Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/5e935b-2340-4806-b33b-faca0eb3357d/1/PXBPjGSX63pkHBaibRlHeiDB-Z0.roa
File: PXBPjGSX63pkHBaibRlHeiDB-Z0.roa (raw, json)
Hash identifier: dqOlG0hwatNmH4uMQAwVTU0TtF8OhvS95hE7fkh24FQ=
Subject key identifier: 3D:70:4F:8C:64:97:EB:7A:64:1C:16:A2:6D:19:47:7A:20:C1:F9:9D
Certificate issuer: /CN=46fbcfc13d4d5ff6d37c226f11e121204c367d17
Certificate serial: 0193AB261F73E05730395283F59AF86FAD80
Authority key identifier: 46:FB:CF:C1:3D:4D:5F:F6:D3:7C:22:6F:11:E1:21:20:4C:36:7D:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RvvPwT1NX_bTfCJvEeEhIEw2fRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/5e935b-2340-4806-b33b-faca0eb3357d/1/PXBPjGSX63pkHBaibRlHeiDB-Z0.roa
Signing time: Mon 09 Dec 2024 11:20:22 +0000
ROA not before: Mon 09 Dec 2024 11:20:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5578
IP address blocks: 185.161.174.0/24 maxlen: 24
185.161.175.0/24 maxlen: 24
2a07:c387::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ab:26:1f:73:e0:57:30:39:52:83:f5:9a:f8:6f:ad:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46fbcfc13d4d5ff6d37c226f11e121204c367d17
Validity
Not Before: Dec 9 11:20:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d704f8c6497eb7a641c16a26d19477a20c1f99d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:db:9d:65:c0:e0:c5:2a:8c:61:5c:3d:0a:73:
79:7c:2c:c3:9c:6e:03:e2:46:9b:28:b1:06:43:78:
32:f0:ca:b5:f5:d2:a1:fc:23:5d:df:7c:05:65:f1:
2b:3b:fc:ae:e8:6c:8e:95:ae:63:51:ac:e7:3d:cf:
d9:d0:25:af:8b:02:3d:61:63:1e:69:98:9c:c2:5a:
9a:65:8b:a5:29:87:f5:86:76:10:a5:71:fb:f0:d4:
8c:79:77:b9:0e:23:0c:7c:89:95:9c:78:ba:10:1d:
77:14:16:92:7f:d6:b6:9c:64:20:53:c1:37:c3:8d:
54:96:bd:83:b8:cb:ba:27:e2:41:1e:2e:c5:79:19:
ad:19:8b:d5:d7:d2:38:ca:82:9c:b6:76:b5:17:21:
91:a2:be:3a:5d:b0:84:91:c5:b7:47:10:56:00:85:
9f:ce:5d:82:ef:ff:d6:9f:ae:91:15:0f:8d:91:2d:
9a:38:09:3c:8b:94:6c:c6:2c:07:c4:ff:14:ed:c6:
cc:93:b7:29:d8:ad:04:c2:66:c8:db:96:16:b2:1a:
a6:dc:bc:d0:33:b4:11:3c:ae:32:c3:6e:81:4d:0d:
d4:87:65:f4:1d:98:4e:43:82:e4:db:ad:9a:c1:72:
e5:a2:8c:1d:17:51:d8:d8:49:6d:e4:60:8b:a2:8e:
6a:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:70:4F:8C:64:97:EB:7A:64:1C:16:A2:6D:19:47:7A:20:C1:F9:9D
X509v3 Authority Key Identifier:
keyid:46:FB:CF:C1:3D:4D:5F:F6:D3:7C:22:6F:11:E1:21:20:4C:36:7D:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RvvPwT1NX_bTfCJvEeEhIEw2fRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e935b-2340-4806-b33b-faca0eb3357d/1/PXBPjGSX63pkHBaibRlHeiDB-Z0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e935b-2340-4806-b33b-faca0eb3357d/1/RvvPwT1NX_bTfCJvEeEhIEw2fRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.174.0/23
