Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-MtPZMBhgetq4wpaCO6TmAnr_S0.roa
File: 1-MtPZMBhgetq4wpaCO6TmAnr_S0.roa (raw, json)
Hash identifier: odltZJbfjvnLj/BxYjRMoupwag3UMLPaxu+28psF8Q4=
Subject key identifier: F8:CB:4F:64:C0:61:81:EB:6A:E3:0A:5A:08:EE:93:98:09:EB:FD:2D
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0194214425699E67393364AAF45A6732A68E
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-MtPZMBhgetq4wpaCO6TmAnr_S0.roa
Signing time: Wed 01 Jan 2025 09:48:21 +0000
ROA not before: Wed 01 Jan 2025 09:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214654
IP address blocks: 212.38.81.0/24 maxlen: 24
213.210.52.0/24 maxlen: 24
213.210.53.0/24 maxlen: 24
213.218.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Jan 2025 15:35:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:25:69:9e:67:39:33:64:aa:f4:5a:67:32:a6:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f8cb4f64c06181eb6ae30a5a08ee939809ebfd2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:af:00:40:c6:f9:58:b5:de:91:a9:71:7a:aa:
a9:0d:33:b5:d9:f0:8c:7c:08:a6:b1:ab:07:ae:ad:
58:b1:53:b7:b0:ca:82:cf:95:aa:c6:fd:ed:9f:e1:
fe:d7:45:db:0b:40:54:b9:86:04:11:f5:15:24:88:
32:7d:a5:7d:eb:4f:dc:ed:06:3d:c7:c5:b3:94:5d:
e9:da:bc:2b:43:24:93:a4:ff:80:cd:d4:54:a1:79:
3c:4a:3b:11:68:e3:0f:77:dd:96:3f:8d:18:ce:72:
8e:a2:30:84:fd:70:70:f6:72:51:99:41:3d:2e:6f:
03:18:a4:9b:88:35:9d:22:ec:e7:40:42:02:9a:39:
5c:0c:c1:bf:26:e4:85:26:db:e6:25:6f:4d:69:66:
4b:c7:42:26:67:dc:5e:e7:09:d1:2d:68:28:c7:33:
96:11:df:28:7f:1b:2b:f4:96:97:17:e9:7d:cd:ab:
f2:a7:ca:a1:bc:8d:b7:bd:71:f9:4c:71:00:42:bb:
c2:c9:50:8b:47:7f:6a:10:4b:30:07:1e:19:7c:86:
55:fb:6a:90:d0:49:2c:56:43:a2:8a:d8:f1:a6:d8:
9d:26:6d:2b:7e:6a:93:b5:18:65:09:d5:ec:67:52:
69:ed:eb:b7:cf:47:bf:54:9b:c1:cd:ee:b5:a6:35:
e3:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:CB:4F:64:C0:61:81:EB:6A:E3:0A:5A:08:EE:93:98:09:EB:FD:2D
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-MtPZMBhgetq4wpaCO6TmAnr_S0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.38.81.0/24
213.210.52.0/23
213.218.239.0/24
Signature Algorithm: sha256WithRSAEncryption
92:2c:f5:02:41:b0:5e:2c:df:57:73:9d:cd:9c:ae:7f:c1:b0:
47:a2:8f:4f:00:81:c0:04:30:41:0d:f0:5d:f7:0c:f0:48:e7:
04:0e:4a:81:82:d4:85:96:20:7d:73:b2:10:0f:4c:cb:1e:31:
ae:8b:83:bd:2e:f0:f2:72:0d:1b:ef:30:79:7c:02:8c:52:c5:
10:b9:a5:94:9d:58:c0:e4:cf:e5:4f:71:cc:a8:a8:ad:cb:ff:
35:29:dc:99:e1:9b:a3:90:e8:36:aa:11:97:df:f9:3b:ec:d9:
88:d7:75:46:ab:e0:07:d6:cb:d5:b6:8c:f4:41:11:4b:7b:05:
6d:4d:07:04:79:f9:f6:98:07:00:49:57:30:c6:74:d3:ba:67:
b2:4a:55:f2:0f:54:2f:ef:24:e7:a6:55:ca:81:ee:37:e3:62:
77:9f:4f:1f:69:44:4b:76:89:83:ff:c2:bd:92:04:5c:21:c4:
51:de:d2:e6:43:a3:be:28:52:e4:06:5c:56:6a:e8:5b:86:14:
fe:73:f6:1b:09:d0:ca:63:e3:90:cc:6a:7a:b1:8b:db:31:a0:
6a:89:ed:7c:9b:3a:a0:59:05:0b:81:9e:60:b8:cb:0c:0b:58:
10:64:49:58:b9:c1:fd:35:d1:73:06:73:a3:4b:f8:44:e0:25:
34:dd:c1:46
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZQhRCVpnmc5M2Sq9FpnMqaOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGNiNGY2NGMwNjE4MWViNmFlMzBhNWEwOGVlOTM5ODA5ZWJmZDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwa8AQMb5WLXekalxeqqpDTO12fCM
fAimsasHrq1YsVO3sMqCz5Wqxv3tn+H+10XbC0BUuYYEEfUVJIgyfaV960/c7QY9
x8WzlF3p2rwrQySTpP+AzdRUoXk8SjsRaOMPd92WP40YznKOojCE/XBw9nJRmUE9
Lm8DGKSbiDWdIuznQEICmjlcDMG/JuSFJtvmJW9NaWZLx0ImZ9xe5wnRLWgoxzOW
Ed8ofxsr9JaXF+l9zavyp8qhvI23vXH5THEAQrvCyVCLR39qEEswBx4ZfIZV+2qQ
0EksVkOiitjxptidJm0rfmqTtRhlCdXsZ1Jp7eu3z0e/VJvBze61pjXjewIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPjLT2TAYYHrauMKWgjuk5gJ6/0tMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMS1NdFBaTUJoZ2V0cTR3cGFDTzZUbUFucl9TMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGEvNDlkYzAwLTk3ZTItNDYyOC1hZTM5LTQxMjI4ZTM5ZmY3
Yy8xL1A5TU5pbjRTX0h2Mkxnd1NIbnpDSnQ2bE81cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEANQmUQME
AdXSNAMEANXa7zANBgkqhkiG9w0BAQsFAAOCAQEAkiz1AkGwXizfV3OdzZyuf8Gw
R6KPTwCBwAQwQQ3wXfcM8EjnBA5KgYLUhZYgfXOyEA9Myx4xrouDvS7w8nING+8w
eXwCjFLFELmllJ1YwOTP5U9xzKiorcv/NSncmeGbo5DoNqoRl9/5O+zZiNd1Rqvg
B9bL1baM9EERS3sFbU0HBHn59pgHAElXMMZ007pnskpV8g9UL+8k56ZVyoHuN+Ni
d59PH2lES3aJg//CvZIEXCHEUd7S5kOjvihS5AZcVmroW4YU/nP2GwnQymPjkMxq
erGL2zGgaontfJs6oFkFC4GeYLjLDAtYEGRJWLnB/TXRcwZzo0v4ROAlNN3BRg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:26:35 2025 by rpki-client