Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/7e28ee-c65d-4529-a47b-48633d718590/1/PHisXJQ8bqLyd014Ni39lDux4rE.roa
File: PHisXJQ8bqLyd014Ni39lDux4rE.roa (raw, json)
Hash identifier: mYpgapt+P5FkpGt0ZM31ATqptUapGW2uknkpcQSb9ds=
Subject key identifier: 3C:78:AC:5C:94:3C:6E:A2:F2:77:4D:78:36:2D:FD:94:3B:B1:E2:B1
Certificate issuer: /CN=bf107e07952c069358cd3f82aaeceb4c69483ca9
Certificate serial: 018E2C66AD212A9E08294325A81E72613084
Authority key identifier: BF:10:7E:07:95:2C:06:93:58:CD:3F:82:AA:EC:EB:4C:69:48:3C:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vxB-B5UsBpNYzT-CquzrTGlIPKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/7e28ee-c65d-4529-a47b-48633d718590/1/PHisXJQ8bqLyd014Ni39lDux4rE.roa
Signing time: Mon 11 Mar 2024 07:25:10 +0000
ROA not before: Mon 11 Mar 2024 07:25:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209835
IP address blocks: 45.149.182.0/23 maxlen: 24
151.248.20.0/22 maxlen: 24
185.185.92.0/24 maxlen: 24
185.185.93.0/24 maxlen: 24
185.185.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 May 2024 06:19:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2c:66:ad:21:2a:9e:08:29:43:25:a8:1e:72:61:30:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf107e07952c069358cd3f82aaeceb4c69483ca9
Validity
Not Before: Mar 11 07:25:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c78ac5c943c6ea2f2774d78362dfd943bb1e2b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7b:77:84:3d:39:6c:03:9a:aa:e0:c6:b5:b8:
3c:21:d9:99:86:9b:5b:77:65:65:fe:81:51:2f:75:
f2:2a:34:83:90:f9:25:b6:33:51:9c:07:f2:32:4f:
d3:b1:ec:2d:57:37:be:e5:d7:37:6b:63:a0:e2:91:
1b:ae:0b:16:85:4c:92:de:14:6b:56:ba:95:e4:c0:
bc:01:6c:7b:07:df:4a:61:99:a9:6d:67:83:92:d2:
a2:e3:51:2d:b1:d7:48:cb:69:d5:62:3d:d0:57:d5:
13:99:42:8a:4e:9a:f6:4b:65:5f:92:9b:1d:fc:33:
5f:19:75:7a:c2:7d:02:c0:80:08:56:c8:84:d9:64:
f8:22:13:57:b3:54:c7:01:e3:67:fa:f2:fe:d1:01:
c0:4a:da:5e:64:00:c1:92:d8:53:a0:5e:7f:6b:fb:
0c:61:38:c9:6a:39:3f:ee:2b:37:38:6a:3e:f9:94:
ad:f0:31:11:66:02:40:8d:f9:dc:37:83:fc:f9:e0:
fe:d8:3d:a0:68:75:19:b1:fa:7a:55:5d:c5:f9:6c:
74:a4:a5:59:c3:27:5a:eb:c4:5e:e4:58:c5:e7:7d:
c6:63:8d:98:10:09:4a:07:9c:25:3a:6f:5f:a8:61:
ab:83:0a:01:9d:a7:4a:ce:c6:53:a9:ae:e4:f6:c0:
06:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:78:AC:5C:94:3C:6E:A2:F2:77:4D:78:36:2D:FD:94:3B:B1:E2:B1
X509v3 Authority Key Identifier:
keyid:BF:10:7E:07:95:2C:06:93:58:CD:3F:82:AA:EC:EB:4C:69:48:3C:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vxB-B5UsBpNYzT-CquzrTGlIPKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7e28ee-c65d-4529-a47b-48633d718590/1/PHisXJQ8bqLyd014Ni39lDux4rE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7e28ee-c65d-4529-a47b-48633d718590/1/vxB-B5UsBpNYzT-CquzrTGlIPKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.182.0/23
