Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/5f0oPfTfIGtDGawi3IgDQWx9M5I.roa
File: 5f0oPfTfIGtDGawi3IgDQWx9M5I.roa (raw, json)
Hash identifier: DFnNjvc0ebYptTwzjfIIvRtWp3C4SKNIhXjGXObdzm4=
Subject key identifier: E5:FD:28:3D:F4:DF:20:6B:43:19:AC:22:DC:88:03:41:6C:7D:33:92
Certificate issuer: /CN=dc05df6e404ef920e6a5928d8963e6a5f8d61120
Certificate serial: 018CC6B925422198FBC335FAE5794CD2003B
Authority key identifier: DC:05:DF:6E:40:4E:F9:20:E6:A5:92:8D:89:63:E6:A5:F8:D6:11:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3AXfbkBO-SDmpZKNiWPmpfjWESA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/5f0oPfTfIGtDGawi3IgDQWx9M5I.roa
Signing time: Mon 01 Jan 2024 20:31:11 +0000
ROA not before: Mon 01 Jan 2024 20:31:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6507
IP address blocks: 185.40.64.0/22 maxlen: 22
2a04:82c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 11 Nov 2024 20:21:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:25:42:21:98:fb:c3:35:fa:e5:79:4c:d2:00:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc05df6e404ef920e6a5928d8963e6a5f8d61120
Validity
Not Before: Jan 1 20:31:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e5fd283df4df206b4319ac22dc8803416c7d3392
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:5b:ff:b3:a6:18:e6:84:1c:eb:0a:d2:72:22:
fb:70:00:e7:8a:cd:22:25:57:3c:93:11:ad:e0:e7:
fd:6f:12:d4:8e:61:8b:56:99:ec:2d:66:81:51:97:
6c:de:e6:82:ab:49:58:98:9c:29:b0:96:14:72:4d:
b4:c3:ef:db:02:36:f2:62:79:b6:b8:05:2d:b6:f7:
18:4e:23:8e:68:99:e0:19:f4:61:11:d1:d1:07:53:
0b:3f:32:cf:dd:46:47:3c:56:ef:d9:9a:df:10:a8:
6f:55:96:66:a0:7d:3f:2c:80:95:f8:08:0d:ca:ec:
44:64:08:7a:3a:3d:f4:63:96:e0:a0:c8:08:b6:db:
f6:20:a0:a0:a0:7e:76:d9:75:3f:a4:80:0e:22:5c:
db:2f:fa:36:29:c0:1c:f2:12:34:11:01:ef:dd:2f:
bd:97:dd:cd:5d:52:c9:40:33:bc:3c:49:14:ee:f0:
c8:f9:1b:77:6b:12:52:f3:a1:78:d9:4c:db:ad:2a:
7d:80:7c:b6:53:ce:4b:9d:7b:05:e5:3a:3b:e2:33:
b1:91:a5:e6:1e:d5:79:f9:ad:27:92:0c:35:da:58:
d4:9f:39:98:a9:cc:52:e7:51:20:08:df:35:5f:45:
88:09:65:e8:92:e3:0a:62:3d:d3:35:c8:ef:2e:f0:
e2:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:FD:28:3D:F4:DF:20:6B:43:19:AC:22:DC:88:03:41:6C:7D:33:92
X509v3 Authority Key Identifier:
keyid:DC:05:DF:6E:40:4E:F9:20:E6:A5:92:8D:89:63:E6:A5:F8:D6:11:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3AXfbkBO-SDmpZKNiWPmpfjWESA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/5f0oPfTfIGtDGawi3IgDQWx9M5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/3AXfbkBO-SDmpZKNiWPmpfjWESA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.64.0/22
