Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/eadad3-ced9-41fa-8e5f-5fbf33acd83e/1/vaz7H5_ZS3DIN7kJuhEU3pdlESo.roa
File: vaz7H5_ZS3DIN7kJuhEU3pdlESo.roa (raw, json)
Hash identifier: HmGhCDdHMCDNg+eYFNbkwjTrlwa/m7uf34hYl5wDLo4=
Subject key identifier: BD:AC:FB:1F:9F:D9:4B:70:C8:37:B9:09:BA:11:14:DE:97:65:11:2A
Certificate issuer: /CN=c8184a4505b0576058fd333059bff153ae6ead5b
Certificate serial: 01856E38CFA5676035615299ADA51877E61C
Authority key identifier: C8:18:4A:45:05:B0:57:60:58:FD:33:30:59:BF:F1:53:AE:6E:AD:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yBhKRQWwV2BY_TMwWb_xU65urVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/eadad3-ced9-41fa-8e5f-5fbf33acd83e/1/vaz7H5_ZS3DIN7kJuhEU3pdlESo.roa
Signing time: Sun 01 Jan 2023 16:44:55 +0000
ROA not before: Sun 01 Jan 2023 16:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62313
IP address blocks: 213.32.224.0/24 maxlen: 24
213.32.230.0/24 maxlen: 24
213.32.231.0/24 maxlen: 24
213.32.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:cf:a5:67:60:35:61:52:99:ad:a5:18:77:e6:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8184a4505b0576058fd333059bff153ae6ead5b
Validity
Not Before: Jan 1 16:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bdacfb1f9fd94b70c837b909ba1114de9765112a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:12:1d:8a:ba:00:79:de:c0:e7:5b:c4:72:2a:
5a:ec:e9:da:53:91:d9:48:78:23:11:6a:79:d4:bf:
af:9b:fb:aa:73:b5:33:e7:9d:64:ab:70:c5:ae:c6:
f9:ca:f0:8b:ac:17:11:d9:81:bb:4d:47:4c:93:2a:
68:53:10:9c:82:9a:40:07:40:32:c2:16:4c:f4:c4:
31:69:d0:00:81:6d:85:40:57:8d:e6:7a:2b:68:c1:
c9:2b:26:9c:03:46:19:86:0e:f3:91:57:12:33:08:
6c:dd:e7:f4:41:64:da:c6:e7:74:78:9a:61:bc:e8:
50:41:7f:a6:57:36:76:2b:ae:5b:7d:33:59:08:74:
b5:3f:f4:92:b1:d4:4d:86:71:b0:7f:96:42:d6:ff:
73:6b:b9:42:b0:44:1c:f9:33:7c:f5:10:af:3a:12:
f6:0e:ed:70:bd:07:12:ca:8a:a2:42:56:69:2a:2f:
04:de:44:f6:43:95:08:de:69:b4:df:0f:94:9e:73:
e5:2b:83:ad:a0:99:3e:76:f2:f2:d3:6a:db:4f:ef:
19:5b:0a:6f:f3:37:cc:43:fb:ae:1f:da:db:21:05:
af:73:a4:17:78:be:5a:4b:d3:f9:63:3b:cc:e5:47:
09:c5:37:8f:19:c1:5b:81:79:51:41:2e:7f:f9:eb:
10:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:AC:FB:1F:9F:D9:4B:70:C8:37:B9:09:BA:11:14:DE:97:65:11:2A
X509v3 Authority Key Identifier:
keyid:C8:18:4A:45:05:B0:57:60:58:FD:33:30:59:BF:F1:53:AE:6E:AD:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yBhKRQWwV2BY_TMwWb_xU65urVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/eadad3-ced9-41fa-8e5f-5fbf33acd83e/1/vaz7H5_ZS3DIN7kJuhEU3pdlESo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/eadad3-ced9-41fa-8e5f-5fbf33acd83e/1/yBhKRQWwV2BY_TMwWb_xU65urVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.32.224.0/24
