Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/_KylZnnmveruje-w_uQvZxkcSdM.roa
File: _KylZnnmveruje-w_uQvZxkcSdM.roa (raw, json)
Hash identifier: OVa/ZnWMgxtrWYzfBa92rQbgOoURdd/zIhyolVg+32o=
Subject key identifier: FC:AC:A5:66:79:E6:BD:EA:EE:8D:EF:B0:FE:E4:2F:67:19:1C:49:D3
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 0193BB1037EEAD81D8A8C0DA00E310ABC55C
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/_KylZnnmveruje-w_uQvZxkcSdM.roa
Signing time: Thu 12 Dec 2024 13:30:22 +0000
ROA not before: Thu 12 Dec 2024 13:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215523
IP address blocks: 213.18.200.0/21 maxlen: 21
213.18.240.0/23 maxlen: 23
217.180.36.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:47:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:bb:10:37:ee:ad:81:d8:a8:c0:da:00:e3:10:ab:c5:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Dec 12 13:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fcaca56679e6bdeaee8defb0fee42f67191c49d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:1e:e4:80:24:58:9a:2a:07:81:4e:50:c4:9a:
83:eb:a0:fe:ad:ce:92:08:6e:7c:ea:01:a5:6a:8e:
13:ae:e0:d0:e8:48:99:d3:f8:de:df:eb:02:c8:65:
4a:e6:b5:e7:97:24:35:5d:0e:2c:3e:db:b3:dd:98:
0b:83:00:8d:d0:8c:40:13:82:ba:52:0a:bd:04:00:
59:9f:2e:5a:d8:29:c6:88:86:f9:84:f8:99:0d:dc:
cc:2f:1a:a7:b3:a4:27:94:35:3b:12:af:42:95:90:
be:0e:74:50:04:3c:05:09:bc:21:c8:e1:1a:28:01:
b8:26:59:37:b1:82:f2:3d:d6:ea:fe:b7:4c:64:d1:
3f:bd:49:04:0e:d4:73:d6:dc:3d:7e:cc:3b:7f:0a:
fc:a3:a8:6d:7c:3b:58:94:9e:9e:b8:24:b7:cb:e4:
46:a8:8d:cb:e1:49:c7:3b:d0:d8:08:ff:f9:ab:4f:
a3:fc:69:03:08:55:2d:b7:cb:f8:7a:99:e8:70:88:
32:49:98:ba:ab:97:78:ca:d8:52:cd:cf:9e:15:b9:
17:2d:ac:4c:76:1d:47:b9:fd:81:d8:95:c5:e6:61:
85:51:4a:0f:57:8b:b1:a7:47:02:10:08:6d:fb:7f:
11:c0:14:d8:03:c4:91:be:1a:00:27:16:8e:37:82:
af:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:AC:A5:66:79:E6:BD:EA:EE:8D:EF:B0:FE:E4:2F:67:19:1C:49:D3
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/_KylZnnmveruje-w_uQvZxkcSdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.18.200.0/21
213.18.240.0/23
217.180.36.0/23
Signature Algorithm: sha256WithRSAEncryption
16:bc:06:10:f8:f1:9a:7b:ae:2d:f8:b3:28:52:db:84:f5:3d:
41:94:54:16:82:ce:cf:95:f5:7f:9c:fb:1e:a8:18:09:c4:c2:
ff:a0:44:b9:b3:d6:d7:1e:96:ea:e2:a3:3f:76:84:61:54:76:
0c:94:f2:eb:94:34:5d:2c:b9:3a:a4:0f:ac:03:64:fa:b5:db:
23:1a:cc:c4:f1:dc:f7:e3:b3:ea:9a:e9:c3:5e:cc:f1:7a:9a:
89:35:4c:5c:95:64:a0:d8:a1:3c:ae:79:99:3e:1c:d9:c1:88:
99:e5:4d:67:8a:0c:76:79:ed:48:cf:7c:91:a9:33:24:28:66:
58:08:0c:b5:68:c6:c6:c5:71:c7:a2:20:72:9a:b8:af:e5:e6:
2e:54:bf:ff:10:d4:73:a3:4c:78:2d:ab:9c:b5:91:2b:4a:ad:
71:d5:1b:6b:be:09:ec:be:21:db:de:02:f1:55:bc:9f:ec:b7:
6a:1f:b2:5f:59:f0:69:ea:cf:96:95:ef:9f:2b:d3:9f:7f:84:
00:81:fa:1b:dd:4a:07:fa:fe:46:2a:8d:54:36:9f:b2:70:44:
1a:db:a2:a5:c3:ae:c6:a9:54:45:61:64:68:38:eb:18:0b:57:
5d:f3:20:59:80:a0:19:14:fc:47:3e:5d:87:8f:7f:4a:51:b0:
eb:70:31:88
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZO7EDfurYHYqMDaAOMQq8VcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjQxMjEyMTMzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2FjYTU2Njc5ZTZiZGVhZWU4ZGVmYjBmZWU0MmY2NzE5MWM0OWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAox7kgCRYmioHgU5QxJqD66D+rc6S
CG586gGlao4TruDQ6EiZ0/je3+sCyGVK5rXnlyQ1XQ4sPtuz3ZgLgwCN0IxAE4K6
Ugq9BABZny5a2CnGiIb5hPiZDdzMLxqns6QnlDU7Eq9ClZC+DnRQBDwFCbwhyOEa
KAG4Jlk3sYLyPdbq/rdMZNE/vUkEDtRz1tw9fsw7fwr8o6htfDtYlJ6euCS3y+RG
qI3L4UnHO9DYCP/5q0+j/GkDCFUtt8v4epnocIgySZi6q5d4ythSzc+eFbkXLaxM
dh1Huf2B2JXF5mGFUUoPV4uxp0cCEAht+38RwBTYA8SRvhoAJxaON4KvewIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPyspWZ55r3q7o3vsP7kL2cZHEnTMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvX0t5bFpubm12ZXJ1amUtd191UXZaeGtjU2RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQD1RLIAwQB
1RLwAwQB2bQkMA0GCSqGSIb3DQEBCwUAA4IBAQAWvAYQ+PGae64t+LMoUtuE9T1B
lFQWgs7PlfV/nPseqBgJxML/oES5s9bXHpbq4qM/doRhVHYMlPLrlDRdLLk6pA+s
A2T6tdsjGszE8dz347PqmunDXszxepqJNUxclWSg2KE8rnmZPhzZwYiZ5U1nigx2
ee1Iz3yRqTMkKGZYCAy1aMbGxXHHoiBymriv5eYuVL//ENRzo0x4LauctZErSq1x
1RtrvgnsviHb3gLxVbyf7LdqH7JfWfBp6s+Wle+fK9Off4QAgfob3UoH+v5GKo1U
Np+ycEQa26Klw67GqVRFYWRoOOsYC1dd8yBZgKAZFPxHPl2Hj39KUbDrcDGI
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:17:40 2025 by rpki-client