Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/09ec83-85e2-4e9c-a79c-4c959f6077a0/1/5cFouaeMdqNky0CoRe-4KADJ_lg.roa
File: 5cFouaeMdqNky0CoRe-4KADJ_lg.roa (raw, json)
Hash identifier: TIIIFr+7bCOHV8Z0SqUsErxUbpGtAQAHRW6lKCCkOTs=
Subject key identifier: E5:C1:68:B9:A7:8C:76:A3:64:CB:40:A8:45:EF:B8:28:00:C9:FE:58
Certificate issuer: /CN=3ba05cb29671d30a57a3e8444f41fe034cf75231
Certificate serial: 018F1B0954116BE30DE6EF90172BDB64000C
Authority key identifier: 3B:A0:5C:B2:96:71:D3:0A:57:A3:E8:44:4F:41:FE:03:4C:F7:52:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O6BcspZx0wpXo-hET0H-A0z3UjE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/09ec83-85e2-4e9c-a79c-4c959f6077a0/1/5cFouaeMdqNky0CoRe-4KADJ_lg.roa
Signing time: Fri 26 Apr 2024 15:32:27 +0000
ROA not before: Fri 26 Apr 2024 15:32:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206188
IP address blocks: 5.42.194.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:47:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:1b:09:54:11:6b:e3:0d:e6:ef:90:17:2b:db:64:00:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ba05cb29671d30a57a3e8444f41fe034cf75231
Validity
Not Before: Apr 26 15:32:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e5c168b9a78c76a364cb40a845efb82800c9fe58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:e3:4a:03:b1:1f:70:79:b6:59:9b:e0:09:85:
58:cd:2c:b0:a1:08:39:09:ba:fa:64:35:a7:3f:f0:
f9:b7:1f:e8:79:de:1e:9a:74:36:8a:78:b6:c2:b3:
0f:f4:b6:31:1f:27:65:16:81:bf:14:20:ed:1a:1c:
49:1e:d7:21:a4:29:6e:d6:a5:9d:c5:b0:1b:53:61:
42:86:d2:62:fd:fe:b9:4d:2d:96:82:09:c2:32:30:
68:6f:94:cf:3a:99:cf:09:e9:8d:29:ba:73:0a:dd:
3d:84:95:cf:3b:6c:33:7e:3d:78:e6:6d:0e:ae:46:
03:37:39:f1:d8:29:73:01:5b:08:af:f4:36:d7:07:
a5:40:d8:e3:87:51:38:6c:eb:00:33:df:55:37:3f:
ba:9c:e5:60:04:95:7d:b6:01:7c:a9:85:98:80:8a:
09:c1:1b:93:45:7d:f5:07:22:c0:77:42:32:fb:7e:
66:cc:72:53:e2:cf:68:6b:3b:34:45:50:e4:a3:fd:
b4:6b:af:4d:22:55:39:44:cc:d3:a2:d6:1b:8f:4e:
6d:89:79:49:e0:cd:5a:de:53:ad:3d:e5:01:82:81:
87:6d:6f:37:46:f8:8d:7b:d8:ae:04:05:a2:fe:aa:
52:ad:cd:77:31:3f:52:f1:92:72:7d:bc:aa:ac:dc:
70:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:C1:68:B9:A7:8C:76:A3:64:CB:40:A8:45:EF:B8:28:00:C9:FE:58
X509v3 Authority Key Identifier:
keyid:3B:A0:5C:B2:96:71:D3:0A:57:A3:E8:44:4F:41:FE:03:4C:F7:52:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O6BcspZx0wpXo-hET0H-A0z3UjE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/09ec83-85e2-4e9c-a79c-4c959f6077a0/1/5cFouaeMdqNky0CoRe-4KADJ_lg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/09ec83-85e2-4e9c-a79c-4c959f6077a0/1/O6BcspZx0wpXo-hET0H-A0z3UjE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.194.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:c7:e3:7d:03:1c:26:ae:d4:e1:c4:9d:42:96:e2:28:5f:6e:
