Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/839d1c-4db3-45cc-b04f-b55d7d7f2c48/1/5-FIoLOUfuKxzLfm4fbfo3Fz0BU.roa
File: 5-FIoLOUfuKxzLfm4fbfo3Fz0BU.roa (raw, json)
Hash identifier: 6f2QBEu2M3oKKHgQxQULnf9YbWds8dvuYKaV+l+kYtE=
Subject key identifier: E7:E1:48:A0:B3:94:7E:E2:B1:CC:B7:E6:E1:F6:DF:A3:71:73:D0:15
Certificate issuer: /CN=c35adeebc28d7e27fd9eb9efb23551dae20b1d0f
Certificate serial: 018CC5DC3A1078FE692DF9E8A9FD06D59E86
Authority key identifier: C3:5A:DE:EB:C2:8D:7E:27:FD:9E:B9:EF:B2:35:51:DA:E2:0B:1D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w1re68KNfif9nrnvsjVR2uILHQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/839d1c-4db3-45cc-b04f-b55d7d7f2c48/1/5-FIoLOUfuKxzLfm4fbfo3Fz0BU.roa
Signing time: Mon 01 Jan 2024 16:29:53 +0000
ROA not before: Mon 01 Jan 2024 16:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47951
IP address blocks: 194.104.137.0/24 maxlen: 24
2a11:5fc0::/29 maxlen: 29
2a11:5fc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 16 Mar 2024 07:27:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:3a:10:78:fe:69:2d:f9:e8:a9:fd:06:d5:9e:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35adeebc28d7e27fd9eb9efb23551dae20b1d0f
Validity
Not Before: Jan 1 16:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e7e148a0b3947ee2b1ccb7e6e1f6dfa37173d015
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:d9:65:04:d3:f2:3f:9f:c0:0d:7d:ec:21:33:
2a:55:23:2a:c8:a3:0e:28:69:87:48:12:5a:0a:dc:
7b:fe:48:44:0a:0f:e6:a3:c0:43:e1:21:61:05:46:
3f:df:8d:ea:43:07:85:37:ee:81:e7:d9:46:c4:41:
64:93:5c:67:f2:2c:25:a4:51:d8:dc:9d:16:72:59:
f3:a4:85:74:39:71:64:c7:32:a6:9c:f3:28:fd:f7:
b3:4d:5e:78:1c:e2:a8:6f:d8:f4:0a:04:9e:62:b5:
8b:86:02:1b:c5:db:52:b5:32:7d:cc:d4:70:44:38:
23:b4:f9:e3:eb:23:0b:0c:d6:79:f1:1a:92:8e:23:
10:80:7f:ed:06:90:94:a1:4f:f9:12:5e:ad:4f:59:
f2:eb:5c:c7:80:f1:5f:ba:ec:46:1a:b0:44:05:a8:
ec:b2:d9:38:66:36:56:12:5a:dd:c2:a6:b9:d8:f9:
f1:97:33:e8:35:bf:46:40:39:be:42:62:5b:82:2d:
5a:6a:9c:9a:f6:2e:f2:1e:f0:3d:e3:ab:b9:3c:b0:
8d:bc:03:4e:c5:03:f9:94:88:81:bf:57:5e:aa:3d:
6d:1f:51:98:d1:fe:c0:01:5a:11:ff:95:67:bc:86:
8c:a2:1e:2d:df:95:51:42:fa:a4:e6:b3:5d:ce:31:
70:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:E1:48:A0:B3:94:7E:E2:B1:CC:B7:E6:E1:F6:DF:A3:71:73:D0:15
X509v3 Authority Key Identifier:
keyid:C3:5A:DE:EB:C2:8D:7E:27:FD:9E:B9:EF:B2:35:51:DA:E2:0B:1D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w1re68KNfif9nrnvsjVR2uILHQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/839d1c-4db3-45cc-b04f-b55d7d7f2c48/1/5-FIoLOUfuKxzLfm4fbfo3Fz0BU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/839d1c-4db3-45cc-b04f-b55d7d7f2c48/1/w1re68KNfif9nrnvsjVR2uILHQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.104.137.0/24
