Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/4bzbblWU0EwkH_-RxEAS-a5BqDU.roa
File: 4bzbblWU0EwkH_-RxEAS-a5BqDU.roa (raw, json)
Hash identifier: dk4aeWRs7fjc1JRbUnCAmCNS9ybmvXOxkCg6p2mvhJc=
Subject key identifier: E1:BC:DB:6E:55:94:D0:4C:24:1F:FF:91:C4:40:12:F9:AE:41:A8:35
Certificate issuer: /CN=c27358682df3df8bdc7024507f92ecfc5ae097bb
Certificate serial: 018CC94E35F17507623DADACCF2E8C76C9F9
Authority key identifier: C2:73:58:68:2D:F3:DF:8B:DC:70:24:50:7F:92:EC:FC:5A:E0:97:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wnNYaC3z34vccCRQf5Ls_Frgl7s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/4bzbblWU0EwkH_-RxEAS-a5BqDU.roa
Signing time: Tue 02 Jan 2024 08:33:15 +0000
ROA not before: Tue 02 Jan 2024 08:33:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48729
IP address blocks: 213.193.232.0/24 maxlen: 24
213.193.212.0/24 maxlen: 24
213.193.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:35:f1:75:07:62:3d:ad:ac:cf:2e:8c:76:c9:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c27358682df3df8bdc7024507f92ecfc5ae097bb
Validity
Not Before: Jan 2 08:33:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e1bcdb6e5594d04c241fff91c44012f9ae41a835
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:f5:ed:67:80:8b:ca:06:32:bc:e9:d9:88:36:
fa:82:e1:bd:15:3f:fe:eb:c1:1b:b6:3e:b4:4f:12:
9d:d2:13:f4:c3:a4:06:b7:74:ac:03:02:0e:e6:30:
e9:4f:7b:c4:36:ae:ac:f1:90:19:5e:f2:e2:8e:e3:
bc:8c:5f:4b:10:6b:7e:84:09:a9:7a:e7:c2:77:c0:
82:69:af:ee:07:87:e7:12:b8:a0:d1:bf:19:5f:9e:
e0:61:d7:17:59:02:7f:d6:c1:be:7b:9c:df:71:10:
46:27:d5:90:9b:41:c3:15:43:d1:77:df:f6:f2:7a:
57:a0:5a:cb:38:18:50:14:ba:f6:76:31:16:f1:f1:
3f:d5:94:04:2a:8c:af:a6:2b:d4:7d:3e:87:36:21:
8c:a8:d3:0a:a0:cc:de:92:21:98:98:3e:13:b7:fa:
ad:b4:8e:cd:d1:67:89:27:9f:2a:32:e5:61:9b:5f:
8a:3b:8e:ad:e0:40:63:27:23:4a:44:ab:18:36:42:
ec:cc:78:2b:d2:13:35:bd:d2:9c:b3:f0:c1:32:4b:
f1:e3:86:bd:e2:36:cc:40:ee:43:cf:c5:d0:34:94:
a4:36:71:47:24:e9:ee:c0:d0:c3:7e:80:b1:61:21:
b2:1b:e5:94:15:64:79:f0:85:d3:fb:0b:f2:97:58:
dc:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:BC:DB:6E:55:94:D0:4C:24:1F:FF:91:C4:40:12:F9:AE:41:A8:35
X509v3 Authority Key Identifier:
keyid:C2:73:58:68:2D:F3:DF:8B:DC:70:24:50:7F:92:EC:FC:5A:E0:97:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wnNYaC3z34vccCRQf5Ls_Frgl7s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/4bzbblWU0EwkH_-RxEAS-a5BqDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/f449b3-d8a8-493e-9bd7-e88465c46186/1/wnNYaC3z34vccCRQf5Ls_Frgl7s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.193.209.0/24