213.32.228.0/24
213.32.230.0/23
Signature Algorithm: sha256WithRSAEncryption
01:db:94:2b:2f:0e:ca:62:3b:eb:29:07:70:aa:63:d2:71:6d:
ed:7a:b1:36:43:f1:0a:de:bd:b0:24:8a:0a:e0:02:12:e0:33:
6f:16:b0:2a:e6:a1:49:33:64:b3:b7:b8:eb:83:2c:66:35:df:
06:6d:b6:29:f5:7f:30:df:45:32:ab:61:5d:84:25:4f:eb:b6:
c4:b3:12:39:98:1d:7e:fe:a1:46:09:70:65:15:ad:a3:06:c7:
9e:94:85:7a:d8:ac:19:a2:6f:ef:0b:da:f9:ab:bc:94:1b:82:
34:9d:75:49:82:b7:4a:83:fb:67:41:aa:42:72:a0:81:35:50:
aa:bd:a6:77:d3:2d:c9:9e:45:6a:b6:23:a7:1b:67:c7:38:3d:
c7:34:7c:9d:5d:59:6f:2c:7b:58:65:53:04:2c:0b:27:a6:d5:
d4:da:3d:47:73:1b:bc:e7:3b:24:f5:cb:f0:a1:79:71:69:41:
dc:9e:8a:22:83:e8:9a:be:26:09:60:5e:bd:cc:9f:93:31:bd:
5c:d3:6b:3d:03:cd:75:50:f0:e8:02:d4:37:38:24:ce:28:bc:
2c:e3:5f:48:fc:94:6a:5d:38:c6:9f:64:57:32:38:52:e6:60:
39:5f:3e:f1:22:77:b6:1a:b2:33:cd:17:38:2c:6b:1a:f6:f5:
ab:cc:a9:3a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVuOM+lZ2A1YVKZraUYd+YcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4MTg0YTQ1MDViMDU3NjA1OGZkMzMzMDU5YmZmMTUzYWU2
ZWFkNWIwHhcNMjMwMTAxMTY0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGFjZmIxZjlmZDk0YjcwYzgzN2I5MDliYTExMTRkZTk3NjUxMTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohIdiroAed7A51vEcipa7OnaU5HZ
SHgjEWp51L+vm/uqc7Uz551kq3DFrsb5yvCLrBcR2YG7TUdMkypoUxCcgppAB0Ay
whZM9MQxadAAgW2FQFeN5noraMHJKyacA0YZhg7zkVcSMwhs3ef0QWTaxud0eJph
vOhQQX+mVzZ2K65bfTNZCHS1P/SSsdRNhnGwf5ZC1v9za7lCsEQc+TN89RCvOhL2
Du1wvQcSyoqiQlZpKi8E3kT2Q5UI3mm03w+UnnPlK4OtoJk+dvLy02rbT+8ZWwpv
8zfMQ/uuH9rbIQWvc6QXeL5aS9P5YzvM5UcJxTePGcFbgXlRQS5/+esQlwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFL2s+x+f2UtwyDe5CboRFN6XZREqMB8GA1UdIwQY
MBaAFMgYSkUFsFdgWP0zMFm/8VOubq1bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUJoS1JRV3dWMkJZX1RNd1diX3hVNjV1clZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9lYWRhZDMtY2VkOS00MWZhLThlNWYt
NWZiZjMzYWNkODNlLzEvdmF6N0g1X1pTM0RJTjdrSnVoRVUzcGRsRVNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9lYWRhZDMtY2VkOS00MWZhLThlNWYtNWZiZjMzYWNkODNl
LzEveUJoS1JRV3dWMkJZX1RNd1diX3hVNjV1clZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1SDgAwQA
1SDkAwQB1SDmMA0GCSqGSIb3DQEBCwUAA4IBAQAB25QrLw7KYjvrKQdwqmPScW3t
erE2Q/EK3r2wJIoK4AIS4DNvFrAq5qFJM2Szt7jrgyxmNd8GbbYp9X8w30Uyq2Fd
hCVP67bEsxI5mB1+/qFGCXBlFa2jBseelIV62KwZom/vC9r5q7yUG4I0nXVJgrdK
g/tnQapCcqCBNVCqvaZ30y3JnkVqtiOnG2fHOD3HNHydXVlvLHtYZVMELAsnptXU
2j1Hcxu85zsk9cvwoXlxaUHcnooig+iaviYJYF69zJ+TMb1c02s9A811UPDoAtQ3
OCTOKLws419I/JRqXTjGn2RXMjhS5mA5Xz7xIne2GrIzzRc4LGsa9vWrzKk6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:45 2024 by rpki-client on console-fra.rpki-client.org