Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/h3_CrAT6bWHS-759_x2tVklZJAQ.roa
File: h3_CrAT6bWHS-759_x2tVklZJAQ.roa (raw, json)
Hash identifier: iQ0aRkEn476o19JhkpclyTNIs/mVpwpGu4mdx2kCHs8=
Subject key identifier: 87:7F:C2:AC:04:FA:6D:61:D2:FB:BE:7D:FF:1D:AD:56:49:59:24:04
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 0193AA3B23F18FCBD2E719EF7A0425F82C75
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/h3_CrAT6bWHS-759_x2tVklZJAQ.roa
Signing time: Mon 09 Dec 2024 07:03:42 +0000
ROA not before: Mon 09 Dec 2024 07:03:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215523
IP address blocks: 213.18.200.0/21 maxlen: 21
213.18.240.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 12 Dec 2024 13:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:aa:3b:23:f1:8f:cb:d2:e7:19:ef:7a:04:25:f8:2c:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Dec 9 07:03:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=877fc2ac04fa6d61d2fbbe7dff1dad5649592404
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f9:11:b8:b6:13:13:2b:30:44:51:92:ff:b4:
17:bb:f1:02:82:29:c3:1a:c3:c5:c6:10:95:1f:78:
48:e2:32:ad:e3:51:1f:db:fc:4a:8e:5d:f3:09:e7:
b7:65:cf:e4:bf:bd:f7:50:3c:54:27:01:3e:ce:1b:
3e:9a:56:2a:a9:be:05:d5:43:af:23:ae:0a:3e:90:
9d:ee:fe:d8:65:7e:83:04:3f:3b:0c:29:e8:7b:d7:
50:f1:11:29:d9:28:82:5b:b7:48:e5:c0:de:fb:1a:
da:b5:2d:ea:bb:6c:02:a3:62:83:4e:7e:ae:1a:ab:
82:b9:59:be:b4:6a:67:61:1b:e3:3a:5d:c3:76:c3:
4f:43:b0:c7:dd:05:2e:01:0f:c9:31:68:28:33:23:
2a:74:99:21:24:86:81:00:eb:4d:7a:cb:85:34:68:
3b:ed:3f:0f:54:a4:af:b8:f5:62:81:d5:69:df:0b:
a8:1e:8f:61:d5:dd:7d:5c:b6:be:c5:05:12:ff:ba:
2b:31:a1:c8:f0:f4:03:fb:79:b5:50:f0:b6:2b:06:
6a:63:b5:b2:3e:2d:cb:47:2c:03:38:7a:d4:5f:bd:
c0:40:c5:2c:56:03:8f:e5:99:4a:1e:45:99:8a:2e:
cd:d5:eb:14:61:71:0e:43:2e:40:03:7f:90:c6:63:
73:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:7F:C2:AC:04:FA:6D:61:D2:FB:BE:7D:FF:1D:AD:56:49:59:24:04
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/h3_CrAT6bWHS-759_x2tVklZJAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.18.200.0/21
213.18.240.0/23
Signature Algorithm: sha256WithRSAEncryption
41:f2:99:d0:21:78:5c:fe:1e:18:0c:53:04:0d:18:71:d5:79:
cc:04:39:cb:60:d7:70:21:79:b4:37:d1:d4:67:d2:fc:0c:3b:
9f:a4:6c:6a:fd:1c:a2:d6:17:2a:2d:ef:a6:f6:7c:f6:cf:0a:
e1:a2:94:2a:36:c8:4a:54:c4:0a:dd:00:4c:1c:66:12:1a:66:
fd:f2:ab:ce:b0:9e:2e:16:32:f2:2c:ef:02:f6:ab:21:90:eb:
69:28:69:93:55:5a:83:01:6f:88:59:4c:66:08:8f:13:f4:88:
73:8f:8d:91:2f:ae:6c:48:58:b6:f6:1a:76:5f:eb:b7:59:af:
76:ab:8f:07:01:05:15:78:ef:3b:96:e2:4d:46:fc:92:db:ed:
8c:37:4b:b1:7b:92:ba:f3:7c:ce:bc:ca:5b:e3:f4:3e:b4:7d:
2d:67:d3:f7:76:49:90:3f:da:2c:a1:fe:b1:10:eb:3d:ce:77:
75:be:8a:b7:74:80:b2:9e:ac:4d:07:9d:9d:67:73:b2:8e:c9:
8f:d0:54:b6:ff:ea:cd:0f:d0:3c:48:50:05:9b:21:fe:d0:07:
49:7b:04:4b:e1:96:ad:4c:fa:27:0d:22:87:3a:63:8c:3a:37:
03:5d:c2:c7:f6:85:21:e5:72:23:c6:64:72:45:47:17:26:5f:
eb:ac:e1:80
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZOqOyPxj8vS5xnvegQl+Cx1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjQxMjA5MDcwMzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzdmYzJhYzA0ZmE2ZDYxZDJmYmJlN2RmZjFkYWQ1NjQ5NTkyNDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfkRuLYTEyswRFGS/7QXu/ECginD
GsPFxhCVH3hI4jKt41Ef2/xKjl3zCee3Zc/kv733UDxUJwE+zhs+mlYqqb4F1UOv
I64KPpCd7v7YZX6DBD87DCnoe9dQ8REp2SiCW7dI5cDe+xratS3qu2wCo2KDTn6u
GquCuVm+tGpnYRvjOl3DdsNPQ7DH3QUuAQ/JMWgoMyMqdJkhJIaBAOtNesuFNGg7
7T8PVKSvuPVigdVp3wuoHo9h1d19XLa+xQUS/7orMaHI8PQD+3m1UPC2KwZqY7Wy
Pi3LRywDOHrUX73AQMUsVgOP5ZlKHkWZii7N1esUYXEOQy5AA3+QxmNztwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFId/wqwE+m1h0vu+ff8drVZJWSQEMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvaDNfQ3JBVDZiV0hTLTc1OV94MnRWa2xaSkFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQD1RLIAwQB
1RLwMA0GCSqGSIb3DQEBCwUAA4IBAQBB8pnQIXhc/h4YDFMEDRhx1XnMBDnLYNdw
IXm0N9HUZ9L8DDufpGxq/Ryi1hcqLe+m9nz2zwrhopQqNshKVMQK3QBMHGYSGmb9
8qvOsJ4uFjLyLO8C9qshkOtpKGmTVVqDAW+IWUxmCI8T9Ihzj42RL65sSFi29hp2
X+u3Wa92q48HAQUVeO87luJNRvyS2+2MN0uxe5K683zOvMpb4/Q+tH0tZ9P3dkmQ
P9osof6xEOs9znd1voq3dICynqxNB52dZ3OyjsmP0FS2/+rND9A8SFAFmyH+0AdJ
ewRL4ZatTPonDSKHOmOMOjcDXcLH9oUh5XIjxmRyRUcXJl/rrOGA
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:14:45 2025 by rpki-client