Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/632dc0-4d2d-40c2-ab65-c38b1f9d457c/1/LlM3rXH7ER13L92vcK_l_rDF67k.roa
File: LlM3rXH7ER13L92vcK_l_rDF67k.roa (raw, json)
Hash identifier: 11l7dNzpY2CtOh9ZC3S3rT/bEIPioQk/GCiUNSvgS9w=
Subject key identifier: 2E:53:37:AD:71:FB:11:1D:77:2F:DD:AF:70:AF:E5:FE:B0:C5:EB:B9
Certificate issuer: /CN=bc35904e24db0e990495a3445e77d1136ed618d7
Certificate serial: 0193CF824B4368E2F7F3470D1D0136ADB9F4
Authority key identifier: BC:35:90:4E:24:DB:0E:99:04:95:A3:44:5E:77:D1:13:6E:D6:18:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vDWQTiTbDpkElaNEXnfRE27WGNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/632dc0-4d2d-40c2-ab65-c38b1f9d457c/1/LlM3rXH7ER13L92vcK_l_rDF67k.roa
Signing time: Mon 16 Dec 2024 12:47:22 +0000
ROA not before: Mon 16 Dec 2024 12:47:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2914
IP address blocks: 213.165.40.0/21 maxlen: 21
213.165.48.0/20 maxlen: 20
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:cf:82:4b:43:68:e2:f7:f3:47:0d:1d:01:36:ad:b9:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc35904e24db0e990495a3445e77d1136ed618d7
Validity
Not Before: Dec 16 12:47:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e5337ad71fb111d772fddaf70afe5feb0c5ebb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b0:25:e0:da:fc:61:e1:0e:05:17:40:7e:50:
05:92:a3:6c:5a:c2:ec:8b:09:99:69:b5:a7:76:3e:
94:b8:73:98:ad:3a:9a:3c:31:71:34:38:eb:96:a9:
37:44:30:5b:d9:5b:5f:91:47:0e:5b:18:46:6b:d5:
8c:47:3a:ad:47:17:f9:76:9e:f8:56:89:d8:49:48:
f5:a8:19:2c:f2:9d:ab:11:7d:95:8e:e1:a7:d4:e6:
31:ff:e0:9b:b9:40:8f:85:ac:e7:69:21:4a:13:cd:
d6:14:eb:db:03:34:41:bb:03:ce:e9:ce:e5:de:f8:
37:79:0e:ae:37:93:ec:17:ce:af:cf:48:18:66:b4:
a3:68:95:1a:63:60:af:0e:70:2c:7c:80:6b:93:85:
f9:3b:16:b2:33:b0:82:d3:a0:07:7b:22:b6:5a:1e:
a2:ae:b2:c7:10:70:00:4b:a6:fd:47:e2:0f:77:ad:
81:0c:4a:8b:19:a9:d7:60:14:fd:8c:f3:cd:a3:91:
01:f3:ee:e3:5a:e6:c9:29:68:4b:32:09:29:f5:a3:
2f:47:ef:c9:29:99:06:10:7c:b9:f1:2f:20:7b:e2:
cf:0a:d0:d4:59:55:95:c0:e9:99:5b:5a:5b:bf:17:
56:bc:3a:4f:e5:e2:b2:d3:4e:5e:98:d2:81:a0:ec:
5b:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:53:37:AD:71:FB:11:1D:77:2F:DD:AF:70:AF:E5:FE:B0:C5:EB:B9
X509v3 Authority Key Identifier:
keyid:BC:35:90:4E:24:DB:0E:99:04:95:A3:44:5E:77:D1:13:6E:D6:18:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vDWQTiTbDpkElaNEXnfRE27WGNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/632dc0-4d2d-40c2-ab65-c38b1f9d457c/1/LlM3rXH7ER13L92vcK_l_rDF67k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/632dc0-4d2d-40c2-ab65-c38b1f9d457c/1/vDWQTiTbDpkElaNEXnfRE27WGNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.165.40.0-213.165.63.255
