Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/A34b3QcsXLlw5db5tw0jOoNkEPY.roa
File: A34b3QcsXLlw5db5tw0jOoNkEPY.roa (raw, json)
Hash identifier: ENSMIYsP0zNvTaPVThqJbS0zbUpBNmiOjHtTIBefjjU=
Subject key identifier: 03:7E:1B:DD:07:2C:5C:B9:70:E5:D6:F9:B7:0D:23:3A:83:64:10:F6
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019373D66353D084A3CCCD8B2FA94E77BED4
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/A34b3QcsXLlw5db5tw0jOoNkEPY.roa
Signing time: Thu 28 Nov 2024 17:34:10 +0000
ROA not before: Thu 28 Nov 2024 17:34:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214025
IP address blocks: 212.38.81.0/24 maxlen: 24
213.210.52.0/24 maxlen: 24
213.210.53.0/24 maxlen: 24
213.218.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:73:d6:63:53:d0:84:a3:cc:cd:8b:2f:a9:4e:77:be:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 28 17:34:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=037e1bdd072c5cb970e5d6f9b70d233a836410f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:0c:53:85:52:f9:4e:84:8f:a3:f0:a9:ba:a6:
0a:56:c0:7d:e1:96:a2:64:1e:58:29:21:82:94:79:
06:b0:0b:dc:37:1f:06:b1:ed:e4:44:6d:17:86:45:
26:46:66:78:ec:bf:c4:67:26:63:4f:ef:06:1e:d4:
52:ec:b3:75:5c:1a:af:bb:07:25:c3:a9:be:f0:d5:
cb:30:ce:2d:a5:1f:5d:83:3c:6b:15:e9:13:1c:10:
2c:32:b8:60:22:84:ae:be:aa:2f:c3:d8:67:9e:76:
c9:66:f5:a5:64:6d:b0:d5:8f:88:63:14:07:49:ec:
2c:86:7d:03:c1:43:99:03:12:d5:9b:1d:06:f4:6c:
4f:6c:76:46:ce:52:0b:a3:69:fb:fc:90:82:21:62:
42:a6:73:79:7b:45:40:b4:90:57:33:2f:52:63:6f:
b5:d2:2e:cb:b5:77:2e:99:e0:3d:84:f5:2a:b4:bb:
c3:b7:91:3e:1e:c5:d2:0a:f9:12:fe:75:17:d1:29:
e4:0c:86:46:d2:3b:9f:c3:b2:8c:c5:ee:bf:a5:a0:
ab:04:bf:0e:81:57:8b:7d:b5:12:d7:00:50:a3:03:
bd:92:84:5a:92:c6:d3:41:d8:3d:2f:30:c8:9d:ad:
45:4e:89:e5:5c:93:61:a1:fc:88:66:84:87:13:83:
41:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:7E:1B:DD:07:2C:5C:B9:70:E5:D6:F9:B7:0D:23:3A:83:64:10:F6
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/A34b3QcsXLlw5db5tw0jOoNkEPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.38.81.0/24
213.210.52.0/23
213.218.239.0/24
Signature Algorithm: sha256WithRSAEncryption
46:b9:73:56:43:76:90:c9:5b:b2:23:7b:1f:22:c9:a5:28:a5:
5d:f2:b6:a1:50:9a:75:8e:b4:fa:f4:4b:25:4a:d9:e7:97:a9:
62:a0:3f:24:80:ce:0a:9f:8a:54:35:6e:8b:8f:2e:c6:86:81:
00:cd:39:07:99:c7:e0:62:4e:14:11:9f:23:0d:05:7d:b1:7b:
9c:be:4f:9c:40:16:93:8c:6c:e3:b3:3c:51:35:f7:5d:6e:b4:
26:9a:54:e2:c3:b0:d3:73:73:0d:ab:02:39:18:b1:a9:73:00:
09:56:ba:1b:95:ac:fd:99:86:6e:0b:bf:d7:35:e3:fe:3c:f7:
4f:86:77:a6:c7:c2:5b:a0:90:f2:94:fe:2c:b2:66:e7:cc:ed:
b8:b0:61:3f:1e:67:24:cc:db:b6:6a:bf:21:b4:d8:27:7f:29:
c7:22:09:13:20:f0:55:ab:50:4b:85:8a:31:66:a0:b4:c4:ad:
2e:d4:df:d4:29:fb:c5:2a:fc:ab:75:37:89:ef:e8:5b:1c:ee:
6b:98:75:a7:8d:53:d5:b8:e5:2f:06:41:59:a0:bf:28:ac:38:
fe:57:a4:a9:0a:dd:73:0f:fb:52:3e:fd:20:68:b7:fc:f6:84:
d7:d1:7c:3c:82:f8:7a:01:62:44:ca:16:01:7d:75:55:55:e8:
55:4e:b2:73
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZNz1mNT0ISjzM2LL6lOd77UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMTI4MTczNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzdlMWJkZDA3MmM1Y2I5NzBlNWQ2ZjliNzBkMjMzYTgzNjQxMGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwxThVL5ToSPo/CpuqYKVsB94Zai
ZB5YKSGClHkGsAvcNx8Gse3kRG0XhkUmRmZ47L/EZyZjT+8GHtRS7LN1XBqvuwcl
w6m+8NXLMM4tpR9dgzxrFekTHBAsMrhgIoSuvqovw9hnnnbJZvWlZG2w1Y+IYxQH
Sewshn0DwUOZAxLVmx0G9GxPbHZGzlILo2n7/JCCIWJCpnN5e0VAtJBXMy9SY2+1
0i7LtXcumeA9hPUqtLvDt5E+HsXSCvkS/nUX0SnkDIZG0jufw7KMxe6/paCrBL8O
gVeLfbUS1wBQowO9koRaksbTQdg9LzDIna1FTonlXJNhofyIZoSHE4NB6wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAN+G90HLFy5cOXW+bcNIzqDZBD2MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQTM0YjNRY3NYTGx3NWRiNXR3MGpPb05rRVBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1CZRAwQB
1dI0AwQA1drvMA0GCSqGSIb3DQEBCwUAA4IBAQBGuXNWQ3aQyVuyI3sfIsmlKKVd
8rahUJp1jrT69EslStnnl6lioD8kgM4Kn4pUNW6Ljy7GhoEAzTkHmcfgYk4UEZ8j
DQV9sXucvk+cQBaTjGzjszxRNfddbrQmmlTiw7DTc3MNqwI5GLGpcwAJVroblaz9
mYZuC7/XNeP+PPdPhnemx8JboJDylP4ssmbnzO24sGE/HmckzNu2ar8htNgnfynH
IgkTIPBVq1BLhYoxZqC0xK0u1N/UKfvFKvyrdTeJ7+hbHO5rmHWnjVPVuOUvBkFZ
oL8orDj+V6SpCt1zD/tSPv0gaLf89oTX0Xw8gvh6AWJEyhYBfXVVVehVTrJz
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:27:01 2025 by rpki-client