Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/jZgqpqem90tXAgZCRL3UhRFRbRw.roa
File: jZgqpqem90tXAgZCRL3UhRFRbRw.roa (raw, json)
Hash identifier: e1boVwfKMTb5WtxTaA0WvQLcmDJFoXji2lWsbyXPOPU=
Subject key identifier: 8D:98:2A:A6:A7:A6:F7:4B:57:02:06:42:44:BD:D4:85:11:51:6D:1C
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018F0C1190896AFDF3B374CF3619D55E4EEB
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/jZgqpqem90tXAgZCRL3UhRFRbRw.roa
Signing time: Tue 23 Apr 2024 17:47:08 +0000
ROA not before: Tue 23 Apr 2024 17:47:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 213.209.129.0/24 maxlen: 24
213.209.143.0/24 maxlen: 24
213.209.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 19 May 2024 11:33:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0c:11:90:89:6a:fd:f3:b3:74:cf:36:19:d5:5e:4e:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Apr 23 17:47:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8d982aa6a7a6f74b5702064244bdd48511516d1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:97:35:25:22:39:32:2e:40:f1:3e:a5:7f:50:
d6:03:68:8a:32:c8:de:8b:f2:29:87:30:6b:06:48:
7c:a7:20:6b:7b:6f:d4:5a:25:28:ee:82:d0:ff:3d:
90:2d:97:a0:ce:f1:fc:dd:77:10:52:51:e1:42:9c:
35:66:ce:f8:7c:89:c3:e9:62:55:92:4a:4c:e7:60:
0e:e2:c4:b7:29:eb:4c:33:5a:e8:6a:99:4b:e2:7f:
b2:c3:5f:23:11:f5:0b:35:91:59:90:a9:e7:4a:57:
95:69:71:26:ca:86:3d:2b:64:36:19:b3:cc:bc:70:
53:d3:a6:a0:4d:c1:fe:cc:f0:33:f6:14:96:f2:20:
aa:17:a3:3b:bf:e6:13:e0:96:60:0b:8e:1a:ff:e2:
6f:cf:3e:27:ce:2b:b9:8a:e4:c2:1c:86:87:0a:2c:
00:e6:04:ba:ad:ec:1e:6b:c1:e5:df:e1:46:f1:50:
c9:03:bc:ad:03:a9:de:91:6e:63:fa:28:e2:75:a6:
70:bc:24:53:33:3e:54:df:44:d3:17:b4:31:85:5b:
eb:8c:3c:c2:44:fb:0c:57:05:68:b8:59:7b:25:3e:
35:77:f5:fd:27:7d:e6:e7:69:c0:90:c7:b5:c8:09:
11:b1:9e:13:3d:e8:af:05:ff:e0:23:82:46:ba:1b:
5b:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:98:2A:A6:A7:A6:F7:4B:57:02:06:42:44:BD:D4:85:11:51:6D:1C
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/jZgqpqem90tXAgZCRL3UhRFRbRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.209.129.0/24
213.209.143.0/24
213.209.157.0/24
Signature Algorithm: sha256WithRSAEncryption
99:ee:d6:dd:45:3e:e5:7c:8a:a5:56:8a:a1:71:b9:30:63:11:
81:14:f9:b0:f1:13:d8:e0:16:63:30:ad:e1:6f:fc:5a:b6:4d:
43:30:6b:c3:6b:93:0c:04:0c:9f:50:fb:75:6b:62:af:61:5e:
da:87:86:51:6b:e9:d9:79:de:d5:02:20:99:06:bc:6e:3e:3f:
fe:72:64:35:83:c9:29:e0:23:b4:92:0c:8b:17:35:8f:bc:59:
f3:58:1f:38:0c:ad:f8:0f:15:9f:e0:00:d4:4e:8b:c0:c9:cd:
86:84:5e:07:37:a5:7a:92:91:91:1c:87:c8:06:94:52:84:b3:
47:9f:fa:54:75:c8:36:3d:4a:d5:30:98:ac:d2:e1:06:f6:bb:
07:22:61:cc:dd:2a:d8:35:bd:c3:6c:da:7b:d8:9a:db:9f:38:
78:97:4e:11:1c:c6:73:aa:e7:f1:05:bc:8e:96:d3:43:19:73:
d0:96:d0:d6:bf:f3:dc:ac:2a:4f:9e:db:b1:ff:83:72:24:3d:
df:bc:97:9a:dc:3b:8e:10:d0:90:e3:51:1f:db:86:35:f3:c2:
b2:4b:4c:7a:b3:05:9a:49:1b:ff:ec:cb:9f:b7:7d:ce:2c:41:
4d:fc:16:4c:88:8f:da:b8:1e:02:5d:67:e6:d1:aa:bf:8f:d0:
f9:e7:3f:fb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY8MEZCJav3zs3TPNhnVXk7rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwNDIzMTc0NzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDk4MmFhNmE3YTZmNzRiNTcwMjA2NDI0NGJkZDQ4NTExNTE2ZDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5c1JSI5Mi5A8T6lf1DWA2iKMsje
i/IphzBrBkh8pyBre2/UWiUo7oLQ/z2QLZegzvH83XcQUlHhQpw1Zs74fInD6WJV
kkpM52AO4sS3KetMM1roaplL4n+yw18jEfULNZFZkKnnSleVaXEmyoY9K2Q2GbPM
vHBT06agTcH+zPAz9hSW8iCqF6M7v+YT4JZgC44a/+Jvzz4nziu5iuTCHIaHCiwA
5gS6rewea8Hl3+FG8VDJA7ytA6nekW5j+ijidaZwvCRTMz5U30TTF7QxhVvrjDzC
RPsMVwVouFl7JT41d/X9J33m52nAkMe1yAkRsZ4TPeivBf/gI4JGuhtb2QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFI2YKqanpvdLVwIGQkS91IURUW0cMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvalpncXBxZW05MHRYQWdaQ1JMM1VoUkZSYlJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1dGBAwQA
1dGPAwQA1dGdMA0GCSqGSIb3DQEBCwUAA4IBAQCZ7tbdRT7lfIqlVoqhcbkwYxGB
FPmw8RPY4BZjMK3hb/xatk1DMGvDa5MMBAyfUPt1a2KvYV7ah4ZRa+nZed7VAiCZ
BrxuPj/+cmQ1g8kp4CO0kgyLFzWPvFnzWB84DK34DxWf4ADUTovAyc2GhF4HN6V6
kpGRHIfIBpRShLNHn/pUdcg2PUrVMJis0uEG9rsHImHM3SrYNb3DbNp72Jrbnzh4
l04RHMZzqufxBbyOltNDGXPQltDWv/PcrCpPntux/4NyJD3fvJea3DuOENCQ41Ef
24Y188KyS0x6swWaSRv/7Muft33OLEFN/BZMiI/auB4CXWfm0aq/j9D55z/7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:03 2024 by rpki-client on console-fra.rpki-client.org