Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lCbjd3KkCRizOBKvrfSva9EctWo.roa
File: lCbjd3KkCRizOBKvrfSva9EctWo.roa (raw, json)
Hash identifier: m2CrU+IrcbU/vVZl/X97lYpkdM10iKlAosT4KvASxa4=
Subject key identifier: 94:26:E3:77:72:A4:09:18:B3:38:12:AF:AD:F4:AF:6B:D1:1C:B5:6A
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018E7A91E56EAAC196419B706DD4298C9117
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lCbjd3KkCRizOBKvrfSva9EctWo.roa
Signing time: Tue 26 Mar 2024 11:42:45 +0000
ROA not before: Tue 26 Mar 2024 11:42:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211415
IP address blocks: 213.218.242.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Apr 2024 11:28:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7a:91:e5:6e:aa:c1:96:41:9b:70:6d:d4:29:8c:91:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 26 11:42:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9426e37772a40918b33812afadf4af6bd11cb56a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:6e:17:98:b3:e1:8d:18:88:7a:c5:3d:75:3d:
09:ab:b5:52:ea:8f:d9:4d:78:5c:ab:61:1b:eb:1d:
d9:b2:90:14:81:aa:75:d6:1d:fd:12:ec:e0:73:f4:
bb:cd:98:b7:0c:44:13:a6:0a:58:c5:22:70:ba:02:
c4:6f:d3:9a:16:6b:3e:96:f4:93:38:a0:e6:db:fb:
d5:0f:5c:09:c2:d4:c5:1a:93:95:05:e4:20:4b:97:
82:e7:09:94:1a:92:9f:6c:f2:8e:64:55:59:e6:cb:
9d:46:e5:b3:c0:39:40:ce:9c:dc:e5:0b:c2:54:7e:
67:2b:b7:70:d1:88:71:6b:22:46:a9:fc:cf:90:30:
56:ff:6b:eb:23:19:03:e2:d0:2c:7c:a8:0d:ec:ac:
8e:7f:f1:c5:28:32:bc:6c:89:59:4b:54:56:6e:9c:
be:b1:5a:7f:6d:b2:7c:de:c4:be:b1:da:a5:df:82:
21:7b:56:a2:88:93:bb:0d:64:e5:5f:fb:b9:b4:e7:
0b:50:7a:86:5f:a3:13:6c:59:4d:7d:68:ad:f1:a7:
bb:1c:53:ea:99:af:3f:b8:8d:4e:41:e3:84:63:0f:
87:73:8b:e5:58:52:f5:f8:b4:30:42:39:28:cb:79:
0f:f1:61:74:5a:bb:31:ef:a3:8d:70:0c:be:2b:a2:
cf:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:26:E3:77:72:A4:09:18:B3:38:12:AF:AD:F4:AF:6B:D1:1C:B5:6A
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lCbjd3KkCRizOBKvrfSva9EctWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.218.242.0/24
217.145.65.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:6e:a5:c9:6e:3e:7c:2b:df:36:c1:ac:75:ba:da:d3:2e:d1:
ab:03:75:98:36:e7:fc:b6:c3:04:2b:dc:59:13:4a:94:77:7c:
70:e0:77:a7:8f:f2:3e:73:b5:84:2e:f8:46:46:9f:ba:d5:df:
40:87:a2:d5:63:0c:5a:69:13:45:e4:07:08:b9:d3:6c:ab:65:
38:bb:03:74:0b:6e:9b:a0:26:b7:46:80:c6:63:07:d0:97:56:
fc:3a:58:96:d6:6a:2f:a9:51:45:99:17:42:99:4b:e1:70:7f:
27:21:c4:07:36:68:d6:2d:03:82:52:76:5e:93:d2:55:2b:55:
9e:24:10:b4:b2:6b:95:00:d9:4e:cc:49:73:a9:d3:75:27:e3:
e8:e2:f7:21:fc:fa:cb:c2:70:5d:7b:0b:a8:44:85:d8:49:0d:
a0:80:6c:46:b9:d1:f0:e4:67:29:d5:f6:10:22:21:47:25:17:
9e:d0:7d:8c:fb:7f:db:63:9f:6a:97:5f:5c:7b:74:f6:09:77:
e8:ee:17:ea:9f:52:43:5e:82:52:4d:20:ea:8e:a0:04:f1:f9:
12:ea:35:77:e0:e1:a0:4d:2d:78:eb:60:29:ce:39:2f:40:97:
bb:64:bd:d9:3e:45:ea:e8:85:b5:ee:de:12:a5:9e:7c:f5:14:
d8:23:13:c3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY56keVuqsGWQZtwbdQpjJEXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMzI2MTE0MjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDI2ZTM3NzcyYTQwOTE4YjMzODEyYWZhZGY0YWY2YmQxMWNiNTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo24XmLPhjRiIesU9dT0Jq7VS6o/Z
TXhcq2Eb6x3ZspAUgap11h39Euzgc/S7zZi3DEQTpgpYxSJwugLEb9OaFms+lvST
OKDm2/vVD1wJwtTFGpOVBeQgS5eC5wmUGpKfbPKOZFVZ5sudRuWzwDlAzpzc5QvC
VH5nK7dw0YhxayJGqfzPkDBW/2vrIxkD4tAsfKgN7KyOf/HFKDK8bIlZS1RWbpy+
sVp/bbJ83sS+sdql34Ihe1aiiJO7DWTlX/u5tOcLUHqGX6MTbFlNfWit8ae7HFPq
ma8/uI1OQeOEYw+Hc4vlWFL1+LQwQjkoy3kP8WF0Wrsx76ONcAy+K6LPUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJQm43dypAkYszgSr630r2vRHLVqMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbENiamQzS2tDUml6T0JLdnJmU3ZhOUVjdFdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1dryAwQA
2ZFBMA0GCSqGSIb3DQEBCwUAA4IBAQAObqXJbj58K982wax1utrTLtGrA3WYNuf8
tsMEK9xZE0qUd3xw4Henj/I+c7WELvhGRp+61d9Ah6LVYwxaaRNF5AcIudNsq2U4
uwN0C26boCa3RoDGYwfQl1b8OliW1movqVFFmRdCmUvhcH8nIcQHNmjWLQOCUnZe
k9JVK1WeJBC0smuVANlOzElzqdN1J+Po4vch/PrLwnBdewuoRIXYSQ2ggGxGudHw
5Gcp1fYQIiFHJRee0H2M+3/bY59ql19ce3T2CXfo7hfqn1JDXoJSTSDqjqAE8fkS
6jV34OGgTS1462ApzjkvQJe7ZL3ZPkXq6IW17t4SpZ589RTYIxPD
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:19:38 2025 by rpki-client