Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/nSZ2D9sRyWGgqqrpYq2Dchek41Y.roa
File: nSZ2D9sRyWGgqqrpYq2Dchek41Y.roa (raw, json)
Hash identifier: pKPmsks5hNRmBsQQNd9K/Y6pfLZHPRa9iHK7Bxwuy2M=
Subject key identifier: 9D:26:76:0F:DB:11:C9:61:A0:AA:AA:E9:62:AD:83:72:17:A4:E3:56
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01942143E5443B76CA450DBF0E46EFC0A0F9
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/nSZ2D9sRyWGgqqrpYq2Dchek41Y.roa
Signing time: Wed 01 Jan 2025 09:48:05 +0000
ROA not before: Wed 01 Jan 2025 09:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49608
IP address blocks: 213.218.208.0/24 maxlen: 24
213.218.215.0/24 maxlen: 24
213.218.232.0/24 maxlen: 24
213.218.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 10:30:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:e5:44:3b:76:ca:45:0d:bf:0e:46:ef:c0:a0:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9d26760fdb11c961a0aaaae962ad837217a4e356
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:fb:5a:69:25:71:51:ba:14:2a:42:50:2c:db:
de:2a:83:86:87:eb:1b:0b:e6:1e:4a:b4:21:c9:cf:
45:d3:0c:40:09:a5:9c:3f:e5:e5:ff:87:b3:f7:e0:
3a:bb:17:b8:bc:93:48:a0:5f:21:d5:85:c2:80:07:
a7:11:51:33:8e:36:fa:99:24:53:4f:15:55:d4:80:
7f:c6:5c:2c:3c:0a:9b:79:30:3d:89:d3:f3:c3:e1:
4a:05:20:b0:24:7e:4a:81:33:ba:5a:13:36:11:2f:
30:d6:72:92:dd:e5:1a:ec:9d:18:7b:ce:8c:cf:8b:
ea:95:ef:50:26:e7:a8:47:e8:78:41:dc:f7:22:69:
d2:f7:2a:4e:92:9b:95:5b:36:2e:0d:dd:ff:f8:27:
1e:a0:09:ef:79:77:58:4b:bd:bb:7b:f9:c1:83:a2:
e7:51:94:1a:ad:15:4d:7d:46:1e:35:db:0b:70:6c:
fd:34:e8:68:34:a3:6c:06:82:b3:47:30:b8:7a:30:
a8:99:9c:b1:23:f8:76:65:1d:7f:eb:ac:34:67:76:
7d:75:a9:67:99:84:80:94:8b:62:d5:a4:43:ef:cd:
10:f7:da:39:b2:fe:37:29:2e:27:e6:7f:3c:62:84:
fc:5b:59:41:29:2a:9f:85:d0:7f:23:2a:a7:54:5e:
71:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:26:76:0F:DB:11:C9:61:A0:AA:AA:E9:62:AD:83:72:17:A4:E3:56
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/nSZ2D9sRyWGgqqrpYq2Dchek41Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.218.208.0/24
213.218.215.0/24
213.218.232.0/24
213.218.235.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:f0:25:29:86:7d:ec:5d:3b:01:ac:be:76:c0:d3:3f:fe:b2:
e0:d4:3c:41:3d:5e:c4:56:14:c9:e3:86:07:99:1d:8b:06:12:
25:f3:6f:a1:4d:f7:8f:30:76:8d:9c:d0:9f:7b:0c:10:36:f2:
dc:05:ad:c2:a7:06:0d:cf:f6:2f:5e:e3:04:b0:9a:a4:ff:59:
18:9e:48:f5:dd:24:f3:89:74:32:33:c3:fc:45:f6:9c:74:16:
da:d1:69:c7:55:01:50:3c:87:3d:5b:a7:c7:ad:4a:2c:e3:51:
a9:8c:bc:74:71:4c:e3:c9:f4:b2:77:d6:a4:a4:a3:67:68:cd:
c2:f9:b7:e9:8c:20:b6:11:df:58:a4:b3:24:9f:48:64:73:e9:
d0:07:2f:6f:fc:40:44:7b:f7:cb:be:89:79:c1:a0:d3:2a:0e:
2c:f0:87:11:d3:7a:b7:9c:48:75:df:47:8d:60:a9:ea:fb:ff:
72:9c:a3:fa:61:79:d5:f5:41:b7:3d:50:e7:26:ff:ad:c1:ee:
60:d3:8a:49:60:68:da:67:8a:b5:56:de:57:ac:c8:7a:22:97:
5b:25:c0:06:9c:81:14:bb:3e:8e:a4:a9:17:bd:e1:0c:3b:ca:
69:36:fb:e9:15:65:d9:da:1e:21:7e:cc:1f:c9:70:e3:e3:30:
56:a2:ec:9e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQhQ+VEO3bKRQ2/DkbvwKD5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDI2NzYwZmRiMTFjOTYxYTBhYWFhZTk2MmFkODM3MjE3YTRlMzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwftaaSVxUboUKkJQLNveKoOGh+sb
C+YeSrQhyc9F0wxACaWcP+Xl/4ez9+A6uxe4vJNIoF8h1YXCgAenEVEzjjb6mSRT
TxVV1IB/xlwsPAqbeTA9idPzw+FKBSCwJH5KgTO6WhM2ES8w1nKS3eUa7J0Ye86M
z4vqle9QJueoR+h4Qdz3ImnS9ypOkpuVWzYuDd3/+CceoAnveXdYS727e/nBg6Ln
UZQarRVNfUYeNdsLcGz9NOhoNKNsBoKzRzC4ejComZyxI/h2ZR1/66w0Z3Z9daln
mYSAlIti1aRD780Q99o5sv43KS4n5n88YoT8W1lBKSqfhdB/IyqnVF5xhwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJ0mdg/bEclhoKqq6WKtg3IXpONWMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvblNaMkQ5c1J5V0dncXFycFlxMkRjaGVrNDFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQA1drQAwQA
1drXAwQA1droAwQA1drrMA0GCSqGSIb3DQEBCwUAA4IBAQBv8CUphn3sXTsBrL52
wNM//rLg1DxBPV7EVhTJ44YHmR2LBhIl82+hTfePMHaNnNCfewwQNvLcBa3CpwYN
z/YvXuMEsJqk/1kYnkj13STziXQyM8P8RfacdBba0WnHVQFQPIc9W6fHrUos41Gp
jLx0cUzjyfSyd9akpKNnaM3C+bfpjCC2Ed9YpLMkn0hkc+nQBy9v/EBEe/fLvol5
waDTKg4s8IcR03q3nEh130eNYKnq+/9ynKP6YXnV9UG3PVDnJv+twe5g04pJYGja
Z4q1Vt5XrMh6IpdbJcAGnIEUuz6OpKkXveEMO8ppNvvpFWXZ2h4hfswfyXDj4zBW
ouye
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:03:45 2025 by rpki-client