Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/fphXZ4IYZTC4sEIvWJTPb2slX9c.roa
File: fphXZ4IYZTC4sEIvWJTPb2slX9c.roa (raw, json)
Hash identifier: HzuyxQ6nxxLvxdKkwq86iUV47uYXbQ8whH/TgFwCAmU=
Subject key identifier: 7E:98:57:67:82:18:65:30:B8:B0:42:2F:58:94:CF:6F:6B:25:5F:D7
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 018ED867D41172653C90E72D99196287FBF1
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/fphXZ4IYZTC4sEIvWJTPb2slX9c.roa
Signing time: Sat 13 Apr 2024 17:01:06 +0000
ROA not before: Sat 13 Apr 2024 17:01:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 45.86.158.0/24 maxlen: 24
85.117.240.0/24 maxlen: 24
193.38.249.0/24 maxlen: 24
2a09:ff00:8000::/37 maxlen: 48
2a09:ff00:8800::/37 maxlen: 48
Validation: Failed, certificate revoked on Fri 03 May 2024 19:10:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d8:67:d4:11:72:65:3c:90:e7:2d:99:19:62:87:fb:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Apr 13 17:01:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e98576782186530b8b0422f5894cf6f6b255fd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:79:b0:3c:24:a2:4d:5f:8e:70:bd:92:32:de:
7e:c2:f5:c7:88:df:7a:53:c9:81:1a:5a:05:34:e6:
db:5f:05:9a:09:f3:4e:05:d0:36:74:37:6d:86:49:
7d:ac:f5:29:2f:be:80:8b:bb:3b:e3:cb:c2:80:e0:
16:34:fc:18:51:19:d4:4f:58:a5:b5:23:35:d6:11:
1e:0f:25:6a:35:6f:a1:92:67:9d:83:83:39:f6:52:
dd:da:ff:ee:a9:63:d8:b1:02:d0:77:81:32:40:33:
a5:6c:19:58:d7:17:93:e2:ad:57:8c:0c:93:9c:80:
61:5a:c7:40:03:09:a8:02:ae:1a:13:18:80:93:65:
6f:b2:a4:b7:b9:b5:e4:6e:87:bf:50:f0:14:54:3d:
b2:02:2f:ae:ea:0f:74:2f:f8:09:eb:cd:41:d3:ff:
63:30:b1:14:52:87:4d:c4:a2:8b:3c:ae:2a:b6:46:
05:52:74:67:d1:5b:5e:ce:60:77:f2:c2:a0:f5:7a:
e8:74:0b:66:59:40:76:68:ae:9c:db:0a:2e:86:51:
6f:d2:96:a6:64:65:65:a8:a1:2c:8f:ac:64:03:86:
67:4d:cd:44:9a:5a:f4:23:34:5b:5a:2a:2b:09:c5:
3b:97:43:74:a1:42:b5:95:12:28:b1:9f:b4:b0:87:
a5:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:98:57:67:82:18:65:30:B8:B0:42:2F:58:94:CF:6F:6B:25:5F:D7
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/fphXZ4IYZTC4sEIvWJTPb2slX9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.158.0/24
85.117.240.0/24
193.38.249.0/24
IPv6:
2a09:ff00:8000::/36
Signature Algorithm: sha256WithRSAEncryption
81:79:88:54:51:4e:08:0d:b2:58:51:0a:9f:54:50:64:07:d9:
ff:21:5a:f5:1d:a2:64:95:25:e2:7e:ba:d9:da:d0:58:c1:5e:
b6:74:e2:c2:b8:c1:d9:75:da:25:c9:4f:d6:37:e1:34:f7:1e:
38:8a:7c:f1:7d:f6:c3:43:1a:85:d2:2f:4e:d0:bb:dc:dc:ef:
54:3b:df:0d:3f:92:e8:62:cb:fc:08:1a:08:f2:ff:f7:90:18:
64:b8:7a:ce:45:23:62:ed:8e:51:28:c0:bc:04:39:ab:3e:06:
7e:75:a8:83:3c:b7:d8:a9:68:0d:51:ab:77:47:45:c3:24:b1:
46:43:93:22:de:a9:29:9c:e7:cb:3d:ff:b7:a9:fe:0d:f4:6c:
ee:f7:70:b8:67:24:6c:fe:b7:27:84:7b:68:10:63:4d:69:f5:
95:1d:ad:1c:d1:e9:9b:f2:17:79:c7:ac:c4:86:c1:5a:37:ee:
f4:c1:3c:9b:21:08:4e:41:b0:2b:4c:35:78:8c:09:9d:dc:77:
09:3e:f7:3c:bb:e8:16:a0:b3:31:3d:42:df:ea:3e:7d:d1:79:
f8:5e:ac:e5:4a:a8:87:f2:1e:12:31:ae:4a:65:b4:b8:84:3a:
d7:35:cc:46:36:cf:d1:d8:3f:05:f5:a8:b9:db:04:bc:7a:7b:
a4:89:37:a1
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY7YZ9QRcmU8kOctmRlih/vxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjQwNDEzMTcwMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTk4NTc2NzgyMTg2NTMwYjhiMDQyMmY1ODk0Y2Y2ZjZiMjU1ZmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiHmwPCSiTV+OcL2SMt5+wvXHiN96
U8mBGloFNObbXwWaCfNOBdA2dDdthkl9rPUpL76Ai7s748vCgOAWNPwYURnUT1il
tSM11hEeDyVqNW+hkmedg4M59lLd2v/uqWPYsQLQd4EyQDOlbBlY1xeT4q1XjAyT
nIBhWsdAAwmoAq4aExiAk2VvsqS3ubXkboe/UPAUVD2yAi+u6g90L/gJ681B0/9j
MLEUUodNxKKLPK4qtkYFUnRn0VtezmB38sKg9XrodAtmWUB2aK6c2wouhlFv0pam
ZGVlqKEsj6xkA4ZnTc1Emlr0IzRbWiorCcU7l0N0oUK1lRIosZ+0sIeldwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFH6YV2eCGGUwuLBCL1iUz29rJV/XMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvZnBoWFo0SVlaVEM0c0VJdldKVFBiMnNsWDljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQALVaeAwQA
VXXwAwQAwSb5MA4EAgACMAgDBgQqCf8AgDANBgkqhkiG9w0BAQsFAAOCAQEAgXmI
VFFOCA2yWFEKn1RQZAfZ/yFa9R2iZJUl4n662drQWMFetnTiwrjB2XXaJclP1jfh
NPceOIp88X32w0MahdIvTtC73NzvVDvfDT+S6GLL/AgaCPL/95AYZLh6zkUjYu2O
USjAvAQ5qz4GfnWogzy32KloDVGrd0dFwySxRkOTIt6pKZznyz3/t6n+DfRs7vdw
uGckbP63J4R7aBBjTWn1lR2tHNHpm/IXecesxIbBWjfu9ME8myEITkGwK0w1eIwJ
ndx3CT73PLvoFqCzMT1C3+o+fdF5+F6s5Uqoh/IeEjGuSmW0uIQ61zXMRjbP0dg/
BfWoudsEvHp7pIk3oQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:37:59 2025 by rpki-client