Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/6a99dc-9555-46cd-ab2d-14655c03c033/1/8IFdFu3Nt92YITqKFpdelHZIn0M.roa
File: 8IFdFu3Nt92YITqKFpdelHZIn0M.roa (raw, json)
Hash identifier: SqNB1t1zDp9Na/rebuSd/MqBXTs3Gw7F5Czwki2hTUY=
Subject key identifier: F0:81:5D:16:ED:CD:B7:DD:98:21:3A:8A:16:97:5E:94:76:48:9F:43
Certificate issuer: /CN=70214e7eacb1d24e211e2f25fee4ad757e6c965d
Certificate serial: 018D8C451A5F961E495F6189C8FE3F7AEF44
Authority key identifier: 70:21:4E:7E:AC:B1:D2:4E:21:1E:2F:25:FE:E4:AD:75:7E:6C:96:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cCFOfqyx0k4hHi8l_uStdX5sll0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/6a99dc-9555-46cd-ab2d-14655c03c033/1/8IFdFu3Nt92YITqKFpdelHZIn0M.roa
Signing time: Fri 09 Feb 2024 05:09:15 +0000
ROA not before: Fri 09 Feb 2024 05:09:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209599
IP address blocks: 213.139.248.0/24 maxlen: 24
213.139.250.0/24 maxlen: 24
213.139.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Feb 2024 06:51:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8c:45:1a:5f:96:1e:49:5f:61:89:c8:fe:3f:7a:ef:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70214e7eacb1d24e211e2f25fee4ad757e6c965d
Validity
Not Before: Feb 9 05:09:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0815d16edcdb7dd98213a8a16975e9476489f43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:34:62:3e:86:ed:69:20:2d:72:55:ca:12:10:
05:60:ce:aa:11:10:52:94:f5:bf:11:fa:51:55:b9:
53:a9:19:3c:6d:06:45:a1:60:2e:d9:ac:47:c2:3a:
a3:65:99:8c:82:ea:d4:95:1d:1a:b8:8d:e0:29:90:
e7:5c:99:67:4a:05:22:c2:82:0f:51:a4:b1:76:05:
8a:2f:b6:dc:51:ba:90:60:88:a4:73:d9:a5:94:4b:
5e:20:cd:8f:b7:43:0a:5f:34:fc:a3:9f:67:fc:3a:
34:b3:7d:65:21:2d:0b:44:1c:be:b4:2a:1c:1d:90:
93:bc:7b:14:bf:b7:b2:3b:5d:af:13:3e:db:e3:4f:
07:da:cf:de:8c:ed:10:8b:51:a3:f3:df:fe:13:c4:
18:ca:8e:5d:07:66:36:be:da:ca:34:e7:de:40:38:
2c:5c:93:f4:46:89:a0:d1:d9:a5:23:d2:05:56:0b:
04:8f:fe:c4:b6:d4:65:ac:b8:c1:29:6c:b8:9b:8f:
04:99:3d:67:ac:7d:76:78:5c:24:08:fd:79:51:86:
0c:14:7f:61:2b:33:4d:4b:1c:59:0a:65:37:73:4c:
de:c3:1e:02:6c:f8:ea:1e:08:6b:a4:c5:11:33:fc:
4d:f7:67:6d:78:2a:2c:1d:3b:ee:1a:00:a8:9b:44:
18:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:81:5D:16:ED:CD:B7:DD:98:21:3A:8A:16:97:5E:94:76:48:9F:43
X509v3 Authority Key Identifier:
keyid:70:21:4E:7E:AC:B1:D2:4E:21:1E:2F:25:FE:E4:AD:75:7E:6C:96:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cCFOfqyx0k4hHi8l_uStdX5sll0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/6a99dc-9555-46cd-ab2d-14655c03c033/1/8IFdFu3Nt92YITqKFpdelHZIn0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/6a99dc-9555-46cd-ab2d-14655c03c033/1/cCFOfqyx0k4hHi8l_uStdX5sll0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.248.0/24