IPv6:
2a04:82c0::/29
Signature Algorithm: sha256WithRSAEncryption
24:3a:16:51:70:47:4d:a7:1c:d8:3a:a5:bf:30:93:22:eb:55:
5f:85:17:3b:5f:2d:c1:07:47:af:c0:4e:58:53:4e:15:64:d0:
54:e7:a8:75:43:6c:04:d7:eb:cf:81:fd:c5:8f:ae:ce:da:3f:
c6:8a:16:5e:65:7d:3f:fa:68:35:85:44:60:af:55:aa:a6:11:
f8:c4:9c:5d:15:54:22:42:a3:c2:e6:44:1b:ac:23:0f:37:04:
4c:34:71:ab:d2:25:1e:a5:f8:c9:42:d0:25:01:f3:d3:04:08:
fd:40:c2:04:07:a4:20:76:ed:c2:ce:40:49:6a:27:10:5d:d6:
e2:92:cd:4e:2c:24:0a:de:3c:8d:12:a8:4b:37:d0:d4:55:4f:
51:23:1a:31:2b:f6:65:4e:86:7e:53:06:25:f7:35:6b:22:16:
8a:90:18:68:75:7a:9f:89:83:dd:cf:0c:ff:14:c0:e9:50:6d:
3d:44:d4:f9:1a:26:02:aa:7f:87:1e:c9:50:69:c6:aa:30:f6:
48:a3:1a:14:f2:d1:e1:6c:41:2d:22:01:71:67:2a:f9:98:7e:
5f:69:06:95:8d:8f:7e:01:0e:79:5f:5e:71:32:63:19:87:7f:
98:cd:42:28:36:fe:00:2c:e4:3e:a0:92:29:e2:38:3a:2a:ed:
58:ab:fe:fa
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGuSVCIZj7wzX65XlM0gA7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDVkZjZlNDA0ZWY5MjBlNmE1OTI4ZDg5NjNlNmE1Zjhk
NjExMjAwHhcNMjQwMTAxMjAzMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWZkMjgzZGY0ZGYyMDZiNDMxOWFjMjJkYzg4MDM0MTZjN2QzMzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylv/s6YY5oQc6wrSciL7cADnis0i
JVc8kxGt4Of9bxLUjmGLVpnsLWaBUZds3uaCq0lYmJwpsJYUck20w+/bAjbyYnm2
uAUttvcYTiOOaJngGfRhEdHRB1MLPzLP3UZHPFbv2ZrfEKhvVZZmoH0/LICV+AgN
yuxEZAh6Oj30Y5bgoMgIttv2IKCgoH522XU/pIAOIlzbL/o2KcAc8hI0EQHv3S+9
l93NXVLJQDO8PEkU7vDI+Rt3axJS86F42UzbrSp9gHy2U85LnXsF5To74jOxkaXm
HtV5+a0nkgw12ljUnzmYqcxS51EgCN81X0WICWXokuMKYj3TNcjvLvDi1QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOX9KD303yBrQxmsItyIA0FsfTOSMB8GA1UdIwQY
MBaAFNwF325ATvkg5qWSjYlj5qX41hEgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FYZmJrQk8tU0RtcFpLTmlXUG1wZmpXRVNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8wYzM4ODYtYTMyZC00NDM1LWFiNzQt
YmNlOTM0MjA1YWU4LzEvNWYwb1BmVGZJR3RER2F3aTNJZ0RRV3g5TTVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8wYzM4ODYtYTMyZC00NDM1LWFiNzQtYmNlOTM0MjA1YWU4
LzEvM0FYZmJrQk8tU0RtcFpLTmlXUG1wZmpXRVNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuShAMA0E
AgACMAcDBQMqBILAMA0GCSqGSIb3DQEBCwUAA4IBAQAkOhZRcEdNpxzYOqW/MJMi
61VfhRc7Xy3BB0evwE5YU04VZNBU56h1Q2wE1+vPgf3Fj67O2j/GihZeZX0/+mg1
hURgr1WqphH4xJxdFVQiQqPC5kQbrCMPNwRMNHGr0iUepfjJQtAlAfPTBAj9QMIE
B6Qgdu3CzkBJaicQXdbiks1OLCQK3jyNEqhLN9DUVU9RIxoxK/ZlToZ+UwYl9zVr
IhaKkBhodXqfiYPdzwz/FMDpUG09RNT5GiYCqn+HHslQacaqMPZIoxoU8tHhbEEt
IgFxZyr5mH5faQaVjY9+AQ55X15xMmMZh3+YzUIoNv4ALOQ+oJIp4jg6Ku1Yq/76
Generated at Tue Nov 12 00:01:00 2024 by rpki-client on console-fra.rpki-client.org