Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/cfGY58Bq97M1JmAgGZNLP0yZjig.roa
File: cfGY58Bq97M1JmAgGZNLP0yZjig.roa (raw, json)
Hash identifier: K9/4jjQI5MOcwdMLtfJzg7S2aEj6Wm4TttVBKVRZe5Y=
Subject key identifier: 71:F1:98:E7:C0:6A:F7:B3:35:26:60:20:19:93:4B:3F:4C:99:8E:28
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 0193D3A2D03A34B21EF000C8C3E5F6505DF8
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/cfGY58Bq97M1JmAgGZNLP0yZjig.roa
Signing time: Tue 17 Dec 2024 08:01:22 +0000
ROA not before: Tue 17 Dec 2024 08:01:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13174
IP address blocks: 213.87.0.0/19 maxlen: 19
213.87.0.0/21 maxlen: 21
213.87.16.0/21 maxlen: 21
213.87.24.0/21 maxlen: 21
213.87.32.0/21 maxlen: 21
213.87.32.0/23 maxlen: 23
213.87.36.0/22 maxlen: 22
213.87.44.0/22 maxlen: 22
213.87.48.0/21 maxlen: 21
213.87.48.0/22 maxlen: 22
213.87.52.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d3:a2:d0:3a:34:b2:1e:f0:00:c8:c3:e5:f6:50:5d:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Dec 17 08:01:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71f198e7c06af7b33526602019934b3f4c998e28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:da:73:b4:5d:25:2e:64:62:f5:0a:bc:18:c8:
fc:03:10:0d:44:02:ed:08:08:d4:e5:bb:df:39:2a:
2e:da:5c:ce:93:3e:af:2f:7a:de:72:5e:4d:2f:48:
a1:83:5c:bc:d7:91:83:32:db:35:32:a8:79:1f:c1:
51:09:9a:8e:0a:90:c5:b2:0d:3d:7e:1e:ae:ac:63:
d4:35:1f:7b:28:b6:65:69:b8:89:19:ac:9c:a2:aa:
ff:ff:6b:bc:66:e2:88:c3:d2:ae:1e:83:27:50:ed:
3c:98:a4:5b:a2:8a:63:4a:ab:6a:2e:90:f8:28:89:
69:cc:84:53:87:25:d1:11:82:2e:14:b0:5f:71:0f:
a2:65:77:62:21:6d:5f:0b:36:7a:52:0f:9a:a6:43:
8b:14:0a:91:42:ff:9a:2c:02:8d:eb:fb:00:49:92:
18:87:3f:da:09:75:36:6a:64:e3:da:0a:49:b8:f7:
d0:fb:6f:03:38:ba:16:87:3c:bc:92:24:43:f0:2c:
2d:2a:a1:34:5d:54:65:12:5c:54:01:71:e1:1a:0d:
75:cb:c2:8b:b9:06:63:45:fb:94:e5:92:43:29:25:
d9:ed:57:30:30:f4:1b:49:0f:45:0b:ff:da:f7:fc:
6a:7b:f2:d1:1a:e6:80:3f:e5:43:5f:97:83:dd:40:
4d:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:F1:98:E7:C0:6A:F7:B3:35:26:60:20:19:93:4B:3F:4C:99:8E:28
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/cfGY58Bq97M1JmAgGZNLP0yZjig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.87.0.0-213.87.39.255
213.87.44.0-213.87.55.255
Signature Algorithm: sha256WithRSAEncryption
40:54:15:8d:9e:e0:49:bc:9a:7c:73:72:92:4c:2a:b3:a4:c4:
0f:e5:e4:aa:d6:34:53:16:29:53:f3:b2:e8:0c:e6:c3:6d:b4:
f6:04:27:b5:0d:a4:a8:d2:4a:a8:5a:7c:94:5a:8c:24:52:1a:
c1:bd:8a:d8:4e:06:ca:ec:82:6e:d2:dc:22:11:cf:62:32:8e:
a1:e6:8e:85:05:3b:a4:c7:6f:7c:a5:da:fa:9d:cf:dc:f9:0e:
93:76:67:42:cb:02:c2:9e:bc:93:a9:88:08:c7:53:7c:0a:96:
2a:8f:44:53:da:54:04:9b:68:c3:dd:ae:fc:9c:db:50:51:47:
db:e5:0e:3a:0e:61:c7:34:02:d1:f2:ba:76:ec:91:b2:37:2d:
03:c3:20:7e:97:9f:ba:d1:c9:2b:61:ad:f2:fa:61:d3:89:14:
af:af:ae:dd:03:1d:07:64:00:07:ec:81:26:fe:b5:c6:fa:06:
4e:9b:e7:53:1a:03:dc:7b:1d:0b:83:99:1b:f7:c3:c4:97:b4:
16:a9:33:57:c6:80:9c:86:7b:08:d8:fd:ba:87:0c:dc:85:99:
60:41:7b:08:fd:cc:db:7a:40:cd:b5:30:37:49:81:3f:db:b9:
fb:0f:45:67:ca:9f:87:50:02:1f:7a:83:bc:5c:07:e3:fd:dc:
a4:e4:76:e0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZPTotA6NLIe8ADIw+X2UF34MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjQxMjE3MDgwMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWYxOThlN2MwNmFmN2IzMzUyNjYwMjAxOTkzNGIzZjRjOTk4ZTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4tpztF0lLmRi9Qq8GMj8AxANRALt
CAjU5bvfOSou2lzOkz6vL3recl5NL0ihg1y815GDMts1Mqh5H8FRCZqOCpDFsg09
fh6urGPUNR97KLZlabiJGaycoqr//2u8ZuKIw9KuHoMnUO08mKRboopjSqtqLpD4
KIlpzIRThyXREYIuFLBfcQ+iZXdiIW1fCzZ6Ug+apkOLFAqRQv+aLAKN6/sASZIY
hz/aCXU2amTj2gpJuPfQ+28DOLoWhzy8kiRD8CwtKqE0XVRlElxUAXHhGg11y8KL
uQZjRfuU5ZJDKSXZ7VcwMPQbSQ9FC//a9/xqe/LRGuaAP+VDX5eD3UBNfwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHHxmOfAavezNSZgIBmTSz9MmY4oMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvY2ZHWTU4QnE5N00xSm1BZ0daTkxQMHlaamlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAATAbMAsDAwDVVwME
A9VXIDAMAwQC1VcsAwQD1VcwMA0GCSqGSIb3DQEBCwUAA4IBAQBAVBWNnuBJvJp8
c3KSTCqzpMQP5eSq1jRTFilT87LoDObDbbT2BCe1DaSo0kqoWnyUWowkUhrBvYrY
TgbK7IJu0twiEc9iMo6h5o6FBTukx298pdr6nc/c+Q6TdmdCywLCnryTqYgIx1N8
CpYqj0RT2lQEm2jD3a78nNtQUUfb5Q46DmHHNALR8rp27JGyNy0DwyB+l5+60ckr
Ya3y+mHTiRSvr67dAx0HZAAH7IEm/rXG+gZOm+dTGgPcex0Lg5kb98PEl7QWqTNX
xoCchnsI2P26hwzchZlgQXsI/czbekDNtTA3SYE/27n7D0Vnyp+HUAIfeoO8XAfj
/dyk5Hbg
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:01:20 2025 by rpki-client