Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/ph4tWqoG-OgguSgXJ6z7F58XWYQ.roa
File: ph4tWqoG-OgguSgXJ6z7F58XWYQ.roa (raw, json)
Hash identifier: HshvwfrGybgqBlI2RrbclyB8wA2QXYZVfPH0hWOueZI=
Subject key identifier: A6:1E:2D:5A:AA:06:F8:E8:20:B9:28:17:27:AC:FB:17:9F:17:59:84
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 018CC79489818434BCA2B5DAD410BC93FC84
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/ph4tWqoG-OgguSgXJ6z7F58XWYQ.roa
Signing time: Tue 02 Jan 2024 00:30:49 +0000
ROA not before: Tue 02 Jan 2024 00:30:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8452
IP address blocks: 45.85.188.0/24 maxlen: 24
2a0e:4200::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:47:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:89:81:84:34:bc:a2:b5:da:d4:10:bc:93:fc:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Jan 2 00:30:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a61e2d5aaa06f8e820b9281727acfb179f175984
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:a2:d2:c5:a9:29:7d:09:08:87:3a:d5:38:8d:
d2:85:ba:92:6e:3d:af:14:bb:00:0d:87:03:90:d4:
33:3f:55:ae:87:3d:18:90:5c:54:65:27:07:3a:82:
9e:c7:e5:bd:79:04:16:a4:61:8d:ee:b8:41:6d:e2:
74:4d:78:f0:35:3b:db:65:16:e0:f9:09:b5:22:07:
53:35:fc:e4:9a:bc:c0:b3:ab:f6:3c:d2:78:77:ae:
9d:7a:c6:e6:63:03:19:92:67:69:a9:d5:6c:61:fb:
26:85:c7:11:ec:54:f9:be:30:94:a7:41:f9:42:16:
1a:f1:38:71:42:fc:69:cc:c7:93:ef:6e:a4:58:9b:
e8:24:fc:ef:99:00:14:75:36:de:39:2a:02:3e:a8:
e2:7f:4c:c5:90:ea:b5:dd:07:9c:a0:1d:68:5f:bf:
24:ce:84:de:1d:6b:a4:5b:79:56:8b:e2:b5:d6:c6:
6b:c1:6f:af:13:96:8b:9c:0d:6a:fb:cf:1f:5e:bb:
34:78:b2:3f:23:91:8c:28:5a:44:08:fd:08:5a:dc:
1f:1e:76:08:db:2d:de:fd:78:c0:f9:80:4a:3c:9b:
c1:e6:f9:09:cb:4c:5e:8a:84:4b:b2:8f:ba:6b:c6:
9a:75:37:71:ca:78:da:5a:f2:ec:9f:3c:35:3d:1c:
9c:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:1E:2D:5A:AA:06:F8:E8:20:B9:28:17:27:AC:FB:17:9F:17:59:84
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/ph4tWqoG-OgguSgXJ6z7F58XWYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.188.0/24
IPv6:
2a0e:4200::/32
Signature Algorithm: sha256WithRSAEncryption
26:93:7f:19:fe:23:da:fd:78:4a:b3:7f:ed:15:45:f7:77:d6:
e3:75:fb:b4:c9:fc:f6:12:c8:2d:89:27:f7:27:ad:f6:34:12:
6f:33:13:e9:fb:7c:7f:65:74:f2:4d:62:78:82:11:05:0c:f1:
06:83:ef:f9:0f:12:e7:c9:97:4e:3e:73:aa:bc:06:74:ad:65:
2a:ed:4a:94:32:64:13:85:42:e7:dc:9c:9d:14:9b:9a:57:7b:
b0:d7:b1:93:13:16:54:ac:9c:f1:9d:b3:12:99:24:27:46:96:
f7:1d:ab:3c:3c:fe:15:22:f9:78:6c:12:f1:08:fb:61:fa:7d:
ea:e5:5d:38:24:70:a7:26:a1:60:fd:22:ff:02:9e:7d:0e:fd:
e3:86:db:0c:08:9c:5a:2c:4c:ac:eb:0d:11:fe:29:30:47:ad:
a2:26:06:80:54:5f:81:4a:a5:e0:d6:b2:36:f9:92:97:a9:88:
a1:49:cd:76:9d:25:37:ad:88:d9:b3:07:e6:fc:9b:4d:fe:b9:
1b:f5:c5:4d:73:ac:87:87:c4:d4:15:b9:14:53:7f:8b:89:c7:
76:a0:56:3e:02:f4:9a:82:f9:ad:3a:85:9b:ba:12:da:f4:79:
50:b4:f6:31:7e:ed:f0:b3:c2:97:58:17:51:80:4d:a4:3a:60:
60:0f:b7:ee
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHlImBhDS8orXa1BC8k/yEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk
NGYzMTgwHhcNMjQwMTAyMDAzMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjFlMmQ1YWFhMDZmOGU4MjBiOTI4MTcyN2FjZmIxNzlmMTc1OTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqLSxakpfQkIhzrVOI3ShbqSbj2v
FLsADYcDkNQzP1Wuhz0YkFxUZScHOoKex+W9eQQWpGGN7rhBbeJ0TXjwNTvbZRbg
+Qm1IgdTNfzkmrzAs6v2PNJ4d66desbmYwMZkmdpqdVsYfsmhccR7FT5vjCUp0H5
QhYa8ThxQvxpzMeT726kWJvoJPzvmQAUdTbeOSoCPqjif0zFkOq13QecoB1oX78k
zoTeHWukW3lWi+K11sZrwW+vE5aLnA1q+88fXrs0eLI/I5GMKFpECP0IWtwfHnYI
2y3e/XjA+YBKPJvB5vkJy0xeioRLso+6a8aadTdxynjaWvLsnzw1PRycawIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKYeLVqqBvjoILkoFyes+xefF1mEMB8GA1UdIwQY
MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt
NjMzNDhjZGJmMDI0LzEvcGg0dFdxb0ctT2dndVNnWEo2ejdGNThYV1lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0
LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALVW8MA0E
AgACMAcDBQAqDkIAMA0GCSqGSIb3DQEBCwUAA4IBAQAmk38Z/iPa/XhKs3/tFUX3
d9bjdfu0yfz2EsgtiSf3J632NBJvMxPp+3x/ZXTyTWJ4ghEFDPEGg+/5DxLnyZdO
PnOqvAZ0rWUq7UqUMmQThULn3JydFJuaV3uw17GTExZUrJzxnbMSmSQnRpb3Has8
PP4VIvl4bBLxCPth+n3q5V04JHCnJqFg/SL/Ap59Dv3jhtsMCJxaLEys6w0R/ikw
R62iJgaAVF+BSqXg1rI2+ZKXqYihSc12nSU3rYjZswfm/JtN/rkb9cVNc6yHh8TU
FbkUU3+Licd2oFY+AvSagvmtOoWbuhLa9HlQtPYxfu3ws8KXWBdRgE2kOmBgD7fu
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:20:56 2025 by rpki-client