79:46:91:85:f4:bd:c3:2d:fb:1c:38:34:e8:99:03:9d:db:b7:
3a:22:2a:6b:6f:35:df:7f:36:d7:21:ef:f5:97:25:ff:25:f0:
72:fb:f4:73:8e:f0:50:78:e7:cc:04:da:07:66:95:37:16:d9:
02:62:8a:3f:76:f3:ff:3b:4b:4a:cb:9e:0e:04:69:d4:ac:ae:
6d:71:0d:a6:a5:df:7f:ae:67:5f:84:de:6f:42:1e:02:b9:17:
09:fe:28:ae:f3:2e:8b:9d:d1:f2:5c:f9:95:27:eb:7e:79:2f:
0f:fa:98:12:9e:52:1d:34:7a:27:b0:ec:03:37:d7:9e:32:7d:
7a:57:ae:4d:b7:3b:95:92:08:da:a6:55:62:5b:a7:5d:c5:e3:
92:96:5e:8e:0d:06:38:5c:d8:8b:ef:d6:b5:df:19:d8:0e:fb:
e6:d4:7a:b1:ec:b2:10:d1:df:5b:eb:3e:94:9d:45:e3:95:82:
5b:02:aa:c4:68:9e:44:0d:11:cd:df:27:c7:00:ac:d9:8f:93:
0e:21:d3:80:85:4d:83:75:f1:6e:46:eb:db:26:f4:fc:c0:21:
8b:38:73:65:2a:bd:30:75:76:5b:50:f4:eb:3d:76:55:2e:e0:
d7:c0:9b:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8bCVQRa+MN5u+QFyvbZAAMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYTA1Y2IyOTY3MWQzMGE1N2EzZTg0NDRmNDFmZTAzNGNm
NzUyMzEwHhcNMjQwNDI2MTUzMjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWMxNjhiOWE3OGM3NmEzNjRjYjQwYTg0NWVmYjgyODAwYzlmZTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwONKA7EfcHm2WZvgCYVYzSywoQg5
Cbr6ZDWnP/D5tx/oed4emnQ2ini2wrMP9LYxHydlFoG/FCDtGhxJHtchpClu1qWd
xbAbU2FChtJi/f65TS2WggnCMjBob5TPOpnPCemNKbpzCt09hJXPO2wzfj145m0O
rkYDNznx2ClzAVsIr/Q21welQNjjh1E4bOsAM99VNz+6nOVgBJV9tgF8qYWYgIoJ
wRuTRX31ByLAd0Iy+35mzHJT4s9oazs0RVDko/20a69NIlU5RMzTotYbj05tiXlJ
4M1a3lOtPeUBgoGHbW83RviNe9iuBAWi/qpSrc13MT9S8ZJyfbyqrNxwcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOXBaLmnjHajZMtAqEXvuCgAyf5YMB8GA1UdIwQY
MBaAFDugXLKWcdMKV6PoRE9B/gNM91IxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzZCY3NwWngwd3BYby1oRVQwSC1BMHozVWpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8wOWVjODMtODVlMi00ZTljLWE3OWMt
NGM5NTlmNjA3N2EwLzEvNWNGb3VhZU1kcU5reTBDb1JlLTRLQURKX2xnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8wOWVjODMtODVlMi00ZTljLWE3OWMtNGM5NTlmNjA3N2Ew
LzEvTzZCY3NwWngwd3BYby1oRVQwSC1BMHozVWpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABSrCMA0G
CSqGSIb3DQEBCwUAA4IBAQC1x+N9AxwmrtThxJ1CluIoX255RpGF9L3DLfscODTo
mQOd27c6IiprbzXffzbXIe/1lyX/JfBy+/RzjvBQeOfMBNoHZpU3FtkCYoo/dvP/
O0tKy54OBGnUrK5tcQ2mpd9/rmdfhN5vQh4CuRcJ/iiu8y6LndHyXPmVJ+t+eS8P
+pgSnlIdNHonsOwDN9eeMn16V65NtzuVkgjaplViW6ddxeOSll6ODQY4XNiL79a1
3xnYDvvm1Hqx7LIQ0d9b6z6UnUXjlYJbAqrEaJ5EDRHN3yfHAKzZj5MOIdOAhU2D
dfFuRuvbJvT8wCGLOHNlKr0wdXZbUPTrPXZVLuDXwJvm
-----END CERTIFICATE-----
Generated at Wed Apr 23 06:30:18 2025 by rpki-client