IPv6:
2a07:c387::/32
Signature Algorithm: sha256WithRSAEncryption
3a:84:86:b5:ee:81:00:55:b4:f3:d7:be:3f:e6:da:33:fb:ff:
36:bb:e2:c6:48:29:cd:0a:de:3c:02:ca:b4:24:ec:b9:1f:87:
9c:3e:55:59:a4:0e:b1:5f:45:dd:65:89:de:c9:cc:b4:30:a9:
8f:b1:02:9f:26:c3:fc:0a:0b:f3:20:bd:38:2f:b8:f6:f7:25:
4f:d9:17:f6:c5:b3:4c:f9:ba:df:99:b8:54:85:42:d6:56:f6:
9a:49:37:fb:b7:72:a9:01:1a:36:7b:bd:83:80:34:89:22:0e:
ae:3a:b1:93:c1:d8:e7:67:df:13:80:77:08:57:e6:32:04:ee:
fd:56:79:ea:17:0c:32:eb:4b:60:03:c7:47:06:37:c8:a3:f7:
50:03:4b:0d:28:30:71:18:c4:6c:29:bc:ec:5d:0c:64:ed:7b:
d8:ac:f4:00:a9:4b:02:76:7f:2d:bc:87:89:5c:0b:58:b4:a8:
c6:7f:eb:f8:67:f4:a6:d7:92:fc:ac:7d:17:78:df:d7:7d:b4:
0d:1d:2a:be:60:fb:b0:26:ad:ea:5e:e4:a8:92:0a:bb:a6:76:
ae:2c:a9:6b:f1:64:9f:56:eb:c5:03:a9:8a:e5:f8:15:d4:f1:
9a:07:3b:01:7a:dc:f0:cf:2b:17:27:61:a7:21:66:4c:f9:0f:
ff:c6:50:43
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZOrJh9z4FcwOVKD9Zr4b62AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZmJjZmMxM2Q0ZDVmZjZkMzdjMjI2ZjExZTEyMTIwNGMz
NjdkMTcwHhcNMjQxMjA5MTEyMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDcwNGY4YzY0OTdlYjdhNjQxYzE2YTI2ZDE5NDc3YTIwYzFmOTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtudZcDgxSqMYVw9CnN5fCzDnG4D
4kabKLEGQ3gy8Mq19dKh/CNd33wFZfErO/yu6GyOla5jUaznPc/Z0CWviwI9YWMe
aZicwlqaZYulKYf1hnYQpXH78NSMeXe5DiMMfImVnHi6EB13FBaSf9a2nGQgU8E3
w41Ulr2DuMu6J+JBHi7FeRmtGYvV19I4yoKctna1FyGRor46XbCEkcW3RxBWAIWf
zl2C7//Wn66RFQ+NkS2aOAk8i5RsxiwHxP8U7cbMk7cp2K0EwmbI25YWshqm3LzQ
M7QRPK4yw26BTQ3Uh2X0HZhOQ4Lk262awXLloowdF1HY2Elt5GCLoo5qDwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD1wT4xkl+t6ZBwWom0ZR3ogwfmdMB8GA1UdIwQY
MBaAFEb7z8E9TV/203wibxHhISBMNn0XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnZ2UHdUMU5YX2JUZkNKdkVlRWhJRXcyZlJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81ZTkzNWItMjM0MC00ODA2LWIzM2It
ZmFjYTBlYjMzNTdkLzEvUFhCUGpHU1g2M3BrSEJhaWJSbEhlaURCLVowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS81ZTkzNWItMjM0MC00ODA2LWIzM2ItZmFjYTBlYjMzNTdk
LzEvUnZ2UHdUMU5YX2JUZkNKdkVlRWhJRXcyZlJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuaGuMA0E
AgACMAcDBQAqB8OHMA0GCSqGSIb3DQEBCwUAA4IBAQA6hIa17oEAVbTz174/5toz
+/82u+LGSCnNCt48Asq0JOy5H4ecPlVZpA6xX0XdZYneycy0MKmPsQKfJsP8Cgvz
IL04L7j29yVP2Rf2xbNM+brfmbhUhULWVvaaSTf7t3KpARo2e72DgDSJIg6uOrGT
wdjnZ98TgHcIV+YyBO79VnnqFwwy60tgA8dHBjfIo/dQA0sNKDBxGMRsKbzsXQxk
7XvYrPQAqUsCdn8tvIeJXAtYtKjGf+v4Z/Sm15L8rH0XeN/XfbQNHSq+YPuwJq3q
XuSokgq7pnauLKlr8WSfVuvFA6mK5fgV1PGaBzsBetzwzysXJ2GnIWZM+Q//xlBD
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:40:37 2025 by rpki-client