Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1cgU1IQbxwNBmc7t-TjI6BI_D_8.roa
File: 1cgU1IQbxwNBmc7t-TjI6BI_D_8.roa (raw, json)
Hash identifier: Sn0/766rh57CKTmXlOi+AeRBoN/zTRCMa+uscgDNDBQ=
Subject key identifier: D5:C8:14:D4:84:1B:C7:03:41:99:CE:ED:F9:38:C8:E8:12:3F:0F:FF
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018E6551D57C34ECB3A59C81DA4A9FDEA34E
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1cgU1IQbxwNBmc7t-TjI6BI_D_8.roa
Signing time: Fri 22 Mar 2024 08:40:45 +0000
ROA not before: Fri 22 Mar 2024 08:40:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215638
IP address blocks: 213.218.252.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 25 Mar 2024 09:09:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:65:51:d5:7c:34:ec:b3:a5:9c:81:da:4a:9f:de:a3:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 22 08:40:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5c814d4841bc7034199ceedf938c8e8123f0fff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e9:1f:c4:24:ad:0e:d9:b2:55:18:43:31:b0:
d0:87:32:8d:1f:0e:1a:da:c5:ad:47:96:0b:42:5b:
b6:b2:28:dc:d8:ee:d4:bb:1b:a6:92:5f:6a:62:88:
65:38:c3:a8:6d:37:3a:69:69:57:89:3d:fe:87:43:
77:fd:2d:70:a5:26:a3:c4:c1:3b:32:ec:2e:17:84:
fb:f9:88:b9:00:f5:c1:90:5e:5f:5d:d4:1f:72:9c:
61:aa:0b:d4:ab:97:a1:d0:e4:22:1c:58:1b:e0:c8:
dc:30:b1:6b:b7:eb:ef:68:f1:7c:61:a1:88:f4:26:
92:d9:ea:15:f9:dd:d6:98:15:be:1d:3d:eb:37:20:
09:b2:92:f1:1a:96:c0:3c:ac:c3:25:b4:cd:ea:50:
a4:19:3a:3f:7a:ef:7d:96:72:e3:ca:5f:1a:0d:43:
7c:37:1f:b3:36:23:a5:7f:a7:52:ce:c1:07:57:5f:
4e:f3:f7:c6:60:67:44:c9:97:60:31:8d:2b:ac:fe:
27:54:19:63:89:93:69:66:9d:57:3f:87:da:31:12:
9a:98:69:1e:a0:93:8a:75:0c:0d:a7:60:37:76:32:
ad:6a:12:6d:40:3c:6a:0f:bd:84:0d:94:3c:9a:ef:
7f:3b:ab:6c:28:cd:8d:e9:91:69:79:90:bb:5f:83:
7c:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:C8:14:D4:84:1B:C7:03:41:99:CE:ED:F9:38:C8:E8:12:3F:0F:FF
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1cgU1IQbxwNBmc7t-TjI6BI_D_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.218.252.0/23
Signature Algorithm: sha256WithRSAEncryption
70:47:46:39:d6:83:ad:73:60:85:07:8b:e3:96:c3:78:79:eb:
b7:a9:94:78:6c:fe:aa:5a:a7:ae:83:60:d6:41:42:cc:4a:2d:
4c:45:05:50:3b:f8:6e:89:50:7b:22:f1:87:98:72:25:d7:65:
69:c0:34:77:56:9b:b7:1b:16:8e:46:c6:6a:38:d5:66:01:fa:
07:b7:c6:6d:e1:c6:bc:9e:57:10:ed:99:48:ed:77:c4:eb:1e:
38:67:e5:bf:4b:30:89:20:06:2b:cc:11:78:30:c8:02:58:e9:
91:36:58:a7:c0:d9:e7:29:97:72:92:51:dd:19:c0:81:0d:82:
ae:30:40:c3:ff:76:03:86:95:b4:7b:0e:b4:4c:9f:6d:00:73:
71:3f:0c:22:d3:34:df:19:b4:a8:ac:0a:5b:2c:5b:3a:14:16:
fd:6c:9a:f9:e6:2a:1a:96:06:ec:14:52:4e:b9:d4:5d:be:92:
67:eb:cd:7b:38:4d:9b:7f:fd:19:56:03:30:15:40:9e:32:2e:
f6:6b:83:12:1d:aa:f8:a6:21:57:f2:d0:53:06:fe:c5:8f:33:
34:a4:61:66:74:cc:70:f5:b4:4b:41:38:62:bc:3b:91:93:ee:
dd:da:25:d2:69:93:83:01:5a:ee:39:f8:e2:53:f0:bd:3c:34:
42:52:88:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5lUdV8NOyzpZyB2kqf3qNOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMzIyMDg0MDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWM4MTRkNDg0MWJjNzAzNDE5OWNlZWRmOTM4YzhlODEyM2YwZmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+kfxCStDtmyVRhDMbDQhzKNHw4a
2sWtR5YLQlu2sijc2O7Uuxumkl9qYohlOMOobTc6aWlXiT3+h0N3/S1wpSajxME7
MuwuF4T7+Yi5APXBkF5fXdQfcpxhqgvUq5eh0OQiHFgb4MjcMLFrt+vvaPF8YaGI
9CaS2eoV+d3WmBW+HT3rNyAJspLxGpbAPKzDJbTN6lCkGTo/eu99lnLjyl8aDUN8
Nx+zNiOlf6dSzsEHV19O8/fGYGdEyZdgMY0rrP4nVBljiZNpZp1XP4faMRKamGke
oJOKdQwNp2A3djKtahJtQDxqD72EDZQ8mu9/O6tsKM2N6ZFpeZC7X4N8oQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNXIFNSEG8cDQZnO7fk4yOgSPw//MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMWNnVTFJUWJ4d05CbWM3dC1Uakk2QklfRF84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1dr8MA0G
CSqGSIb3DQEBCwUAA4IBAQBwR0Y51oOtc2CFB4vjlsN4eeu3qZR4bP6qWqeug2DW
QULMSi1MRQVQO/huiVB7IvGHmHIl12VpwDR3Vpu3GxaORsZqONVmAfoHt8Zt4ca8
nlcQ7ZlI7XfE6x44Z+W/SzCJIAYrzBF4MMgCWOmRNlinwNnnKZdyklHdGcCBDYKu
MEDD/3YDhpW0ew60TJ9tAHNxPwwi0zTfGbSorApbLFs6FBb9bJr55ioalgbsFFJO
udRdvpJn6817OE2bf/0ZVgMwFUCeMi72a4MSHar4piFX8tBTBv7FjzM0pGFmdMxw
9bRLQThivDuRk+7d2iXSaZODAVruOfjiU/C9PDRCUoiH
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:34:04 2025 by rpki-client