213.193.212.0/24
213.193.232.0/24
Signature Algorithm: sha256WithRSAEncryption
91:02:f3:73:32:80:fb:df:a9:99:c0:37:f3:65:36:db:9e:a2:
f7:0d:d3:f7:6c:75:0a:84:72:f3:26:6c:c5:4f:e3:82:ef:08:
fd:7f:01:73:0b:60:95:49:f4:5d:58:26:45:87:dc:b7:9b:13:
c3:72:08:1c:0c:00:d0:40:a9:4f:49:7b:4f:cf:76:35:c3:a9:
43:48:b4:42:10:22:84:eb:a1:39:3d:79:30:f1:41:33:fb:89:
d0:2d:1b:03:96:c8:dc:84:e3:2f:ac:22:b1:39:c1:bd:5b:a0:
27:8d:76:a1:a6:5c:46:1e:6e:a6:78:88:af:c4:9e:69:45:04:
07:6e:30:1c:0a:eb:ef:26:b4:51:5a:44:f0:e6:70:8a:a7:7e:
55:b4:78:9e:f1:03:7c:af:3b:e3:bd:4a:d6:de:6f:d9:29:67:
87:26:a8:54:56:8a:fd:a9:b9:2d:0c:28:16:20:8e:bd:22:75:
68:63:8c:23:64:97:b7:2f:3a:eb:92:8c:46:f4:9c:71:9c:8a:
64:7a:bf:bd:6b:63:6d:02:33:8b:7a:23:31:31:a1:52:b8:7c:
4e:1b:fe:4f:70:8e:2b:40:bf:bc:6e:e9:91:b0:58:bf:b0:32:
15:5f:8b:7e:8d:36:67:35:0c:0f:93:65:be:77:ef:fc:b6:04:
5d:ea:3e:25
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJTjXxdQdiPa2szy6Mdsn5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzM1ODY4MmRmM2RmOGJkYzcwMjQ1MDdmOTJlY2ZjNWFl
MDk3YmIwHhcNMjQwMTAyMDgzMzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWJjZGI2ZTU1OTRkMDRjMjQxZmZmOTFjNDQwMTJmOWFlNDFhODM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0fXtZ4CLygYyvOnZiDb6guG9FT/+
68Ebtj60TxKd0hP0w6QGt3SsAwIO5jDpT3vENq6s8ZAZXvLijuO8jF9LEGt+hAmp
eufCd8CCaa/uB4fnErig0b8ZX57gYdcXWQJ/1sG+e5zfcRBGJ9WQm0HDFUPRd9/2
8npXoFrLOBhQFLr2djEW8fE/1ZQEKoyvpivUfT6HNiGMqNMKoMzekiGYmD4Tt/qt
tI7N0WeJJ58qMuVhm1+KO46t4EBjJyNKRKsYNkLszHgr0hM1vdKcs/DBMkvx44a9
4jbMQO5Dz8XQNJSkNnFHJOnuwNDDfoCxYSGyG+WUFWR58IXT+wvyl1jccQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOG8225VlNBMJB//kcRAEvmuQag1MB8GA1UdIwQY
MBaAFMJzWGgt89+L3HAkUH+S7Pxa4Je7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25OWWFDM3ozNHZjY0NSUWY1THNfRnJnbDdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9mNDQ5YjMtZDhhOC00OTNlLTliZDct
ZTg4NDY1YzQ2MTg2LzEvNGJ6YmJsV1UwRXdrSF8tUnhFQVMtYTVCcURVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9mNDQ5YjMtZDhhOC00OTNlLTliZDctZTg4NDY1YzQ2MTg2
LzEvd25OWWFDM3ozNHZjY0NSUWY1THNfRnJnbDdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1cHRAwQA
1cHUAwQA1cHoMA0GCSqGSIb3DQEBCwUAA4IBAQCRAvNzMoD736mZwDfzZTbbnqL3
DdP3bHUKhHLzJmzFT+OC7wj9fwFzC2CVSfRdWCZFh9y3mxPDcggcDADQQKlPSXtP
z3Y1w6lDSLRCECKE66E5PXkw8UEz+4nQLRsDlsjchOMvrCKxOcG9W6AnjXahplxG
Hm6meIivxJ5pRQQHbjAcCuvvJrRRWkTw5nCKp35VtHie8QN8rzvjvUrW3m/ZKWeH
JqhUVor9qbktDCgWII69InVoY4wjZJe3LzrrkoxG9JxxnIpker+9a2NtAjOLeiMx
MaFSuHxOG/5PcI4rQL+8bumRsFi/sDIVX4t+jTZnNQwPk2W+d+/8tgRd6j4l
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:36:48 2025 by rpki-client