Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/1f3949-40cc-400a-b411-e4ea208a9a2d/1/PjX_h-X7_z_mlqWZ3mTTZrgVNWg.roa
File: PjX_h-X7_z_mlqWZ3mTTZrgVNWg.roa (raw, json)
Hash identifier: ZyHUTnyOtGRXJid6oLQRnkkWI5nX11C/Jtm260CWhvQ=
Subject key identifier: 3E:35:FF:87:E5:FB:FF:3F:E6:96:A5:99:DE:64:D3:66:B8:15:35:68
Certificate issuer: /CN=3cd5619db8d7717379956d4ea75b76db26d1c1c9
Certificate serial: 018CC56E14B4B0084169AAD5131FF161D3B9
Authority key identifier: 3C:D5:61:9D:B8:D7:71:73:79:95:6D:4E:A7:5B:76:DB:26:D1:C1:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PNVhnbjXcXN5lW1Op1t22ybRwck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/1f3949-40cc-400a-b411-e4ea208a9a2d/1/PjX_h-X7_z_mlqWZ3mTTZrgVNWg.roa
Signing time: Mon 01 Jan 2024 14:29:34 +0000
ROA not before: Mon 01 Jan 2024 14:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208479
IP address blocks: 45.92.196.0/22 maxlen: 24
2a0e:72c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:14:b4:b0:08:41:69:aa:d5:13:1f:f1:61:d3:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cd5619db8d7717379956d4ea75b76db26d1c1c9
Validity
Not Before: Jan 1 14:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e35ff87e5fbff3fe696a599de64d366b8153568
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:f7:b9:eb:ff:53:6f:f7:d7:51:25:f0:f6:5a:
38:01:6f:a7:6f:95:c3:68:99:2d:15:7f:4d:b0:41:
68:ac:8f:a3:de:c6:2a:0c:e6:c8:7a:ab:ee:0f:0b:
84:8f:cf:d0:4e:50:f6:59:e2:84:b1:6c:dd:da:0f:
32:17:b6:d4:39:db:75:5e:46:2f:db:f3:5c:a5:24:
a4:f4:fd:29:d0:f2:9c:70:48:5c:c6:16:7f:1b:4c:
87:00:a2:92:95:a4:ea:8f:84:67:92:47:4c:2e:ed:
f9:7f:b9:e5:aa:13:fc:8f:b9:3a:7b:82:91:f7:ed:
cd:b4:05:be:e7:fc:bc:77:44:3f:12:7c:7d:19:9a:
2f:c6:e4:f3:fc:3c:69:15:c3:d5:1f:a9:02:03:6d:
dd:05:d4:ba:80:02:ac:25:48:59:13:24:d7:c2:01:
ae:72:c3:70:93:7a:f2:13:b3:87:33:a9:a3:d4:f6:
df:05:89:1b:d0:e1:9b:1d:2d:5d:10:29:04:15:d5:
f6:62:30:08:25:6c:fb:c6:30:7d:52:ab:f6:56:08:
d7:fb:45:f1:c8:f7:12:3e:99:e7:e3:95:af:ae:00:
d9:46:13:ad:3f:c9:a4:84:19:72:df:c2:3a:25:7a:
5b:0a:e2:6b:f1:bd:89:8d:42:ef:66:4b:a8:7d:2a:
91:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:35:FF:87:E5:FB:FF:3F:E6:96:A5:99:DE:64:D3:66:B8:15:35:68
X509v3 Authority Key Identifier:
keyid:3C:D5:61:9D:B8:D7:71:73:79:95:6D:4E:A7:5B:76:DB:26:D1:C1:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PNVhnbjXcXN5lW1Op1t22ybRwck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/1f3949-40cc-400a-b411-e4ea208a9a2d/1/PjX_h-X7_z_mlqWZ3mTTZrgVNWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/1f3949-40cc-400a-b411-e4ea208a9a2d/1/PNVhnbjXcXN5lW1Op1t22ybRwck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.196.0/22