151.248.20.0/22
185.185.92.0/23
185.185.95.0/24
Signature Algorithm: sha256WithRSAEncryption
40:19:1a:c5:bd:4d:c3:ae:bc:db:00:0e:5f:6f:05:95:37:4f:
3d:31:10:85:81:da:53:6f:15:02:74:ca:03:d4:61:15:3a:35:
7c:fd:98:51:42:9e:2a:f2:bb:33:ac:dd:8a:09:e5:a6:18:1c:
32:66:a0:bf:b0:d9:25:6a:f3:9a:19:62:38:fe:bf:a2:d2:0e:
58:7e:84:de:cc:99:f9:21:bd:73:30:02:42:ff:98:9c:d9:75:
0f:ed:97:3b:9a:94:db:5b:8c:93:79:fc:2a:ae:dd:13:30:4d:
3f:e4:57:ad:7f:60:75:10:39:02:92:86:2e:0e:03:d5:f2:56:
f8:02:1c:dd:bf:4c:97:d5:40:4a:fb:d2:f3:7d:89:19:d3:88:
6d:77:4d:62:34:2e:16:98:63:4e:1f:45:c5:c6:3d:ca:c4:e1:
75:a0:7f:04:7e:cc:67:0b:5e:61:50:a1:cc:4e:ce:e1:8f:40:
9e:aa:5f:77:45:d9:a4:ac:a6:47:b1:4f:77:55:e5:1b:c3:34:
21:b0:70:06:da:fe:cf:27:8e:2a:36:ec:74:aa:12:33:52:67:
89:a0:33:7c:bc:89:22:bd:b2:2f:88:bd:5f:33:b2:8c:af:72:
15:e4:25:c0:8b:ab:0f:33:9d:05:18:31:29:5b:48:a9:88:5b:
32:4a:c5:36
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY4sZq0hKp4IKUMlqB5yYTCEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmMTA3ZTA3OTUyYzA2OTM1OGNkM2Y4MmFhZWNlYjRjNjk0
ODNjYTkwHhcNMjQwMzExMDcyNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzc4YWM1Yzk0M2M2ZWEyZjI3NzRkNzgzNjJkZmQ5NDNiYjFlMmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3t3hD05bAOaquDGtbg8IdmZhptb
d2Vl/oFRL3XyKjSDkPkltjNRnAfyMk/TsewtVze+5dc3a2Og4pEbrgsWhUyS3hRr
VrqV5MC8AWx7B99KYZmpbWeDktKi41EtsddIy2nVYj3QV9UTmUKKTpr2S2Vfkpsd
/DNfGXV6wn0CwIAIVsiE2WT4IhNXs1THAeNn+vL+0QHAStpeZADBkthToF5/a/sM
YTjJajk/7is3OGo++ZSt8DERZgJAjfncN4P8+eD+2D2gaHUZsfp6VV3F+Wx0pKVZ
wyda68Re5FjF533GY42YEAlKB5wlOm9fqGGrgwoBnadKzsZTqa7k9sAGFwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDx4rFyUPG6i8ndNeDYt/ZQ7seKxMB8GA1UdIwQY
MBaAFL8QfgeVLAaTWM0/gqrs60xpSDypMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnhCLUI1VXNCcE5ZelQtQ3F1enJUR2xJUEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi83ZTI4ZWUtYzY1ZC00NTI5LWE0N2It
NDg2MzNkNzE4NTkwLzEvUEhpc1hKUThicUx5ZDAxNE5pMzlsRHV4NHJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi83ZTI4ZWUtYzY1ZC00NTI5LWE0N2ItNDg2MzNkNzE4NTkw
LzEvdnhCLUI1VXNCcE5ZelQtQ3F1enJUR2xJUEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLZW2AwQC
l/gUAwQBublcAwQAublfMA0GCSqGSIb3DQEBCwUAA4IBAQBAGRrFvU3DrrzbAA5f
bwWVN089MRCFgdpTbxUCdMoD1GEVOjV8/ZhRQp4q8rszrN2KCeWmGBwyZqC/sNkl
avOaGWI4/r+i0g5YfoTezJn5Ib1zMAJC/5ic2XUP7Zc7mpTbW4yTefwqrt0TME0/
5Fetf2B1EDkCkoYuDgPV8lb4Ahzdv0yX1UBK+9LzfYkZ04htd01iNC4WmGNOH0XF
xj3KxOF1oH8EfsxnC15hUKHMTs7hj0Ceql93RdmkrKZHsU93VeUbwzQhsHAG2v7P
J44qNux0qhIzUmeJoDN8vIkivbIviL1fM7KMr3IV5CXAi6sPM50FGDEpW0ipiFsy
SsU2
-----END CERTIFICATE-----
Generated at Thu May 2 09:25:11 2024 by rpki-client on console-ams.rpki-client.org