213.139.250.0/23
Signature Algorithm: sha256WithRSAEncryption
46:56:2d:d9:9a:32:2e:28:05:ae:28:17:c3:ea:e8:15:a3:4a:
6e:76:5e:c1:39:52:e3:87:17:f0:04:bb:f2:61:e0:5a:cb:18:
0b:8b:f2:cc:eb:4f:98:69:26:9d:db:0c:3c:44:66:fd:a9:56:
40:6e:67:6f:05:68:2d:40:63:a8:87:b8:57:c6:96:26:ba:42:
bf:84:2e:08:09:7f:1c:16:fe:4b:9a:56:bf:9c:5e:8e:49:c0:
14:23:d3:fd:3d:18:ea:4d:35:3e:8c:31:37:f6:d0:74:13:d1:
e0:fb:57:dc:c1:a1:38:6b:20:c1:96:3b:bf:05:6a:c7:e1:a6:
41:5e:9a:b3:08:06:d1:a1:39:71:dd:d5:b8:f5:8e:dc:40:17:
e1:bb:5b:09:8e:49:4d:07:b1:27:4b:47:f4:c1:f1:8d:fa:7f:
df:cd:b1:cf:4a:92:3d:b1:17:28:4e:a3:36:de:ae:7b:1c:bf:
4b:19:b8:11:79:6a:c0:39:fd:99:99:16:74:5a:6e:2d:e3:c0:
84:73:00:3e:7c:53:2b:ed:1e:25:c7:05:a0:6f:75:98:b5:84:
21:3a:9b:79:f0:b5:4f:d0:2f:30:e4:b6:e3:86:b8:38:ee:0e:
2f:9f:d2:09:30:a6:21:a6:d4:a6:ea:b7:c3:67:7c:f1:09:4c:
03:90:46:97
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2MRRpflh5JX2GJyP4/eu9EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMjE0ZTdlYWNiMWQyNGUyMTFlMmYyNWZlZTRhZDc1N2U2
Yzk2NWQwHhcNMjQwMjA5MDUwOTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDgxNWQxNmVkY2RiN2RkOTgyMTNhOGExNjk3NWU5NDc2NDg5ZjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDRiPobtaSAtclXKEhAFYM6qERBS
lPW/EfpRVblTqRk8bQZFoWAu2axHwjqjZZmMgurUlR0auI3gKZDnXJlnSgUiwoIP
UaSxdgWKL7bcUbqQYIikc9mllEteIM2Pt0MKXzT8o59n/Do0s31lIS0LRBy+tCoc
HZCTvHsUv7eyO12vEz7b408H2s/ejO0Qi1Gj89/+E8QYyo5dB2Y2vtrKNOfeQDgs
XJP0Romg0dmlI9IFVgsEj/7EttRlrLjBKWy4m48EmT1nrH12eFwkCP15UYYMFH9h
KzNNSxxZCmU3c0zewx4CbPjqHghrpMURM/xN92dteCosHTvuGgCom0QYowIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPCBXRbtzbfdmCE6ihaXXpR2SJ9DMB8GA1UdIwQY
MBaAFHAhTn6ssdJOIR4vJf7krXV+bJZdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0NGT2ZxeXgwazRoSGk4bF91U3RkWDVzbGwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC82YTk5ZGMtOTU1NS00NmNkLWFiMmQt
MTQ2NTVjMDNjMDMzLzEvOElGZEZ1M050OTJZSVRxS0ZwZGVsSFpJbjBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC82YTk5ZGMtOTU1NS00NmNkLWFiMmQtMTQ2NTVjMDNjMDMz
LzEvY0NGT2ZxeXgwazRoSGk4bF91U3RkWDVzbGwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1Yv4AwQB
1Yv6MA0GCSqGSIb3DQEBCwUAA4IBAQBGVi3ZmjIuKAWuKBfD6ugVo0pudl7BOVLj
hxfwBLvyYeBayxgLi/LM60+YaSad2ww8RGb9qVZAbmdvBWgtQGOoh7hXxpYmukK/
hC4ICX8cFv5Lmla/nF6OScAUI9P9PRjqTTU+jDE39tB0E9Hg+1fcwaE4ayDBlju/
BWrH4aZBXpqzCAbRoTlx3dW49Y7cQBfhu1sJjklNB7EnS0f0wfGN+n/fzbHPSpI9
sRcoTqM23q57HL9LGbgReWrAOf2ZmRZ0Wm4t48CEcwA+fFMr7R4lxwWgb3WYtYQh
Opt58LVP0C8w5Lbjhrg47g4vn9IJMKYhptSm6rfDZ3zxCUwDkEaX
-----END CERTIFICATE-----
Generated at Fri Jun 13 06:53:14 2025 by rpki-client