Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/5hWqajjqPTShxFvQaX5q9z68t3M.roa
File: 5hWqajjqPTShxFvQaX5q9z68t3M.roa (raw, json)
Hash identifier: IuU6jPwGKKofUO8vueS/7EAStTTuecelxMgm1Ym7aZY=
Subject key identifier: E6:15:AA:6A:38:EA:3D:34:A1:C4:5B:D0:69:7E:6A:F7:3E:BC:B7:73
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018CC8DFA329728245A208AF14AE3DA1E213
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/5hWqajjqPTShxFvQaX5q9z68t3M.roa
Signing time: Tue 02 Jan 2024 06:32:28 +0000
ROA not before: Tue 02 Jan 2024 06:32:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200195
IP address blocks: 185.40.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:a3:29:72:82:45:a2:08:af:14:ae:3d:a1:e2:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 2 06:32:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e615aa6a38ea3d34a1c45bd0697e6af73ebcb773
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c2:46:f3:18:87:ad:e4:e2:1c:c8:fb:d7:5b:
80:1a:98:2c:0f:3d:52:0f:6d:d8:56:92:33:6e:8c:
27:50:5f:49:83:29:24:c9:23:83:b3:ad:30:70:de:
76:dc:64:4e:9e:e0:f3:d1:92:13:ba:52:4d:ac:3d:
8a:d6:d4:ea:fd:e7:88:4f:73:62:a3:db:eb:67:95:
12:8f:bd:85:65:ca:8d:29:74:51:51:90:dd:ac:23:
c8:e3:c5:53:15:61:c1:3d:30:77:88:c3:51:eb:8d:
62:80:63:ef:89:09:aa:a7:eb:96:e5:f5:5d:d5:c2:
5d:4a:bb:f7:31:f4:03:f5:74:34:06:94:82:39:ca:
6a:0b:6c:e3:f7:ab:60:ba:f2:2f:7e:75:c4:7c:8a:
88:c4:62:d9:b2:93:34:9c:51:c5:51:ae:00:c3:1d:
c7:e1:e5:29:b7:ed:f2:c7:db:3f:29:f7:3b:ed:65:
e2:c8:93:62:1c:aa:1a:65:19:b7:ce:70:ce:a5:dc:
d5:e5:6d:e0:e7:e6:3d:cb:65:19:69:0f:1c:f7:b2:
35:73:b0:fd:59:97:79:43:c7:20:87:1f:96:e5:8c:
d0:de:9a:dc:3a:94:9b:2f:b5:e0:de:16:99:87:1a:
83:e3:68:a9:79:c9:1e:40:dc:25:71:ad:a7:e3:8b:
b9:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:15:AA:6A:38:EA:3D:34:A1:C4:5B:D0:69:7E:6A:F7:3E:BC:B7:73
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/5hWqajjqPTShxFvQaX5q9z68t3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.4.0/24
Signature Algorithm: sha256WithRSAEncryption
39:13:8c:bb:ce:90:bd:63:ba:6b:32:b5:72:02:cd:25:31:46:
60:0a:9d:cd:51:37:b4:79:bd:75:a6:84:9b:39:17:8e:79:d7:
9c:49:e3:fb:7e:cd:8a:82:6c:33:fb:5e:75:c0:53:ea:35:46:
1c:fa:3c:2a:70:cc:82:dd:f8:5d:ad:85:58:b9:7b:22:c0:95:
6c:af:4e:c7:32:ab:c4:b4:c8:c6:a4:64:c1:cc:ac:d6:55:19:
cf:45:f1:53:9e:be:75:e6:4e:ef:7f:d8:b8:5c:05:a2:0f:fa:
e0:9e:5a:c8:22:ed:1c:f7:d0:89:67:79:24:9d:bd:f2:7a:e0:
69:b3:20:5d:60:93:99:79:2a:62:b0:4e:10:8e:f6:83:12:f5:
c3:d6:e0:1e:38:af:22:0b:d6:f0:76:d0:a7:e7:06:89:d9:50:
aa:22:8a:2d:b0:cf:ed:62:85:99:4a:16:1e:25:70:0a:20:43:
10:2f:59:9e:e6:cb:76:70:70:65:4d:3a:1c:bd:30:1e:cd:10:
ee:14:9a:12:1b:be:3c:08:4c:25:ad:e1:3e:a1:1d:9b:1e:c9:
11:a9:f6:d4:7d:75:84:c9:4e:f1:6a:8d:d4:42:98:bb:fa:96:
65:06:96:cc:6e:8a:5a:a5:4f:4e:53:34:8c:00:56:7a:a3:6b:
76:79:d9:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI36MpcoJFogivFK49oeITMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwMTAyMDYzMjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjE1YWE2YTM4ZWEzZDM0YTFjNDViZDA2OTdlNmFmNzNlYmNiNzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8JG8xiHreTiHMj711uAGpgsDz1S
D23YVpIzbownUF9JgykkySODs60wcN523GROnuDz0ZITulJNrD2K1tTq/eeIT3Ni
o9vrZ5USj72FZcqNKXRRUZDdrCPI48VTFWHBPTB3iMNR641igGPviQmqp+uW5fVd
1cJdSrv3MfQD9XQ0BpSCOcpqC2zj96tguvIvfnXEfIqIxGLZspM0nFHFUa4Awx3H
4eUpt+3yx9s/Kfc77WXiyJNiHKoaZRm3znDOpdzV5W3g5+Y9y2UZaQ8c97I1c7D9
WZd5Q8cghx+W5YzQ3prcOpSbL7Xg3haZhxqD42ipeckeQNwlca2n44u5KwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOYVqmo46j00ocRb0Gl+avc+vLdzMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvNWhXcWFqanFQVFNoeEZ2UWFYNXE5ejY4dDNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSgEMA0G
CSqGSIb3DQEBCwUAA4IBAQA5E4y7zpC9Y7prMrVyAs0lMUZgCp3NUTe0eb11poSb
OReOedecSeP7fs2Kgmwz+151wFPqNUYc+jwqcMyC3fhdrYVYuXsiwJVsr07HMqvE
tMjGpGTBzKzWVRnPRfFTnr515k7vf9i4XAWiD/rgnlrIIu0c99CJZ3kknb3yeuBp
syBdYJOZeSpisE4QjvaDEvXD1uAeOK8iC9bwdtCn5waJ2VCqIootsM/tYoWZShYe
JXAKIEMQL1me5st2cHBlTTocvTAezRDuFJoSG748CEwlreE+oR2bHskRqfbUfXWE
yU7xao3UQpi7+pZlBpbMbopapU9OUzSMAFZ6o2t2edl2
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:28:23 2025 by rpki-client