Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/pHjnsh3TNDL4EersJyx5knsxL7M.roa
File: pHjnsh3TNDL4EersJyx5knsxL7M.roa (raw, json)
Hash identifier: 7E6EMPOajgLV7Sqh4AmnOmjqPlPBuWPj9AUrNOS5alI=
Subject key identifier: A4:78:E7:B2:1D:D3:34:32:F8:11:EA:EC:27:2C:79:92:7B:31:2F:B3
Certificate issuer: /CN=c12ac9b14fd261a8d2763aad417432bebc49a0d6
Certificate serial: 018CE4F3BDB79E1099FE04370BB596533D18
Authority key identifier: C1:2A:C9:B1:4F:D2:61:A8:D2:76:3A:AD:41:74:32:BE:BC:49:A0:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wSrJsU_SYajSdjqtQXQyvrxJoNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/pHjnsh3TNDL4EersJyx5knsxL7M.roa
Signing time: Sun 07 Jan 2024 17:23:48 +0000
ROA not before: Sun 07 Jan 2024 17:23:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 45.143.28.0/24 maxlen: 24
45.143.29.0/24 maxlen: 24
45.143.30.0/24 maxlen: 24
45.143.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 25 Dec 2024 09:13:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e4:f3:bd:b7:9e:10:99:fe:04:37:0b:b5:96:53:3d:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c12ac9b14fd261a8d2763aad417432bebc49a0d6
Validity
Not Before: Jan 7 17:23:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a478e7b21dd33432f811eaec272c79927b312fb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:48:7e:dc:24:5e:e6:36:17:4b:f4:f1:fb:82:
29:d8:25:ca:c3:8f:97:ad:67:a9:a7:de:9c:dc:04:
f6:d6:9a:0e:52:36:27:1a:33:5a:54:b3:bf:b9:01:
1e:0a:04:fd:d0:60:ef:de:7c:28:00:ff:7b:59:3b:
42:e2:f3:d7:13:82:15:22:13:90:58:69:77:30:0e:
bf:91:6e:52:e7:ba:1a:f4:5a:48:09:4e:75:9b:31:
a7:55:ef:aa:1b:40:9c:fe:57:c7:c0:19:e3:7a:43:
f2:55:7c:01:6e:9f:d9:f4:59:a2:77:e4:1d:3e:4f:
db:65:8f:3f:ce:04:de:b2:1b:c4:9b:b5:c4:93:83:
da:e4:cd:28:67:9c:60:4e:36:5c:cf:68:24:8b:13:
e4:7c:c4:4f:bc:3d:72:01:44:62:fb:2b:c5:c5:4e:
26:c7:54:f8:d5:61:28:f5:49:3b:3c:71:a1:ad:4f:
83:a6:8a:18:0a:3a:64:22:17:c7:ed:07:c6:44:87:
b6:f5:4d:f6:f5:1d:b8:03:5c:5d:be:b1:4c:1f:89:
92:8e:03:e0:b4:9f:66:cb:01:96:e3:67:2b:b8:b9:
a1:19:ba:bf:71:f8:09:d6:81:e8:56:30:ff:7b:ed:
f2:2d:a2:b6:92:c8:74:b5:ca:fc:ac:02:70:78:b3:
25:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:78:E7:B2:1D:D3:34:32:F8:11:EA:EC:27:2C:79:92:7B:31:2F:B3
X509v3 Authority Key Identifier:
keyid:C1:2A:C9:B1:4F:D2:61:A8:D2:76:3A:AD:41:74:32:BE:BC:49:A0:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wSrJsU_SYajSdjqtQXQyvrxJoNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/pHjnsh3TNDL4EersJyx5knsxL7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/wSrJsU_SYajSdjqtQXQyvrxJoNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.28.0/22
