Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/j1tBkmYz2WQCYgDSQ5n6RzbUyEw.roa
File: j1tBkmYz2WQCYgDSQ5n6RzbUyEw.roa (raw, json)
Hash identifier: FYyGRAfpmHb/h2yMe8tOsXCo98dR/2ovoU2D7f7SOuY=
Subject key identifier: 8F:5B:41:92:66:33:D9:64:02:62:00:D2:43:99:FA:47:36:D4:C8:4C
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0190DBF89363AC4AAEF8C246A33EBE367DB9
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/j1tBkmYz2WQCYgDSQ5n6RzbUyEw.roa
Signing time: Mon 22 Jul 2024 19:43:39 +0000
ROA not before: Mon 22 Jul 2024 19:43:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137517
IP address blocks: 213.218.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Nov 2024 13:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:db:f8:93:63:ac:4a:ae:f8:c2:46:a3:3e:be:36:7d:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 22 19:43:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f5b41926633d964026200d24399fa4736d4c84c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:dc:32:bf:6f:74:4c:fc:5b:83:1e:b1:13:7b:
9a:9f:b3:d3:9c:6b:05:16:9f:cf:3f:c8:c8:d3:2d:
64:03:30:c2:38:0f:ca:0c:f3:8c:5b:96:7b:ba:5b:
92:61:07:bc:0e:ee:e1:18:3d:67:74:2b:95:bb:f2:
17:21:e3:6b:59:c3:bc:e5:f0:05:da:fa:79:5d:22:
97:58:c9:82:db:e6:f9:b5:29:90:dc:6b:e5:91:68:
06:13:33:3f:44:ef:ed:bd:18:28:e2:1e:5f:33:ed:
98:9e:e3:c0:b1:38:14:62:02:6b:e5:9c:a8:d3:fa:
9c:0e:2f:8a:eb:49:17:e4:d2:9b:0d:18:29:6f:f5:
28:a0:0e:24:d7:cb:12:0a:56:7b:cf:57:5e:8d:27:
a1:f5:a2:64:9f:81:a1:50:98:1a:5c:9b:d9:01:89:
83:74:47:0d:54:26:a4:54:a5:6b:d9:83:3f:10:5e:
2c:1c:d9:76:3c:40:ca:93:ae:74:bf:74:f3:11:ba:
51:0e:ef:ec:4e:cd:56:b9:9c:d9:84:78:0d:35:1c:
93:63:cb:1a:77:74:02:cd:18:8f:4b:4e:71:02:6c:
d5:a6:63:a3:49:8a:56:5e:19:77:37:36:68:3e:fe:
cc:79:ca:fa:94:be:d0:ee:b6:a4:2c:9c:e3:02:ed:
ea:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:5B:41:92:66:33:D9:64:02:62:00:D2:43:99:FA:47:36:D4:C8:4C
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/j1tBkmYz2WQCYgDSQ5n6RzbUyEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.218.224.0/24
Signature Algorithm: sha256WithRSAEncryption
28:45:88:65:3e:94:fe:4b:97:89:cd:9a:56:5e:91:d1:6d:1b:
c2:b3:f5:06:c8:63:ff:18:47:bd:2c:0d:d8:af:97:0d:63:b9:
ba:f5:94:22:96:20:bd:bf:0d:74:94:d9:01:2d:f5:1f:6a:10:
c0:ca:c8:bd:dc:a0:df:77:9b:79:03:4e:10:05:90:2e:f7:83:
d2:e0:0e:24:d4:4a:f0:3e:22:7e:23:4e:0f:07:a4:f8:f4:ef:
1e:ae:8e:b4:ae:ce:62:11:5e:56:33:ec:48:cd:67:f2:1b:8f:
0a:25:39:6f:5f:ce:c8:f1:67:d9:36:0b:65:6b:cc:e1:74:ed:
d0:99:79:f6:b6:5c:57:30:bc:62:a5:94:9a:d8:2f:cd:76:31:
d7:f7:05:66:1f:7a:38:c3:d0:eb:0d:78:2f:d3:71:72:0b:d2:
12:89:40:5e:05:e4:f9:87:40:3b:c0:8e:7f:5b:54:53:ee:19:
36:0e:72:b4:c4:d2:32:5d:94:05:06:13:8b:93:c3:3c:bc:28:
13:45:c0:ae:08:f3:4f:fa:fb:21:65:36:c6:d8:e9:14:b0:cc:
03:c7:3d:ad:3d:fe:d5:29:6e:56:d4:9a:f1:c5:54:08:12:3f:
49:f9:5a:6b:bd:25:1c:db:52:3b:80:66:f1:bd:34:29:e3:6b:
e7:8e:cc:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZDb+JNjrEqu+MJGoz6+Nn25MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNzIyMTk0MzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjViNDE5MjY2MzNkOTY0MDI2MjAwZDI0Mzk5ZmE0NzM2ZDRjODRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9wyv290TPxbgx6xE3uan7PTnGsF
Fp/PP8jI0y1kAzDCOA/KDPOMW5Z7uluSYQe8Du7hGD1ndCuVu/IXIeNrWcO85fAF
2vp5XSKXWMmC2+b5tSmQ3GvlkWgGEzM/RO/tvRgo4h5fM+2YnuPAsTgUYgJr5Zyo
0/qcDi+K60kX5NKbDRgpb/UooA4k18sSClZ7z1dejSeh9aJkn4GhUJgaXJvZAYmD
dEcNVCakVKVr2YM/EF4sHNl2PEDKk650v3TzEbpRDu/sTs1WuZzZhHgNNRyTY8sa
d3QCzRiPS05xAmzVpmOjSYpWXhl3NzZoPv7Mecr6lL7Q7rakLJzjAu3qbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI9bQZJmM9lkAmIA0kOZ+kc21MhMMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvajF0QmttWXoyV1FDWWdEU1E1bjZSemJVeUV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1drgMA0G
CSqGSIb3DQEBCwUAA4IBAQAoRYhlPpT+S5eJzZpWXpHRbRvCs/UGyGP/GEe9LA3Y
r5cNY7m69ZQiliC9vw10lNkBLfUfahDAysi93KDfd5t5A04QBZAu94PS4A4k1Erw
PiJ+I04PB6T49O8ero60rs5iEV5WM+xIzWfyG48KJTlvX87I8WfZNgtla8zhdO3Q
mXn2tlxXMLxipZSa2C/NdjHX9wVmH3o4w9DrDXgv03FyC9ISiUBeBeT5h0A7wI5/
W1RT7hk2DnK0xNIyXZQFBhOLk8M8vCgTRcCuCPNP+vshZTbG2OkUsMwDxz2tPf7V
KW5W1JrxxVQIEj9J+VprvSUc21I7gGbxvTQp42vnjsxF
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:09:18 2025 by rpki-client