IPv6:
2a0e:72c0::/29
Signature Algorithm: sha256WithRSAEncryption
5a:44:f1:40:a0:59:d2:3e:19:78:22:07:cd:15:b9:78:93:88:
5b:d5:a7:ec:aa:02:b1:e0:b2:3d:e0:9c:01:be:c3:ba:36:e2:
de:13:da:0e:5b:eb:19:f0:2c:18:a8:66:b3:15:3c:19:65:a9:
f1:d0:10:ec:4a:11:9e:6a:15:53:68:bc:52:61:3d:27:41:62:
e2:6e:49:9c:92:9b:b1:77:68:af:16:62:a4:35:8f:c9:60:5d:
40:ed:d5:a8:65:d0:39:fd:a1:02:be:19:c9:76:e7:c7:ad:b0:
be:48:43:32:62:56:b0:b0:ec:f7:9c:9a:97:a3:ad:31:91:f1:
44:fd:4e:e8:e7:7f:44:9d:88:48:bc:b1:ab:8f:37:0b:78:0c:
29:ad:d8:96:3b:20:3b:4e:92:0e:88:5c:60:33:ca:b6:84:87:
1f:f7:59:99:96:57:72:07:d1:ba:72:d2:17:d1:03:fa:56:cf:
f7:0c:ae:43:90:84:9f:4c:ed:56:03:9d:73:f5:e9:57:ea:c9:
8a:45:ac:e7:49:0f:d4:e0:62:05:f7:6b:f6:51:f7:18:5c:b1:
c4:dc:58:09:5c:87:de:e7:61:56:be:00:96:fe:21:0f:a1:75:
3d:7a:1e:9d:bb:72:b4:3b:41:ae:86:fa:ad:94:6e:8a:8a:9b:
83:5f:b8:62
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFbhS0sAhBaarVEx/xYdO5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZDU2MTlkYjhkNzcxNzM3OTk1NmQ0ZWE3NWI3NmRiMjZk
MWMxYzkwHhcNMjQwMTAxMTQyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTM1ZmY4N2U1ZmJmZjNmZTY5NmE1OTlkZTY0ZDM2NmI4MTUzNTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgve56/9Tb/fXUSXw9lo4AW+nb5XD
aJktFX9NsEForI+j3sYqDObIeqvuDwuEj8/QTlD2WeKEsWzd2g8yF7bUOdt1XkYv
2/NcpSSk9P0p0PKccEhcxhZ/G0yHAKKSlaTqj4RnkkdMLu35f7nlqhP8j7k6e4KR
9+3NtAW+5/y8d0Q/Enx9GZovxuTz/DxpFcPVH6kCA23dBdS6gAKsJUhZEyTXwgGu
csNwk3ryE7OHM6mj1PbfBYkb0OGbHS1dECkEFdX2YjAIJWz7xjB9Uqv2VgjX+0Xx
yPcSPpnn45WvrgDZRhOtP8mkhBly38I6JXpbCuJr8b2JjULvZkuofSqRNwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD41/4fl+/8/5palmd5k02a4FTVoMB8GA1UdIwQY
MBaAFDzVYZ2413FzeZVtTqdbdtsm0cHJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE5WaG5ialhjWE41bFcxT3AxdDIyeWJSd2NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8xZjM5NDktNDBjYy00MDBhLWI0MTEt
ZTRlYTIwOGE5YTJkLzEvUGpYX2gtWDdfel9tbHFXWjNtVFRacmdWTldnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8xZjM5NDktNDBjYy00MDBhLWI0MTEtZTRlYTIwOGE5YTJk
LzEvUE5WaG5ialhjWE41bFcxT3AxdDIyeWJSd2NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVzEMA0E
AgACMAcDBQMqDnLAMA0GCSqGSIb3DQEBCwUAA4IBAQBaRPFAoFnSPhl4IgfNFbl4
k4hb1afsqgKx4LI94JwBvsO6NuLeE9oOW+sZ8CwYqGazFTwZZanx0BDsShGeahVT
aLxSYT0nQWLibkmckpuxd2ivFmKkNY/JYF1A7dWoZdA5/aECvhnJdufHrbC+SEMy
YlawsOz3nJqXo60xkfFE/U7o539EnYhIvLGrjzcLeAwprdiWOyA7TpIOiFxgM8q2
hIcf91mZlldyB9G6ctIX0QP6Vs/3DK5DkISfTO1WA51z9elX6smKRaznSQ/U4GIF
92v2UfcYXLHE3FgJXIfe52FWvgCW/iEPoXU9eh6du3K0O0GuhvqtlG6KipuDX7hi
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:48:32 2025 by rpki-client