Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/ir_W3W_VBWe_vnAPXPqRMrJI53E.roa
File: ir_W3W_VBWe_vnAPXPqRMrJI53E.roa (raw, json)
Hash identifier: ZtA3aFD2Ka8O2ENQFlQ0hY5UdDrqG4P/j3Cf6whXCV4=
Subject key identifier: 8A:BF:D6:DD:6F:D5:05:67:BF:BE:70:0F:5C:FA:91:32:B2:48:E7:71
Certificate issuer: /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Certificate serial: 01856F4B72D0D73F72906DFFD0F4D8897175
Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/ir_W3W_VBWe_vnAPXPqRMrJI53E.roa
Signing time: Sun 01 Jan 2023 21:44:53 +0000
ROA not before: Sun 01 Jan 2023 21:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24785
IP address blocks: 213.207.3.0/24 maxlen: 24
213.207.4.0/24 maxlen: 24
213.207.0.0/24 maxlen: 24
213.207.8.0/24 maxlen: 24
213.207.9.0/24 maxlen: 24
213.207.11.0/24 maxlen: 24
213.207.7.0/24 maxlen: 24
213.207.12.0/24 maxlen: 24
217.170.0.0/24 maxlen: 24
217.170.0.0/19 maxlen: 19
213.207.15.0/24 maxlen: 24
213.207.16.0/24 maxlen: 24
213.207.17.0/24 maxlen: 24
217.170.9.0/24 maxlen: 24
217.170.10.0/24 maxlen: 24
217.170.11.0/24 maxlen: 24
213.207.18.0/24 maxlen: 24
213.207.19.0/24 maxlen: 24
217.170.22.0/24 maxlen: 24
217.170.23.0/24 maxlen: 24
217.170.18.0/24 maxlen: 24
217.170.19.0/24 maxlen: 24
217.170.20.0/24 maxlen: 24
2a02:10::/29 maxlen: 29
2a02:10:31::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:72:d0:d7:3f:72:90:6d:ff:d0:f4:d8:89:71:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Validity
Not Before: Jan 1 21:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8abfd6dd6fd50567bfbe700f5cfa9132b248e771
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d9:e7:10:a8:f7:c2:4a:1a:ae:76:99:a2:b6:
de:f9:19:ac:19:a8:72:e1:1d:4f:ec:c3:5c:90:a0:
7f:91:85:6a:04:c6:9c:d2:1c:7f:be:d8:09:ca:16:
32:78:bb:4f:13:f2:68:93:e2:2a:0c:d2:2a:50:35:
72:ca:75:e4:b0:b3:6b:db:37:56:63:29:9d:bc:7e:
de:60:68:bf:f6:08:58:ea:2f:02:d1:91:3f:3b:39:
77:24:d6:b6:1e:7a:a6:ef:17:a9:72:e1:28:97:29:
e7:b9:a6:3f:09:cd:8f:31:65:b4:55:64:11:80:f9:
f0:42:a1:d1:0a:8b:d5:c5:fb:60:94:c8:91:dd:83:
a2:b1:3a:2a:0d:f9:07:2e:ff:eb:a7:cb:f6:5b:eb:
c3:af:1d:eb:34:cd:15:46:a7:36:ec:71:75:66:5b:
93:dd:b8:25:78:02:8d:43:65:09:09:28:96:d1:6c:
58:d8:44:0c:ab:da:e6:15:c9:a0:65:ef:6f:2d:b7:
4c:ac:fc:a0:94:57:a3:01:24:47:ce:41:14:40:e5:
64:f6:6e:a4:54:25:11:7a:81:c1:a8:70:ed:e1:55:
b9:b6:86:45:eb:94:f7:95:bb:55:d5:68:82:06:ca:
5e:1e:c3:ff:60:65:a1:c6:f0:28:2d:7c:9d:2c:2c:
33:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:BF:D6:DD:6F:D5:05:67:BF:BE:70:0F:5C:FA:91:32:B2:48:E7:71
X509v3 Authority Key Identifier:
keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/ir_W3W_VBWe_vnAPXPqRMrJI53E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.207.0.0/24
