Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/iPH4NJAA4LTAZDpk6l3G30ea1mc.roa
File: iPH4NJAA4LTAZDpk6l3G30ea1mc.roa (raw, json)
Hash identifier: 4tQxnXHJOHbBLBFrlvA3OpC8mVe94+Uoe+2A1SAFW6w=
Subject key identifier: 88:F1:F8:34:90:00:E0:B4:C0:64:3A:64:EA:5D:C6:DF:47:9A:D6:67
Certificate issuer: /CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Certificate serial: 01954E454F484ED92F9ABB6872365B17F8BF
Authority key identifier: 05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/iPH4NJAA4LTAZDpk6l3G30ea1mc.roa
Signing time: Fri 28 Feb 2025 20:35:19 +0000
ROA not before: Fri 28 Feb 2025 20:35:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.11.188.0/22 maxlen: 24
45.65.114.0/24 maxlen: 24
45.154.156.0/22 maxlen: 24
188.209.131.0/24 maxlen: 24
188.209.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 28 Feb 2025 20:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4e:45:4f:48:4e:d9:2f:9a:bb:68:72:36:5b:17:f8:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Validity
Not Before: Feb 28 20:35:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=88f1f8349000e0b4c0643a64ea5dc6df479ad667
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:3d:97:fc:44:38:6b:cc:b4:86:77:0f:4b:07:
b5:e5:f6:bb:4f:cf:25:f9:61:36:bc:c4:b4:ec:81:
d6:55:cb:25:1f:6a:86:08:b8:68:08:80:52:ed:af:
d9:b4:5e:5e:e3:17:e3:12:14:1e:4e:d3:7a:f8:fa:
76:ca:74:d5:8b:cb:91:6b:71:f6:ef:09:78:ad:a9:
9e:91:64:de:18:a9:1f:79:70:2a:8a:88:c1:6b:8b:
b4:1d:8f:b4:b6:19:01:5f:73:50:29:53:6a:71:62:
98:ff:ed:21:2d:43:69:b0:9f:24:12:db:ae:1e:45:
ff:2c:70:65:9f:4f:61:ea:d0:ca:9f:41:f3:92:1d:
90:c0:3d:c0:06:e4:72:d6:9e:7b:04:80:af:88:97:
df:86:80:a1:1b:dc:3a:08:4a:93:6c:4f:0e:83:ca:
bb:6d:6e:d2:31:14:e0:d1:c2:f9:27:ac:77:b3:be:
3a:63:46:d6:e7:9b:fd:7b:32:a5:e8:c4:5b:fc:63:
d1:10:64:2e:b5:6f:08:52:aa:08:a1:51:33:87:b2:
33:24:cb:7e:b4:bc:a6:e0:98:00:1b:98:eb:53:2a:
92:93:db:70:f7:9b:10:bf:b5:fc:74:a3:1d:c6:52:
27:4a:ae:17:26:52:64:5c:15:ad:27:fb:24:78:59:
d4:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:F1:F8:34:90:00:E0:B4:C0:64:3A:64:EA:5D:C6:DF:47:9A:D6:67
X509v3 Authority Key Identifier:
keyid:05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/iPH4NJAA4LTAZDpk6l3G30ea1mc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/BR8pRi56fafrX0XaeHPxTkA_46s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.188.0/22
45.65.114.0/24
45.154.156.0/22
188.209.131.0/24
