Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/phum2vKJ-BGt8MGXVbtpwPZn9zo.roa
File: phum2vKJ-BGt8MGXVbtpwPZn9zo.roa (raw, json)
Hash identifier: znwmUvm+s2Qt0iwth0vVXIUKfcAl7bKudtu8utOrL1A=
Subject key identifier: A6:1B:A6:DA:F2:89:F8:11:AD:F0:C1:97:55:BB:69:C0:F6:67:F7:3A
Certificate issuer: /CN=b2c0bdafadea78dce312f862ddf42b1bd4c4f645
Certificate serial: 018CF356CBA81E2B944584F75361334A2282
Authority key identifier: B2:C0:BD:AF:AD:EA:78:DC:E3:12:F8:62:DD:F4:2B:1B:D4:C4:F6:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ssC9r63qeNzjEvhi3fQrG9TE9kU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/phum2vKJ-BGt8MGXVbtpwPZn9zo.roa
Signing time: Wed 10 Jan 2024 12:26:40 +0000
ROA not before: Wed 10 Jan 2024 12:26:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204457
IP address blocks: 45.156.31.0/24 maxlen: 24
45.156.29.0/24 maxlen: 24
45.156.30.0/24 maxlen: 24
45.94.7.0/24 maxlen: 24
45.94.5.0/24 maxlen: 24
194.29.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Oct 2024 06:04:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f3:56:cb:a8:1e:2b:94:45:84:f7:53:61:33:4a:22:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2c0bdafadea78dce312f862ddf42b1bd4c4f645
Validity
Not Before: Jan 10 12:26:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a61ba6daf289f811adf0c19755bb69c0f667f73a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:e6:da:19:bd:80:7b:c8:c6:b9:29:f9:d1:e1:
1f:f2:49:80:31:29:76:30:d2:c8:2e:c4:cb:12:05:
c6:92:14:f5:da:ad:34:7a:3e:0b:0b:cd:9a:c7:be:
84:90:2f:2e:55:7e:dc:cd:64:8e:42:f0:df:9e:a0:
3b:98:20:ca:30:9d:3f:1b:59:7d:39:7c:ee:ad:05:
0d:f8:7d:fe:0e:67:7f:3e:01:e4:f2:c0:2e:4c:d1:
34:9f:6c:67:1f:8e:f8:a3:de:99:30:08:19:a7:da:
de:63:04:b4:65:a5:08:20:61:ef:8e:f7:01:4a:a3:
d9:47:97:90:82:2e:dc:ed:75:a2:9d:f1:cd:d7:df:
73:ed:11:72:4e:f4:52:52:55:b1:4c:fd:77:ad:c6:
d1:3d:e4:92:93:f4:64:d0:b2:de:d8:05:d0:c6:a3:
fb:38:ac:66:86:24:ba:5e:5d:67:ec:dd:53:40:43:
bd:ec:27:84:15:7d:08:cf:ea:7c:96:f1:e2:23:b4:
63:79:84:fe:cb:0e:86:00:fc:86:3d:e0:ed:b5:42:
59:56:5f:5a:d8:47:ba:16:f4:b8:41:4f:93:55:ad:
62:81:c3:47:ea:25:95:0d:ae:c0:5a:83:8a:1d:0d:
17:c6:1b:8b:9c:50:6e:46:92:7d:e4:76:59:b8:31:
1c:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:1B:A6:DA:F2:89:F8:11:AD:F0:C1:97:55:BB:69:C0:F6:67:F7:3A
X509v3 Authority Key Identifier:
keyid:B2:C0:BD:AF:AD:EA:78:DC:E3:12:F8:62:DD:F4:2B:1B:D4:C4:F6:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ssC9r63qeNzjEvhi3fQrG9TE9kU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/phum2vKJ-BGt8MGXVbtpwPZn9zo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/ssC9r63qeNzjEvhi3fQrG9TE9kU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.5.0/24