Signature Algorithm: sha256WithRSAEncryption
57:af:a2:5d:62:4b:77:53:49:bd:cf:43:ca:07:86:77:88:5f:
0f:6c:5e:4b:1f:5c:66:56:f3:5e:23:76:12:ad:56:3d:07:d4:
cd:f8:98:52:b6:83:95:2b:4d:de:ae:6c:a8:24:04:ae:3e:32:
d6:13:cb:95:25:66:25:27:11:5b:f8:68:78:9f:ca:db:ad:c7:
cc:fc:a7:d2:a4:3a:43:c8:e2:a2:46:e4:0d:8c:73:cc:b6:93:
d4:00:de:aa:d5:a9:fc:a6:96:07:4f:36:f4:97:55:b0:44:8f:
75:4c:92:8c:74:ba:83:ca:87:d1:1a:2e:db:de:19:c0:a1:d2:
bb:0f:b3:58:9a:a8:14:40:29:76:03:15:46:73:db:5f:17:c4:
f3:62:21:05:4f:c3:38:b6:bb:a7:16:e4:80:ed:c4:a8:39:44:
7d:5c:11:54:01:8c:dd:43:f1:7c:cb:90:20:4a:b4:4c:6b:da:
61:ee:7e:37:03:3d:45:ee:7b:f5:b5:f1:16:76:29:f4:55:12:
57:74:b7:e5:be:50:ba:d7:ed:6f:db:97:59:ee:d5:99:9a:56:
a0:28:90:ef:eb:52:4a:02:c4:77:48:66:41:60:ff:a4:88:61:
b7:eb:fa:6f:b9:82:a1:15:fa:27:d2:37:05:42:a2:9f:e7:0d:
5e:3e:99:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzk8723nhCZ/gQ3C7WWUz0YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMmFjOWIxNGZkMjYxYThkMjc2M2FhZDQxNzQzMmJlYmM0
OWEwZDYwHhcNMjQwMTA3MTcyMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDc4ZTdiMjFkZDMzNDMyZjgxMWVhZWMyNzJjNzk5MjdiMzEyZmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUh+3CRe5jYXS/Tx+4Ip2CXKw4+X
rWepp96c3AT21poOUjYnGjNaVLO/uQEeCgT90GDv3nwoAP97WTtC4vPXE4IVIhOQ
WGl3MA6/kW5S57oa9FpICU51mzGnVe+qG0Cc/lfHwBnjekPyVXwBbp/Z9Fmid+Qd
Pk/bZY8/zgTeshvEm7XEk4Pa5M0oZ5xgTjZcz2gkixPkfMRPvD1yAURi+yvFxU4m
x1T41WEo9Uk7PHGhrU+DpooYCjpkIhfH7QfGRIe29U329R24A1xdvrFMH4mSjgPg
tJ9mywGW42cruLmhGbq/cfgJ1oHoVjD/e+3yLaK2ksh0tcr8rAJweLMlxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKR457Id0zQy+BHq7CcseZJ7MS+zMB8GA1UdIwQY
MBaAFMEqybFP0mGo0nY6rUF0Mr68SaDWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1NySnNVX1NZYWpTZGpxdFFYUXl2cnhKb05ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS83MDExZGQtYzJkOS00MzQxLTkyMzYt
MjE2N2NmMDFjZjRhLzEvcEhqbnNoM1ROREw0RWVyc0p5eDVrbnN4TDdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS83MDExZGQtYzJkOS00MzQxLTkyMzYtMjE2N2NmMDFjZjRh
LzEvd1NySnNVX1NZYWpTZGpxdFFYUXl2cnhKb05ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLY8cMA0G
CSqGSIb3DQEBCwUAA4IBAQBXr6JdYkt3U0m9z0PKB4Z3iF8PbF5LH1xmVvNeI3YS
rVY9B9TN+JhStoOVK03ermyoJASuPjLWE8uVJWYlJxFb+Gh4n8rbrcfM/KfSpDpD
yOKiRuQNjHPMtpPUAN6q1an8ppYHTzb0l1WwRI91TJKMdLqDyofRGi7b3hnAodK7
D7NYmqgUQCl2AxVGc9tfF8TzYiEFT8M4trunFuSA7cSoOUR9XBFUAYzdQ/F8y5Ag
SrRMa9ph7n43Az1F7nv1tfEWdin0VRJXdLflvlC61+1v25dZ7tWZmlagKJDv61JK
AsR3SGZBYP+kiGG36/pvuYKhFfon0jcFQqKf5w1ePplU
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:21:20 2025 by rpki-client