Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_iTEJsjWRlQbXtKExyvt5dHjS0w.roa
File: _iTEJsjWRlQbXtKExyvt5dHjS0w.roa (raw, json)
Hash identifier: ZV0K5NO81CoMNuR/BeQT5E8raDWpU5wH4ynraGiwJCE=
Subject key identifier: FE:24:C4:26:C8:D6:46:54:1B:5E:D2:84:C7:2B:ED:E5:D1:E3:4B:4C
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01941C1CD5D126F8286ABCC8EAE0AF57D9AC
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_iTEJsjWRlQbXtKExyvt5dHjS0w.roa
Signing time: Tue 31 Dec 2024 09:47:19 +0000
ROA not before: Tue 31 Dec 2024 09:47:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 138195
IP address blocks: 213.218.208.0/24 maxlen: 24
213.218.215.0/24 maxlen: 24
213.218.232.0/24 maxlen: 24
213.218.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1c:1c:d5:d1:26:f8:28:6a:bc:c8:ea:e0:af:57:d9:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 31 09:47:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe24c426c8d646541b5ed284c72bede5d1e34b4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ba:59:33:60:d1:69:08:97:9b:84:94:a7:31:
05:ac:46:3b:0c:9c:ca:69:64:80:54:2a:ce:e6:b1:
19:44:fc:1b:99:7e:0b:ee:20:21:8a:35:4a:99:69:
ee:54:8d:19:5e:fd:89:eb:ed:e2:f1:b8:02:dc:b3:
6e:22:bd:14:c2:51:8d:97:bf:1e:92:7e:e0:85:cf:
ef:79:9c:9e:bd:f1:30:9b:98:df:d3:c0:78:d7:2b:
79:2a:e5:8c:3e:1c:55:aa:ac:a3:19:fe:95:b5:64:
20:84:4a:5b:cf:3f:15:53:7d:1f:4b:d5:14:46:ec:
3f:72:a4:20:85:b0:02:f0:e4:a7:4a:d0:ff:4a:cc:
2a:d1:38:0c:b1:73:c8:bc:f5:7f:3e:8b:07:81:12:
bb:f7:5d:1e:6c:3e:a8:3d:18:19:93:71:09:55:b2:
95:13:93:ea:87:be:c5:a2:86:47:1c:66:b7:80:db:
03:3f:69:ea:9a:87:21:04:3d:09:f7:5f:90:50:b4:
c2:9a:58:67:dc:32:a1:6b:da:4b:45:10:5c:8e:d6:
b9:0d:8c:f2:c7:0f:c6:9a:0b:ed:fe:47:2b:f2:3f:
e5:8e:1c:95:40:81:3f:41:4d:96:d0:f2:5b:bf:16:
1b:a6:6e:4c:a5:2c:d1:47:93:9b:ed:ab:99:33:19:
ca:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:24:C4:26:C8:D6:46:54:1B:5E:D2:84:C7:2B:ED:E5:D1:E3:4B:4C
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_iTEJsjWRlQbXtKExyvt5dHjS0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.218.208.0/24
213.218.215.0/24
213.218.232.0/24
213.218.235.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:16:3d:3b:ef:fe:72:da:bc:20:cb:32:9c:60:d0:11:0f:98:
97:01:3b:36:65:2a:85:39:fa:70:4f:3b:55:58:b7:68:f0:ad:
1a:35:c5:3d:c7:ad:f8:5a:96:df:f6:be:21:e7:31:83:65:f1:
b0:38:32:9f:8c:86:e9:72:5f:7f:cb:fd:bf:d4:e1:08:1d:94:
a0:cc:41:de:19:da:60:7c:b0:93:31:2c:7e:00:86:52:87:84:
85:7d:96:9b:f5:f3:22:56:3b:51:fb:81:be:e8:bb:0e:78:6a:
b0:ec:bc:b8:6a:8d:f6:a5:3d:d6:88:b8:e2:3c:34:5b:04:fe:
e8:e2:77:51:65:d5:c1:de:ee:54:7b:ee:91:17:bf:75:08:bf:
da:97:82:51:36:0c:7d:bc:2c:f9:49:09:5c:40:0a:c8:4b:63:
26:1b:70:2e:bf:fe:8e:30:9f:4f:06:fc:9e:23:b8:d7:06:e0:
1c:7f:28:e8:76:cc:9a:b4:f4:a4:2a:48:d9:85:4b:c9:78:c8:
a0:e5:87:2e:62:12:b9:13:e5:fb:8e:48:38:cd:a6:0f:22:c4:
7a:a8:62:5a:f4:c8:ef:8a:94:73:01:a0:19:6b:f7:81:7b:94:
f3:e1:f3:43:9f:dd:3d:a5:fa:de:92:41:b4:7e:b9:46:71:93:
01:33:57:a9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQcHNXRJvgoarzI6uCvV9msMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMjMxMDk0NzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTI0YzQyNmM4ZDY0NjU0MWI1ZWQyODRjNzJiZWRlNWQxZTM0YjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7pZM2DRaQiXm4SUpzEFrEY7DJzK
aWSAVCrO5rEZRPwbmX4L7iAhijVKmWnuVI0ZXv2J6+3i8bgC3LNuIr0UwlGNl78e
kn7ghc/veZyevfEwm5jf08B41yt5KuWMPhxVqqyjGf6VtWQghEpbzz8VU30fS9UU
Ruw/cqQghbAC8OSnStD/Sswq0TgMsXPIvPV/PosHgRK7910ebD6oPRgZk3EJVbKV
E5Pqh77FooZHHGa3gNsDP2nqmochBD0J91+QULTCmlhn3DKha9pLRRBcjta5DYzy
xw/Gmgvt/kcr8j/ljhyVQIE/QU2W0PJbvxYbpm5MpSzRR5Ob7auZMxnK0QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFP4kxCbI1kZUG17ShMcr7eXR40tMMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvX2lURUpzaldSbFFiWHRLRXh5dnQ1ZEhqUzB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQA1drQAwQA
1drXAwQA1droAwQA1drrMA0GCSqGSIb3DQEBCwUAA4IBAQCLFj077/5y2rwgyzKc
YNARD5iXATs2ZSqFOfpwTztVWLdo8K0aNcU9x634Wpbf9r4h5zGDZfGwODKfjIbp
cl9/y/2/1OEIHZSgzEHeGdpgfLCTMSx+AIZSh4SFfZab9fMiVjtR+4G+6LsOeGqw
7Ly4ao32pT3WiLjiPDRbBP7o4ndRZdXB3u5Ue+6RF791CL/al4JRNgx9vCz5SQlc
QArIS2MmG3Auv/6OMJ9PBvyeI7jXBuAcfyjodsyatPSkKkjZhUvJeMig5YcuYhK5
E+X7jkg4zaYPIsR6qGJa9MjvipRzAaAZa/eBe5Tz4fNDn909pfrekkG0frlGcZMB
M1ep
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:05:42 2025 by rpki-client