Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/cbe6b7-5e13-4094-b979-2fe412e3eab4/1/PhBtzJnJbvSj95paPUvJGkJqEgE.roa
File: PhBtzJnJbvSj95paPUvJGkJqEgE.roa (raw, json)
Hash identifier: SRTcm3Rki36q0PIwh2iuYhs7G606iOAFwqP7OsummAk=
Subject key identifier: 3E:10:6D:CC:99:C9:6E:F4:A3:F7:9A:5A:3D:4B:C9:1A:42:6A:12:01
Certificate issuer: /CN=10071dab168e8e53e3cd7df5db8e0f04242e9086
Certificate serial: 01856BE58ACA268BE7D11E5F1660B7DBCD15
Authority key identifier: 10:07:1D:AB:16:8E:8E:53:E3:CD:7D:F5:DB:8E:0F:04:24:2E:90:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EAcdqxaOjlPjzX31244PBCQukIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/cbe6b7-5e13-4094-b979-2fe412e3eab4/1/PhBtzJnJbvSj95paPUvJGkJqEgE.roa
Signing time: Sun 01 Jan 2023 05:54:43 +0000
ROA not before: Sun 01 Jan 2023 05:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60776
IP address blocks: 45.155.84.0/22 maxlen: 22
2a0f:f100::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:e5:8a:ca:26:8b:e7:d1:1e:5f:16:60:b7:db:cd:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10071dab168e8e53e3cd7df5db8e0f04242e9086
Validity
Not Before: Jan 1 05:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e106dcc99c96ef4a3f79a5a3d4bc91a426a1201
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c0:43:86:a5:a2:3c:9f:95:8a:3d:36:a2:80:
4d:36:2a:8d:05:08:79:2e:5f:75:b7:95:bf:5a:93:
c4:e8:e9:18:77:f2:f4:3c:d0:e1:bc:3f:7f:6b:a0:
ce:1d:df:b0:c8:82:38:78:08:f3:61:e8:b4:c1:83:
0d:74:ac:b8:30:93:ea:e2:22:22:40:68:21:67:ab:
e1:55:18:31:7c:85:4d:53:8f:7b:f1:4a:19:d6:c3:
f9:f1:bb:17:57:37:30:d0:52:54:1f:fa:6a:4a:01:
53:43:cc:de:15:79:58:70:73:0b:b1:ed:3b:50:4b:
60:4e:8b:a6:2e:b1:cd:23:19:93:4a:fe:9d:c3:21:
02:78:ce:52:cb:7c:e6:a4:f5:50:9a:b3:49:da:3b:
2c:d9:e0:71:d0:21:c4:ec:b5:a8:64:7e:fa:78:be:
53:2e:c1:01:bd:62:26:4d:e6:79:2f:cb:bb:5c:54:
b9:45:c9:1b:52:3a:05:d3:e2:4a:c7:50:c7:1a:18:
7a:f0:e3:38:08:d7:99:63:1a:c0:fa:3a:0b:ee:9d:
e8:ca:a3:e8:c9:9a:a1:4e:59:8d:48:93:26:03:97:
38:91:0b:23:ca:5b:25:f3:77:1b:06:34:88:0a:d4:
a9:1b:f9:47:9e:a0:74:74:d7:b0:26:4e:91:b5:4e:
fc:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:10:6D:CC:99:C9:6E:F4:A3:F7:9A:5A:3D:4B:C9:1A:42:6A:12:01
X509v3 Authority Key Identifier:
keyid:10:07:1D:AB:16:8E:8E:53:E3:CD:7D:F5:DB:8E:0F:04:24:2E:90:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EAcdqxaOjlPjzX31244PBCQukIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/cbe6b7-5e13-4094-b979-2fe412e3eab4/1/PhBtzJnJbvSj95paPUvJGkJqEgE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/cbe6b7-5e13-4094-b979-2fe412e3eab4/1/EAcdqxaOjlPjzX31244PBCQukIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.84.0/22
