Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/i4L60hEtBbvekOFu3G0UYNNPQPA.roa
File: i4L60hEtBbvekOFu3G0UYNNPQPA.roa (raw, json)
Hash identifier: NkVrMlko9N2x5LyjZWbsyaOe1A/C/8arApYx72ChOa0=
Subject key identifier: 8B:82:FA:D2:11:2D:05:BB:DE:90:E1:6E:DC:6D:14:60:D3:4F:40:F0
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 0193F857D1BA2031CD92BA1B775BE95C866B
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/i4L60hEtBbvekOFu3G0UYNNPQPA.roa
Signing time: Tue 24 Dec 2024 11:05:25 +0000
ROA not before: Tue 24 Dec 2024 11:05:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199614
IP address blocks: 213.18.244.0/24 maxlen: 24
213.18.246.0/24 maxlen: 24
213.18.247.0/24 maxlen: 24
217.177.74.0/24 maxlen: 24
217.180.52.0/24 maxlen: 24
217.180.53.0/24 maxlen: 24
217.180.54.0/24 maxlen: 24
217.180.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:47:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f8:57:d1:ba:20:31:cd:92:ba:1b:77:5b:e9:5c:86:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Dec 24 11:05:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b82fad2112d05bbde90e16edc6d1460d34f40f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b6:ac:c1:3f:24:1d:ba:d2:29:4e:32:d2:c7:
f7:96:07:3d:6f:e8:e6:e9:f8:ac:e6:86:d8:76:ee:
ca:1c:ca:0b:47:26:1c:75:b3:9f:ba:c9:c1:e8:50:
a5:90:7a:51:1c:3f:92:c6:73:7f:fa:58:3d:16:f7:
39:e4:a9:5a:56:ad:81:d4:56:e3:85:2c:4b:f1:6b:
f7:5c:e4:ab:a9:5a:3a:7d:f4:fd:f9:c6:08:42:c7:
e6:46:2b:b5:1d:d9:ee:17:63:1e:1d:3d:93:73:5c:
67:f3:fe:9c:59:31:ab:74:a1:1b:4f:15:e5:73:8e:
c8:61:25:50:b0:48:1a:65:31:9a:26:72:d2:ed:82:
e7:3c:4d:5f:9f:33:29:23:fd:07:6a:fd:9a:4f:f5:
5b:f8:be:6c:ca:67:83:2d:0a:35:88:c1:4e:62:ba:
cb:5e:df:69:59:ba:6a:ca:c6:13:2c:5e:cb:11:5c:
f2:f8:8c:e2:3e:4e:9d:09:a2:2e:8f:5c:aa:66:5b:
25:44:6d:d9:61:a2:68:24:34:47:07:62:c9:ec:e9:
87:44:c0:06:65:58:b5:95:da:bc:8f:43:71:26:8e:
cd:76:6f:ca:59:52:6b:e7:9f:65:b4:d3:02:4d:60:
bc:13:c8:c2:cb:88:62:0d:ec:98:2e:74:ad:bb:bc:
c9:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:82:FA:D2:11:2D:05:BB:DE:90:E1:6E:DC:6D:14:60:D3:4F:40:F0
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/i4L60hEtBbvekOFu3G0UYNNPQPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.18.244.0/24
213.18.246.0/23
217.177.74.0/24
217.180.52.0/22
Signature Algorithm: sha256WithRSAEncryption
49:79:2b:1b:01:0d:fe:0a:12:0a:63:c6:1d:c0:cc:15:1e:a8:
a6:26:f2:31:96:67:8c:ce:b8:30:64:2a:31:28:eb:5c:c0:76:
7a:a1:27:9d:84:1e:7e:c7:32:1a:fe:0f:83:11:96:0f:4c:c4:
12:79:36:b6:0c:04:c8:90:ec:cc:9a:af:81:15:01:dd:6c:60:
8d:20:fc:b8:b6:d4:90:c9:27:13:a2:3e:d3:5c:dd:7c:56:f5:
3a:5a:84:f7:d3:5d:17:7c:90:a3:87:8b:e8:68:e5:00:17:da:
c8:13:bf:50:8f:07:34:9e:72:41:61:e7:21:e0:70:f9:16:bc:
d3:c3:b0:f4:f5:8e:48:6c:cf:1a:b8:1e:48:27:62:db:79:4f:
a5:53:49:bb:a6:6b:35:51:83:d9:3f:6a:43:1c:23:ee:99:cc:
2c:60:5e:d4:23:a1:0d:30:9f:82:d6:cb:57:68:c0:74:67:6d:
ad:ef:fa:00:e6:62:23:be:f7:11:6e:3e:6e:0a:79:2b:74:47:
54:b3:7d:70:bb:b9:e1:b4:f0:ab:b2:4c:9a:14:a4:02:99:a8:
3d:4b:cc:ee:e3:8d:36:15:92:5e:01:c3:d1:ee:7e:db:39:b8:
56:c2:47:12:65:1f:82:da:7d:61:c5:ee:66:ca:6b:f7:61:9b:
cd:d4:f9:09
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZP4V9G6IDHNkrobd1vpXIZrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjQxMjI0MTEwNTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjgyZmFkMjExMmQwNWJiZGU5MGUxNmVkYzZkMTQ2MGQzNGY0MGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLaswT8kHbrSKU4y0sf3lgc9b+jm
6fis5obYdu7KHMoLRyYcdbOfusnB6FClkHpRHD+SxnN/+lg9Fvc55KlaVq2B1Fbj
hSxL8Wv3XOSrqVo6ffT9+cYIQsfmRiu1HdnuF2MeHT2Tc1xn8/6cWTGrdKEbTxXl
c47IYSVQsEgaZTGaJnLS7YLnPE1fnzMpI/0Hav2aT/Vb+L5symeDLQo1iMFOYrrL
Xt9pWbpqysYTLF7LEVzy+IziPk6dCaIuj1yqZlslRG3ZYaJoJDRHB2LJ7OmHRMAG
ZVi1ldq8j0NxJo7Ndm/KWVJr559ltNMCTWC8E8jCy4hiDeyYLnStu7zJjQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIuC+tIRLQW73pDhbtxtFGDTT0DwMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvaTRMNjBoRXRCYnZla09GdTNHMFVZTk5QUVBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQA1RL0AwQB
1RL2AwQA2bFKAwQC2bQ0MA0GCSqGSIb3DQEBCwUAA4IBAQBJeSsbAQ3+ChIKY8Yd
wMwVHqimJvIxlmeMzrgwZCoxKOtcwHZ6oSedhB5+xzIa/g+DEZYPTMQSeTa2DATI
kOzMmq+BFQHdbGCNIPy4ttSQyScToj7TXN18VvU6WoT3010XfJCjh4voaOUAF9rI
E79Qjwc0nnJBYech4HD5FrzTw7D09Y5IbM8auB5IJ2LbeU+lU0m7pms1UYPZP2pD
HCPumcwsYF7UI6ENMJ+C1stXaMB0Z22t7/oA5mIjvvcRbj5uCnkrdEdUs31wu7nh
tPCrskyaFKQCmag9S8zu4402FZJeAcPR7n7bObhWwkcSZR+C2n1hxe5mymv3YZvN
1PkJ
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:04:36 2025 by rpki-client