fa93f-a34f-41cf-8875-d4e882083e4f/1/1balyjfq0x_So1CwtBLXfZUyCSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.103.180.0/24
IPv6:
2a11:4140::/29
Signature Algorithm: sha256WithRSAEncryption
86:7f:56:19:fc:cb:7c:85:bc:79:c6:f3:d1:7c:f2:e9:26:32:
ef:fa:45:b9:a2:b2:bd:6a:02:de:bd:7d:fc:4e:1a:51:82:77:
22:3f:f3:d6:bd:33:5c:a6:5a:52:78:90:86:3e:18:23:b5:c6:
e0:60:b8:bc:d3:83:1b:1c:da:f7:79:46:6d:ca:16:f7:65:54:
b6:be:20:74:94:c3:49:58:3d:06:22:d3:b1:9a:02:3c:27:f2:
ae:77:ca:1e:5c:bc:b7:03:65:b7:73:0f:73:fc:c8:e1:44:7b:
4f:d4:6e:03:66:af:92:ea:f2:45:14:c8:db:cd:68:0d:ec:f1:
88:1c:aa:2b:a5:64:c0:e2:b8:eb:06:a6:46:f5:9a:b7:5f:d5:
c9:bb:4d:0d:77:c6:e7:78:5c:15:41:04:57:2e:e9:f0:4c:15:
c4:37:68:ad:91:ed:6d:8e:29:2a:9b:9b:e4:53:54:a4:a1:da:
9f:61:aa:6e:78:00:5d:42:5c:10:67:34:4d:a5:30:aa:33:2e:
13:b0:96:d0:7f:8e:d9:0f:d9:55:1c:94:1d:6a:c9:b3:0a:22:
05:c2:35:58:30:96:c2:bb:d8:cd:aa:c8:0c:2e:b0:4d:77:b3:
05:cc:8c:01:10:df:20:07:c7:93:d2:84:13:20:94:82:83:fa:
ae:af:83:d8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY6of5eM/3aKIsjj9BcWW8uXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1YjZhNWNhMzdlYWQzMWZkMmEzNTBiMGI0MTJkNzdkOTUz
MjA5MjgwHhcNMjQwNDA0MDk0NTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGJiOWVkNDEwNmI4NGZmYWU5NjM2MTEwYThkMmNhYTM2ZjRhMDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaQ5cz6W4lThd/0ZxYFsyzrYjhNF
FplU0oVk457aAjk3frnL5Pxkq8GwfP6h+adWdKZgFMNbbTD2OC+r0ekizbAlYNWl
Ru8qN0dhSIzwflYE1Fw6w/pzhYVN8AbmLrM4rYUDGcfRgeR1y6v7zyeleLlU4WMP
psiYeH7fKaT5YBzavLU8YOpoOUjasx4RzcwzwOYoHm5SzvsyKvz98fiNQLj4/0Ah
ipBpJ+ot524pUBTfHm9X6XFpeZH/EG6IKjvB/g2RL5wMDV1JQJJZuqHofE9H0wnQ
1kYhvy8MjjL2KzLwugnXRQBJz1u8XptvN5FZFNqN0Uf0e/n7wfvXDo7jbQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOS7ntQQa4T/rpY2EQqNLKo29KA7MB8GA1UdIwQY
MBaAFNW2pco36tMf0qNQsLQS132VMgkoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWJhbHlqZnEweF9TbzFDd3RCTFhmWlV5Q1NnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8zZmE5M2YtYTM0Zi00MWNmLTg4NzUt
ZDRlODgyMDgzZTRmLzEvNUx1ZTFCQnJoUC11bGpZUkNvMHNxamIwb0RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8zZmE5M2YtYTM0Zi00MWNmLTg4NzUtZDRlODgyMDgzZTRm
LzEvMWJhbHlqZnEweF9TbzFDd3RCTFhmWlV5Q1NnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAXme0MA0E
AgACMAcDBQMqEUFAMA0GCSqGSIb3DQEBCwUAA4IBAQCGf1YZ/Mt8hbx5xvPRfPLp
JjLv+kW5orK9agLevX38ThpRgnciP/PWvTNcplpSeJCGPhgjtcbgYLi804MbHNr3
eUZtyhb3ZVS2viB0lMNJWD0GItOxmgI8J/Kud8oeXLy3A2W3cw9z/MjhRHtP1G4D
Zq+S6vJFFMjbzWgN7PGIHKorpWTA4rjrBqZG9Zq3X9XJu00Nd8bneFwVQQRXLunw
TBXEN2itke1tjikqm5vkU1SkodqfYapueABdQlwQZzRNpTCqMy4TsJbQf47ZD9lV
HJQdasmzCiIFwjVYMJbCu9jNqsgMLrBNd7MFzIwBEN8gB8eT0oQTIJSCg/qur4PY
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:46:09 2025 by rpki-client