IPv6:
2a0f:f100::/29
Signature Algorithm: sha256WithRSAEncryption
18:39:a1:82:a8:c6:aa:56:bf:b4:eb:4a:c5:bd:c2:a3:08:a8:
b2:6e:50:fc:23:55:61:33:da:19:b7:0d:fb:a7:aa:39:8f:b6:
b7:f6:15:a1:94:07:cb:51:de:77:b9:c2:1f:76:f7:d9:1f:e5:
e6:c2:7b:e3:63:a3:0c:72:1d:33:41:92:e1:df:fc:30:65:56:
92:91:f5:c5:ac:2d:d9:30:a2:8e:c1:66:16:43:1c:a6:82:73:
1d:04:9e:8c:0e:06:ec:2f:55:6a:51:7e:80:e5:a4:d6:5f:3a:
69:a4:51:d0:98:f0:a0:fb:9b:0f:e4:85:86:5c:f5:a7:42:95:
5f:43:0a:e6:f7:b1:39:49:f8:44:df:d9:4d:0a:62:ac:6e:38:
3a:df:2d:37:be:83:13:01:7e:23:f1:cd:4e:99:0f:61:62:10:
48:5a:e6:a0:4b:c4:ad:2b:d5:7e:cf:67:39:42:13:3b:4f:5c:
95:b3:95:04:81:50:31:86:11:6c:db:78:04:23:21:c0:21:f4:
55:34:d4:f1:63:3e:62:2f:7d:bd:ec:c2:be:b5:f5:01:2c:9d:
78:2d:e2:ed:6a:d1:0c:34:eb:75:c2:e9:82:11:4b:40:d7:64:
c0:99:5c:32:c4:ab:6c:36:1b:55:b3:25:35:7d:8c:97:c8:1f:
e1:cb:88:f3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVr5YrKJovn0R5fFmC3280VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMDcxZGFiMTY4ZThlNTNlM2NkN2RmNWRiOGUwZjA0MjQy
ZTkwODYwHhcNMjMwMTAxMDU1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTEwNmRjYzk5Yzk2ZWY0YTNmNzlhNWEzZDRiYzkxYTQyNmExMjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8BDhqWiPJ+Vij02ooBNNiqNBQh5
Ll91t5W/WpPE6OkYd/L0PNDhvD9/a6DOHd+wyII4eAjzYei0wYMNdKy4MJPq4iIi
QGghZ6vhVRgxfIVNU4978UoZ1sP58bsXVzcw0FJUH/pqSgFTQ8zeFXlYcHMLse07
UEtgToumLrHNIxmTSv6dwyECeM5Sy3zmpPVQmrNJ2jss2eBx0CHE7LWoZH76eL5T
LsEBvWImTeZ5L8u7XFS5RckbUjoF0+JKx1DHGhh68OM4CNeZYxrA+joL7p3oyqPo
yZqhTlmNSJMmA5c4kQsjylsl83cbBjSICtSpG/lHnqB0dNewJk6RtU78+wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD4QbcyZyW70o/eaWj1LyRpCahIBMB8GA1UdIwQY
MBaAFBAHHasWjo5T48199duODwQkLpCGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUFjZHF4YU9qbFBqelgzMTI0NFBCQ1F1a0lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jYmU2YjctNWUxMy00MDk0LWI5Nzkt
MmZlNDEyZTNlYWI0LzEvUGhCdHpKbkpidlNqOTVwYVBVdkpHa0pxRWdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jYmU2YjctNWUxMy00MDk0LWI5NzktMmZlNDEyZTNlYWI0
LzEvRUFjZHF4YU9qbFBqelgzMTI0NFBCQ1F1a0lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZtUMA0E
AgACMAcDBQMqD/EAMA0GCSqGSIb3DQEBCwUAA4IBAQAYOaGCqMaqVr+060rFvcKj
CKiyblD8I1VhM9oZtw37p6o5j7a39hWhlAfLUd53ucIfdvfZH+XmwnvjY6MMch0z
QZLh3/wwZVaSkfXFrC3ZMKKOwWYWQxymgnMdBJ6MDgbsL1VqUX6A5aTWXzpppFHQ
mPCg+5sP5IWGXPWnQpVfQwrm97E5SfhE39lNCmKsbjg63y03voMTAX4j8c1OmQ9h
YhBIWuagS8StK9V+z2c5QhM7T1yVs5UEgVAxhhFs23gEIyHAIfRVNNTxYz5iL329
7MK+tfUBLJ14LeLtatEMNOt1wumCEUtA12TAmVwyxKtsNhtVsyU1fYyXyB/hy4jz
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:45 2024 by rpki-client on console-fra.rpki-client.org