IPv6:
2a11:5fc0::/29
Signature Algorithm: sha256WithRSAEncryption
2f:e5:0f:5a:1f:62:1b:2e:f4:ad:93:07:ac:c2:93:34:22:4e:
b2:36:05:18:b6:68:e6:69:9c:b1:63:a4:60:87:af:fc:c0:17:
06:a3:31:62:08:ab:5d:9b:6f:f4:35:c5:1e:99:c9:ce:98:af:
63:02:fc:10:e5:96:35:0e:82:f7:97:1a:07:38:f3:cc:10:e0:
fe:64:ab:eb:5c:e0:d8:4b:51:cf:f9:4b:5c:28:8a:65:35:e2:
98:a7:f5:13:73:13:fa:ed:24:d8:d9:c2:f2:a0:86:68:8a:0a:
e0:83:8c:8c:45:27:8f:ed:4f:d2:ce:64:ac:6a:e7:0a:25:43:
6b:30:fe:95:39:59:55:c1:7a:7a:de:e6:55:70:5c:fe:2c:62:
44:b7:24:9c:49:1f:5c:10:88:36:95:f6:00:69:6f:6b:c2:4e:
68:bf:72:22:79:7f:e3:87:20:70:e3:38:d2:2f:04:0b:a9:ab:
4d:b5:90:af:b8:30:c4:75:c6:f8:28:a6:b5:54:28:69:35:31:
8a:5a:9e:f2:05:02:8f:08:c3:8a:ac:06:29:71:7a:5b:cb:2e:
ea:55:43:74:fe:35:65:ef:fb:4e:0f:3a:a8:9c:cc:bd:fe:20:
2e:5d:c6:a2:cf:0e:ee:9f:94:c1:b9:69:b0:40:a4:22:13:30:
b9:35:4b:b1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF3DoQeP5pLfnoqf0G1Z6GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWFkZWViYzI4ZDdlMjdmZDllYjllZmIyMzU1MWRhZTIw
YjFkMGYwHhcNMjQwMTAxMTYyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2UxNDhhMGIzOTQ3ZWUyYjFjY2I3ZTZlMWY2ZGZhMzcxNzNkMDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA09llBNPyP5/ADX3sITMqVSMqyKMO
KGmHSBJaCtx7/khECg/mo8BD4SFhBUY/343qQweFN+6B59lGxEFkk1xn8iwlpFHY
3J0WclnzpIV0OXFkxzKmnPMo/fezTV54HOKob9j0CgSeYrWLhgIbxdtStTJ9zNRw
RDgjtPnj6yMLDNZ58RqSjiMQgH/tBpCUoU/5El6tT1ny61zHgPFfuuxGGrBEBajs
stk4ZjZWElrdwqa52PnxlzPoNb9GQDm+QmJbgi1aapya9i7yHvA946u5PLCNvANO
xQP5lIiBv1deqj1tH1GY0f7AAVoR/5VnvIaMoh4t35VRQvqk5rNdzjFw1QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOfhSKCzlH7iscy35uH236Nxc9AVMB8GA1UdIwQY
MBaAFMNa3uvCjX4n/Z6577I1UdriCx0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzFyZTY4S05maWY5bnJudnNqVlIydUlMSFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy84MzlkMWMtNGRiMy00NWNjLWIwNGYt
YjU1ZDdkN2YyYzQ4LzEvNS1GSW9MT1VmdUt4ekxmbTRmYmZvM0Z6MEJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy84MzlkMWMtNGRiMy00NWNjLWIwNGYtYjU1ZDdkN2YyYzQ4
LzEvdzFyZTY4S05maWY5bnJudnNqVlIydUlMSFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwmiJMA0E
AgACMAcDBQMqEV/AMA0GCSqGSIb3DQEBCwUAA4IBAQAv5Q9aH2IbLvStkweswpM0
Ik6yNgUYtmjmaZyxY6Rgh6/8wBcGozFiCKtdm2/0NcUemcnOmK9jAvwQ5ZY1DoL3
lxoHOPPMEOD+ZKvrXODYS1HP+UtcKIplNeKYp/UTcxP67STY2cLyoIZoigrgg4yM
RSeP7U/SzmSsaucKJUNrMP6VOVlVwXp63uZVcFz+LGJEtyScSR9cEIg2lfYAaW9r
wk5ov3IieX/jhyBw4zjSLwQLqatNtZCvuDDEdcb4KKa1VChpNTGKWp7yBQKPCMOK
rAYpcXpbyy7qVUN0/jVl7/tODzqonMy9/iAuXcaizw7un5TBuWmwQKQiEzC5NUux
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:38 2025 by rpki-client