45.94.7.0/24
45.156.29.0-45.156.31.255
194.29.55.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:86:28:77:e1:52:fc:39:d4:5d:5e:39:12:ce:b9:bc:71:10:
15:96:f2:5c:a7:53:07:44:97:99:2b:9a:2f:91:0d:89:85:72:
7a:c5:e8:49:11:96:64:ef:65:bd:c6:0f:94:1b:e0:f8:ae:a3:
6d:dc:5b:f5:8d:50:5e:82:1f:da:93:1a:27:16:c7:fb:7d:ee:
85:ad:0f:e4:7e:b5:40:73:0b:eb:b5:ce:24:90:0b:7e:6d:4c:
08:e2:ac:48:2c:0a:67:61:5c:5d:31:f0:7a:26:6f:94:81:61:
ad:5d:88:0f:2e:40:67:41:dd:4b:10:f4:49:0c:ad:a1:25:0d:
6e:95:26:e4:38:f9:05:24:ea:b3:97:c0:00:04:f7:79:75:e7:
1e:5e:50:f2:10:9b:cc:a6:c2:70:d3:3f:e9:ef:63:d2:9f:52:
06:5b:4f:e4:0a:25:e0:78:b5:f7:89:f4:bb:fa:99:8a:c1:41:
bc:08:56:4e:28:03:4e:c0:a2:89:04:ad:64:3b:9a:b7:07:dc:
d4:30:7a:ef:c1:c7:cd:6e:94:f2:13:34:b3:a0:32:2e:90:64:
29:b8:55:c5:37:76:12:ba:62:48:19:aa:64:87:05:fa:0a:f0:
4d:6f:91:98:7a:50:c6:12:5c:d2:fc:a5:74:3b:7d:d9:9f:5a:
04:61:81:41
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzzVsuoHiuURYT3U2EzSiKCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYzBiZGFmYWRlYTc4ZGNlMzEyZjg2MmRkZjQyYjFiZDRj
NGY2NDUwHhcNMjQwMTEwMTIyNjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjFiYTZkYWYyODlmODExYWRmMGMxOTc1NWJiNjljMGY2NjdmNzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhebaGb2Ae8jGuSn50eEf8kmAMSl2
MNLILsTLEgXGkhT12q00ej4LC82ax76EkC8uVX7czWSOQvDfnqA7mCDKMJ0/G1l9
OXzurQUN+H3+Dmd/PgHk8sAuTNE0n2xnH474o96ZMAgZp9reYwS0ZaUIIGHvjvcB
SqPZR5eQgi7c7XWinfHN199z7RFyTvRSUlWxTP13rcbRPeSSk/Rk0LLe2AXQxqP7
OKxmhiS6Xl1n7N1TQEO97CeEFX0Iz+p8lvHiI7RjeYT+yw6GAPyGPeDttUJZVl9a
2Ee6FvS4QU+TVa1igcNH6iWVDa7AWoOKHQ0XxhuLnFBuRpJ95HZZuDEcBwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKYbptryifgRrfDBl1W7acD2Z/c6MB8GA1UdIwQY
MBaAFLLAva+t6njc4xL4Yt30KxvUxPZFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3NDOXI2M3FlTnpqRXZoaTNmUXJHOVRFOWtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8xZjM3MTItY2YyYy00ODZlLTk1YjMt
ZmNjMzM2ZWVkOGQ3LzEvcGh1bTJ2S0otQkd0OE1HWFZidHB3UFpuOXpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8xZjM3MTItY2YyYy00ODZlLTk1YjMtZmNjMzM2ZWVkOGQ3
LzEvc3NDOXI2M3FlTnpqRXZoaTNmUXJHOVRFOWtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALV4FAwQA
LV4HMAwDBAAtnB0DBAUtnAADBADCHTcwDQYJKoZIhvcNAQELBQADggEBADqGKHfh
Uvw51F1eORLOubxxEBWW8lynUwdEl5krmi+RDYmFcnrF6EkRlmTvZb3GD5Qb4Piu
o23cW/WNUF6CH9qTGicWx/t97oWtD+R+tUBzC+u1ziSQC35tTAjirEgsCmdhXF0x
8Homb5SBYa1diA8uQGdB3UsQ9EkMraElDW6VJuQ4+QUk6rOXwAAE93l15x5eUPIQ
m8ymwnDTP+nvY9KfUgZbT+QKJeB4tfeJ9Lv6mYrBQbwIVk4oA07AookErWQ7mrcH
3NQweu/Bx81ulPITNLOgMi6QZCm4VcU3dhK6YkgZqmSHBfoK8E1vkZh6UMYSXNL8
pXQ7fdmfWgRhgUE=
-----END CERTIFICATE-----
Generated at Thu Apr 17 11:22:12 2025 by rpki-client