Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/Er3dNMnHTPknGpD6BvBEfgWznsU.roa
File: Er3dNMnHTPknGpD6BvBEfgWznsU.roa (raw, json)
Hash identifier: fK3hyT2Fqhpih987SVxP45DJd4CEvVsVeF21OdADq1E=
Subject key identifier: 12:BD:DD:34:C9:C7:4C:F9:27:1A:90:FA:06:F0:44:7E:05:B3:9E:C5
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 019424B29A6BFE2B9AF12F8D26B44077EFAC
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/Er3dNMnHTPknGpD6BvBEfgWznsU.roa
Signing time: Thu 02 Jan 2025 01:47:52 +0000
ROA not before: Thu 02 Jan 2025 01:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 213.18.208.0/22 maxlen: 24
213.18.220.0/22 maxlen: 24
217.177.8.0/22 maxlen: 24
217.177.40.0/22 maxlen: 24
217.177.44.0/22 maxlen: 24
217.177.48.0/22 maxlen: 24
217.177.52.0/22 maxlen: 24
217.177.80.0/22 maxlen: 24
217.177.84.0/22 maxlen: 24
217.180.22.0/23 maxlen: 24
217.180.40.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Jan 2025 07:52:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:9a:6b:fe:2b:9a:f1:2f:8d:26:b4:40:77:ef:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Jan 2 01:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=12bddd34c9c74cf9271a90fa06f0447e05b39ec5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ae:6e:9b:fa:75:53:7d:2c:29:7f:e7:c2:b2:
f9:6a:8b:99:31:5f:4d:67:0f:f5:34:2e:d7:12:97:
32:4a:c4:e2:99:96:e9:68:0d:5d:12:1e:d1:aa:3c:
bd:86:a6:4d:0e:88:e2:de:5e:b3:c6:69:59:9e:73:
7e:7a:41:43:6f:7a:03:96:d8:a3:60:94:32:70:6e:
1c:f4:5a:2a:dd:bc:59:6f:3a:29:78:ba:6f:8c:56:
af:a5:e1:b8:b9:d9:32:d5:cc:a8:34:39:33:15:f9:
a8:56:0c:55:3f:25:4c:bf:2d:c8:33:7b:22:38:68:
d5:44:17:88:15:27:bd:29:7b:9e:41:9e:f4:1e:48:
3e:27:92:f0:82:17:5b:6f:7b:ae:dc:e9:7c:de:66:
ec:6a:28:96:18:f3:65:60:1f:ab:d8:70:84:ec:8c:
3b:2b:ab:a6:bb:79:c8:9d:02:ce:60:85:6d:9a:f4:
29:3c:5d:f3:f9:ac:82:37:ca:17:0c:10:f2:47:96:
9a:65:0c:c1:c9:f6:5e:d0:33:dd:c0:2b:ce:d3:f3:
32:19:a9:0f:ee:69:8d:c5:e1:08:2c:71:69:66:c5:
38:d1:e7:ed:26:f5:8d:f0:84:ec:1e:b8:b5:1a:e1:
7c:15:c1:1e:f2:ef:5f:79:4d:38:73:9d:b3:39:4a:
84:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:BD:DD:34:C9:C7:4C:F9:27:1A:90:FA:06:F0:44:7E:05:B3:9E:C5
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/Er3dNMnHTPknGpD6BvBEfgWznsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.18.208.0/22
213.18.220.0/22
217.177.8.0/22
217.177.40.0-217.177.55.255
217.177.80.0/21
217.180.22.0/23
217.180.40.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:05:4c:75:76:1e:43:ce:58:69:10:e6:07:78:b9:c5:82:6a:
89:01:94:4e:de:fb:8f:81:21:ff:a4:95:f8:ce:d0:89:af:ad:
e6:46:6f:0a:a3:b5:89:fb:9f:29:c6:f3:92:18:a3:76:c3:82:
1e:d9:76:f7:1f:8f:fe:b6:a1:55:cd:5e:e0:a8:e3:05:1b:d6:
7d:f0:a7:73:a1:f7:ce:c5:46:78:f3:38:97:24:04:a4:4c:8b:
ac:50:65:f7:b7:f3:eb:7d:b7:3e:f7:4d:9e:6c:a5:0f:59:3d:
06:50:12:d6:0a:17:ba:10:d0:33:4d:33:ca:08:a7:be:f1:4b:
14:20:92:79:2b:6b:8a:eb:b3:d0:13:ce:2b:03:71:5c:b7:35:
38:54:75:67:c9:5b:2a:25:94:51:0a:46:7a:ed:2f:58:1d:bc:
7f:93:34:44:aa:98:95:55:14:f6:e7:c9:f5:2c:fc:cc:86:65:
cc:93:5d:c6:e9:55:31:3d:41:57:f7:07:0c:db:72:0d:ed:03:
b5:7a:73:8b:68:6d:1b:34:42:8c:9e:d7:a5:88:98:cd:23:c9:
0b:f9:44:ca:54:e7:a4:8f:25:68:e1:3d:6b:72:5c:77:f2:25:
46:c6:34:9e:12:23:5b:c2:5d:af:2a:9d:ed:d4:68:b7:50:18:
c6:5c:e3:e3
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZQksppr/iua8S+NJrRAd++sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwMTAyMDE0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmJkZGQzNGM5Yzc0Y2Y5MjcxYTkwZmEwNmYwNDQ3ZTA1YjM5ZWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv65um/p1U30sKX/nwrL5aouZMV9N
Zw/1NC7XEpcySsTimZbpaA1dEh7Rqjy9hqZNDoji3l6zxmlZnnN+ekFDb3oDltij
YJQycG4c9Foq3bxZbzopeLpvjFavpeG4udky1cyoNDkzFfmoVgxVPyVMvy3IM3si
OGjVRBeIFSe9KXueQZ70Hkg+J5Lwghdbb3uu3Ol83mbsaiiWGPNlYB+r2HCE7Iw7
K6umu3nInQLOYIVtmvQpPF3z+ayCN8oXDBDyR5aaZQzByfZe0DPdwCvO0/MyGakP
7mmNxeEILHFpZsU40eftJvWN8ITsHri1GuF8FcEe8u9feU04c52zOUqERwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFBK93TTJx0z5JxqQ+gbwRH4Fs57FMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvRXIzZE5NbkhUUGtuR3BENkJ2QkVmZ1d6bnNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQC1RLQAwQC
1RLcAwQC2bEIMAwDBAPZsSgDBAPZsTADBAPZsVADBAHZtBYDBALZtCgwDQYJKoZI
hvcNAQELBQADggEBAAsFTHV2HkPOWGkQ5gd4ucWCaokBlE7e+4+BIf+klfjO0Imv
reZGbwqjtYn7nynG85IYo3bDgh7Zdvcfj/62oVXNXuCo4wUb1n3wp3Oh987FRnjz
OJckBKRMi6xQZfe38+t9tz73TZ5spQ9ZPQZQEtYKF7oQ0DNNM8oIp77xSxQgknkr
a4rrs9ATzisDcVy3NThUdWfJWyollFEKRnrtL1gdvH+TNESqmJVVFPbnyfUs/MyG
ZcyTXcbpVTE9QVf3Bwzbcg3tA7V6c4tobRs0Qoye16WImM0jyQv5RMpU56SPJWjh
PWtyXHfyJUbGNJ4SI1vCXa8qne3UaLdQGMZc4+M=
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:49:45 2025 by rpki-client