Signature Algorithm: sha256WithRSAEncryption
37:48:d6:f1:0f:3c:3b:27:1f:b6:d7:2a:ce:82:62:c2:d0:37:
4a:a7:1f:43:e8:dd:45:99:3b:60:2a:14:80:3e:3e:72:b9:f5:
0c:ed:1e:a0:6b:1c:ae:e4:6e:9f:2f:af:44:3b:66:db:27:5c:
aa:63:56:e0:19:2d:e4:a8:75:f0:71:6d:ce:b5:4f:3c:0f:50:
5d:56:1e:61:68:82:e3:47:e4:b1:3d:89:c1:2e:53:2d:a2:73:
cc:56:60:f8:c4:0d:e2:f3:2a:be:1b:e2:4b:f6:9d:5d:f1:37:
85:28:57:2d:72:6e:c9:8b:8b:fa:44:05:c7:b6:45:6a:77:8d:
98:6d:dd:5f:46:1b:ce:65:e2:35:74:c2:c2:b1:c6:87:e4:6c:
d8:5b:c5:8c:5d:0c:a2:da:d3:1f:e9:e1:94:5e:60:68:72:54:
df:b7:46:7a:cd:57:06:12:91:33:42:a7:57:62:e4:89:2e:d2:
c1:ed:70:e3:0c:73:3b:de:04:df:2b:bd:12:b3:52:f0:af:44:
34:d0:6b:79:e0:3d:52:bf:44:d4:10:1f:e9:f1:67:87:61:25:
6e:13:85:02:e7:a3:55:2f:05:a0:c1:5f:35:70:c9:1e:70:43:
03:b9:8e:0a:d2:1e:3b:4f:f2:1e:43:34:a6:91:52:2a:04:00:
15:eb:51:7b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZPPgktDaOL380cNHQE2rbn0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjMzU5MDRlMjRkYjBlOTkwNDk1YTM0NDVlNzdkMTEzNmVk
NjE4ZDcwHhcNMjQxMjE2MTI0NzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTUzMzdhZDcxZmIxMTFkNzcyZmRkYWY3MGFmZTVmZWIwYzVlYmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrAl4Nr8YeEOBRdAflAFkqNsWsLs
iwmZabWndj6UuHOYrTqaPDFxNDjrlqk3RDBb2VtfkUcOWxhGa9WMRzqtRxf5dp74
VonYSUj1qBks8p2rEX2VjuGn1OYx/+CbuUCPhaznaSFKE83WFOvbAzRBuwPO6c7l
3vg3eQ6uN5PsF86vz0gYZrSjaJUaY2CvDnAsfIBrk4X5OxayM7CC06AHeyK2Wh6i
rrLHEHAAS6b9R+IPd62BDEqLGanXYBT9jPPNo5EB8+7jWubJKWhLMgkp9aMvR+/J
KZkGEHy58S8ge+LPCtDUWVWVwOmZW1pbvxdWvDpP5eKy005emNKBoOxb8QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFC5TN61x+xEddy/dr3Cv5f6wxeu5MB8GA1UdIwQY
MBaAFLw1kE4k2w6ZBJWjRF530RNu1hjXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkRXUVRpVGJEcGtFbGFORVhuZlJFMjdXR05jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy82MzJkYzAtNGQyZC00MGMyLWFiNjUt
YzM4YjFmOWQ0NTdjLzEvTGxNM3JYSDdFUjEzTDkydmNLX2xfckRGNjdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy82MzJkYzAtNGQyZC00MGMyLWFiNjUtYzM4YjFmOWQ0NTdj
LzEvdkRXUVRpVGJEcGtFbGFORVhuZlJFMjdXR05jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAPVpSgD
BAbVpQAwDQYJKoZIhvcNAQELBQADggEBADdI1vEPPDsnH7bXKs6CYsLQN0qnH0Po
3UWZO2AqFIA+PnK59QztHqBrHK7kbp8vr0Q7ZtsnXKpjVuAZLeSodfBxbc61TzwP
UF1WHmFoguNH5LE9icEuUy2ic8xWYPjEDeLzKr4b4kv2nV3xN4UoVy1ybsmLi/pE
Bce2RWp3jZht3V9GG85l4jV0wsKxxofkbNhbxYxdDKLa0x/p4ZReYGhyVN+3RnrN
VwYSkTNCp1di5Iku0sHtcOMMczveBN8rvRKzUvCvRDTQa3ngPVK/RNQQH+nxZ4dh
JW4ThQLno1UvBaDBXzVwyR5wQwO5jgrSHjtP8h5DNKaRUioEABXrUXs=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:03:03 2025 by rpki-client