213.207.3.0-213.207.4.255
213.207.7.0-213.207.9.255
213.207.11.0-213.207.12.255
213.207.15.0-213.207.19.255
217.170.0.0/19
IPv6:
2a02:10::/29
Signature Algorithm: sha256WithRSAEncryption
59:23:94:77:00:14:e6:11:3e:22:d4:a0:cd:7d:fb:15:5b:e7:
3b:ce:4c:dd:e4:9d:b3:83:d6:6a:04:e5:b8:08:42:58:9e:19:
62:e7:ae:dc:cd:42:67:07:f6:2a:93:3b:82:51:9b:03:58:1f:
eb:b8:5d:32:f1:e9:6b:05:5b:6f:a7:39:e0:0e:e6:82:64:ce:
76:d3:da:ce:1c:5b:fe:10:b1:4c:cb:9d:c1:51:41:5a:93:1e:
6c:42:fd:87:61:8c:a8:49:53:16:47:71:be:98:6b:96:c7:df:
b6:0d:cd:43:7c:c1:31:12:22:31:06:d4:f4:73:b5:ce:e6:aa:
87:0d:ba:77:88:53:f4:cd:97:53:e7:19:94:1f:84:f1:3a:4e:
36:c8:e1:ca:9c:f9:b6:bf:d3:f3:b7:90:6b:4b:d3:19:b0:a3:
eb:c4:5d:a2:9d:0f:fa:60:18:0c:88:66:b0:84:8a:ee:13:45:
4d:29:fb:55:6a:c3:3b:db:68:5f:bf:2a:a2:fb:f7:d3:77:52:
97:4d:8d:e0:fc:11:bd:99:95:1e:5b:b2:63:11:a6:87:cc:1a:
0b:08:e7:6c:7b:72:ea:54:54:dc:ed:75:b7:31:17:45:f0:93:
d3:05:d5:41:d7:03:67:ad:bf:71:cd:79:de:d5:de:87:a8:32:
1d:9e:1f:30
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAYVvS3LQ1z9ykG3/0PTYiXF1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMWZlMzBmYzZiNGIwZDBmNmRiNGUxYmZiYmQ1MDE5NWRj
YTU3NWMwHhcNMjMwMTAxMjE0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWJmZDZkZDZmZDUwNTY3YmZiZTcwMGY1Y2ZhOTEzMmIyNDhlNzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtnnEKj3wkoarnaZorbe+RmsGahy
4R1P7MNckKB/kYVqBMac0hx/vtgJyhYyeLtPE/Jok+IqDNIqUDVyynXksLNr2zdW
YymdvH7eYGi/9ghY6i8C0ZE/Ozl3JNa2Hnqm7xepcuEolynnuaY/Cc2PMWW0VWQR
gPnwQqHRCovVxftglMiR3YOisToqDfkHLv/rp8v2W+vDrx3rNM0VRqc27HF1ZluT
3bgleAKNQ2UJCSiW0WxY2EQMq9rmFcmgZe9vLbdMrPyglFejASRHzkEUQOVk9m6k
VCUReoHBqHDt4VW5toZF65T3lbtV1WiCBspeHsP/YGWhxvAoLXydLCwzbQIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFIq/1t1v1QVnv75wD1z6kTKySOdxMB8GA1UdIwQY
MBaAFCAf4w/GtLDQ9ttOG/u9UBldyldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYt
ZmMxMjFjODAwYjMwLzEvaXJfVzNXX1ZCV2Vfdm5BUFhQcVJNckpJNTNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYtZmMxMjFjODAwYjMw
LzEvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBKBAIAATBEAwQA1c8AMAwD
BADVzwMDBADVzwQwDAMEANXPBwMEAdXPCDAMAwQA1c8LAwQA1c8MMAwDBADVzw8D
BALVzxADBAXZqgAwDQQCAAIwBwMFAyoCABAwDQYJKoZIhvcNAQELBQADggEBAFkj
lHcAFOYRPiLUoM19+xVb5zvOTN3knbOD1moE5bgIQlieGWLnrtzNQmcH9iqTO4JR
mwNYH+u4XTLx6WsFW2+nOeAO5oJkznbT2s4cW/4QsUzLncFRQVqTHmxC/YdhjKhJ
UxZHcb6Ya5bH37YNzUN8wTESIjEG1PRztc7mqocNuneIU/TNl1PnGZQfhPE6TjbI
4cqc+ba/0/O3kGtL0xmwo+vEXaKdD/pgGAyIZrCEiu4TRU0p+1VqwzvbaF+/KqL7
99N3UpdNjeD8Eb2ZlR5bsmMRpofMGgsI52x7cupUVNztdbcxF0Xwk9MF1UHXA2et
v3HNed7V3oeoMh2eHzA=
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:00 2024 by rpki-client on console-fra.rpki-client.org