188.209.139.0/24
Signature Algorithm: sha256WithRSAEncryption
44:8a:b5:20:f0:65:c0:f3:f0:d4:db:cd:bc:1c:97:f8:26:6b:
cc:11:65:0e:d7:2c:80:85:14:87:d0:bf:25:ba:eb:00:01:87:
cb:8b:40:ac:f1:15:01:81:e7:73:6c:4d:ab:4e:4c:e1:2e:e8:
26:ca:17:0b:12:7c:c6:63:41:1d:60:15:7f:50:b6:85:1d:df:
d5:42:48:aa:36:96:46:23:ea:26:6d:b4:55:b8:ba:e2:13:6e:
46:eb:22:5b:9d:84:89:01:67:8e:ce:7e:b8:72:9e:a8:85:ca:
22:ff:2a:46:f8:d1:66:74:fc:ae:fd:18:9e:2d:08:ea:01:c4:
33:5e:f3:9b:19:1f:76:4e:54:eb:8d:c0:65:75:92:3b:c1:da:
fd:f3:4e:a7:27:d3:67:47:84:24:d9:a6:bb:1b:57:2b:c7:83:
42:1c:bb:2c:7c:4d:75:6c:fe:af:7e:78:b1:6f:09:34:5e:65:
ee:4c:4a:f2:85:e1:b1:2b:16:ea:76:59:bc:ef:da:54:1e:7c:
0f:da:43:1b:12:8d:06:c5:1d:9f:c3:27:84:6f:53:4d:65:c1:
08:4b:4c:1d:dd:1a:6b:d0:f4:78:b0:23:c9:94:49:50:d2:2e:
50:98:d8:b5:35:69:df:d5:74:3b:26:94:85:e6:f6:bc:8e:fb:
05:11:af:2d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZVORU9ITtkvmrtocjZbF/i/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MWYyOTQ2MmU3YTdkYTdlYjVmNDVkYTc4NzNmMTRlNDAz
ZmUzYWIwHhcNMjUwMjI4MjAzNTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGYxZjgzNDkwMDBlMGI0YzA2NDNhNjRlYTVkYzZkZjQ3OWFkNjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1D2X/EQ4a8y0hncPSwe15fa7T88l
+WE2vMS07IHWVcslH2qGCLhoCIBS7a/ZtF5e4xfjEhQeTtN6+Pp2ynTVi8uRa3H2
7wl4ramekWTeGKkfeXAqiojBa4u0HY+0thkBX3NQKVNqcWKY/+0hLUNpsJ8kEtuu
HkX/LHBln09h6tDKn0Hzkh2QwD3ABuRy1p57BICviJffhoChG9w6CEqTbE8Og8q7
bW7SMRTg0cL5J6x3s746Y0bW55v9ezKl6MRb/GPREGQutW8IUqoIoVEzh7IzJMt+
tLym4JgAG5jrUyqSk9tw95sQv7X8dKMdxlInSq4XJlJkXBWtJ/skeFnU9QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIjx+DSQAOC0wGQ6ZOpdxt9HmtZnMB8GA1UdIwQY
MBaAFAUfKUYuen2n619F2nhz8U5AP+OrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEt
M2Y4YjU1ZGExYWM0LzEvaVBINE5KQUE0TFRBWkRwazZsM0czMGVhMW1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEtM2Y4YjU1ZGExYWM0
LzEvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCLQu8AwQA
LUFyAwQCLZqcAwQAvNGDAwQAvNGLMA0GCSqGSIb3DQEBCwUAA4IBAQBEirUg8GXA
8/DU2828HJf4JmvMEWUO1yyAhRSH0L8luusAAYfLi0Cs8RUBgedzbE2rTkzhLugm
yhcLEnzGY0EdYBV/ULaFHd/VQkiqNpZGI+ombbRVuLriE25G6yJbnYSJAWeOzn64
cp6ohcoi/ypG+NFmdPyu/RieLQjqAcQzXvObGR92TlTrjcBldZI7wdr9806nJ9Nn
R4Qk2aa7G1crx4NCHLssfE11bP6vfnixbwk0XmXuTEryheGxKxbqdlm879pUHnwP
2kMbEo0GxR2fwyeEb1NNZcEIS0wd3Rpr0PR4sCPJlElQ0i5QmNi1NWnf1XQ7JpSF
5va8jvsFEa8t
-----END CERTIFICATE-----
Generated at Sat May 10 14:40:12 2025 by rpki-client