Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rZgVN0ggOS9sp_RBgAQ7QSoOPx4.roa
File: rZgVN0ggOS9sp_RBgAQ7QSoOPx4.roa (raw, json)
Hash identifier: az2FprdVg8ZpF5zfNlt7Np+6yyZhtOwfiKoo42Lxu8Y=
Subject key identifier: AD:98:15:37:48:20:39:2F:6C:A7:F4:41:80:04:3B:41:2A:0E:3F:1E
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018EBDF411607EE88F05A0404AF71CDFC6FC
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rZgVN0ggOS9sp_RBgAQ7QSoOPx4.roa
Signing time: Mon 08 Apr 2024 13:44:32 +0000
ROA not before: Mon 08 Apr 2024 13:44:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42927
IP address blocks: 213.210.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Nov 2024 11:11:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:bd:f4:11:60:7e:e8:8f:05:a0:40:4a:f7:1c:df:c6:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 8 13:44:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad9815374820392f6ca7f44180043b412a0e3f1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:89:fa:3d:90:48:04:f6:a3:1c:85:ee:37:64:
63:0b:2c:e9:a1:9b:54:6b:b8:a6:8b:d8:9a:6a:44:
52:53:71:0c:dd:2c:88:de:28:a4:e2:9c:20:47:be:
3e:b3:c2:85:03:07:72:ac:98:29:8c:a8:d0:46:0b:
45:78:29:49:02:eb:08:85:50:35:55:2e:ec:54:ea:
1b:94:fb:bd:ca:d4:96:a5:c0:03:bb:f7:fe:5b:e0:
a4:69:65:e0:a2:ad:d7:b3:31:9a:9e:20:ec:79:15:
e9:e4:e4:c8:97:0b:8d:f0:95:3b:b3:3f:18:e6:ae:
34:e4:54:81:a6:4c:8f:9b:f7:a8:74:d3:35:1e:9e:
40:4a:17:34:f6:6b:f8:07:1a:5a:e7:b3:27:26:ae:
0b:4d:8c:29:77:90:4e:4d:c1:d9:b4:91:51:62:18:
3f:b0:5f:f7:c5:df:29:41:78:87:75:a5:6a:69:f9:
a2:d5:07:41:c1:4b:16:70:bd:c7:c6:b3:9f:34:d9:
d8:14:f1:15:f3:22:99:46:34:b0:fc:96:e5:bd:c7:
08:b9:5a:59:87:c3:32:90:00:0b:3a:c6:0a:8d:a1:
1f:b5:81:b8:04:0b:d0:0f:de:6c:c3:78:30:94:47:
62:eb:e6:0a:87:03:2f:53:ee:24:c5:81:a6:6e:a4:
24:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:98:15:37:48:20:39:2F:6C:A7:F4:41:80:04:3B:41:2A:0E:3F:1E
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rZgVN0ggOS9sp_RBgAQ7QSoOPx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.210.35.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:5e:5d:0c:0f:3c:ca:4f:d7:ad:34:be:44:a3:61:5b:a2:78:
62:be:75:89:57:6e:b2:06:48:b3:26:5f:c6:60:ab:9d:39:7a:
58:18:84:3d:7a:ff:36:8b:36:0d:fe:2d:bf:d5:37:4e:d2:72:
68:92:42:89:03:f9:a5:0b:66:1e:b6:73:1b:f8:a1:d9:98:8e:
15:66:c4:34:7d:c5:96:47:3e:6b:54:11:55:b5:29:e2:93:f3:
f0:48:bc:0b:98:0f:51:d2:af:d3:e5:09:69:c7:7f:7c:c1:de:
0e:96:f0:1b:ed:b5:5f:e2:36:de:42:9d:30:09:ef:26:5c:d1:
9e:c9:e9:6d:49:e6:07:38:75:1b:dc:75:68:98:cd:1a:15:37:
62:e2:d8:4a:77:43:73:6e:e6:2f:3e:01:1a:62:6a:10:56:50:
29:01:47:0c:70:0e:cb:78:2a:d7:44:02:69:fb:a6:58:f3:9c:
ab:79:5e:a3:67:44:39:76:46:08:b0:c6:9a:4b:fa:f5:75:ba:
dc:5f:90:d0:14:bf:14:1d:56:56:56:d3:bb:01:17:4f:5f:e4:
91:d2:af:b0:24:cf:ca:f9:3d:45:b6:f5:9c:ba:2a:d0:76:1f:
1c:3a:2e:40:ca:57:05:58:ed:63:5c:43:81:15:ff:99:1b:2f:
c2:5f:7c:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY699BFgfuiPBaBASvcc38b8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDA4MTM0NDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDk4MTUzNzQ4MjAzOTJmNmNhN2Y0NDE4MDA0M2I0MTJhMGUzZjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYn6PZBIBPajHIXuN2RjCyzpoZtU
a7imi9iaakRSU3EM3SyI3iik4pwgR74+s8KFAwdyrJgpjKjQRgtFeClJAusIhVA1
VS7sVOoblPu9ytSWpcADu/f+W+CkaWXgoq3XszGaniDseRXp5OTIlwuN8JU7sz8Y
5q405FSBpkyPm/eodNM1Hp5AShc09mv4Bxpa57MnJq4LTYwpd5BOTcHZtJFRYhg/
sF/3xd8pQXiHdaVqafmi1QdBwUsWcL3HxrOfNNnYFPEV8yKZRjSw/JblvccIuVpZ
h8MykAALOsYKjaEftYG4BAvQD95sw3gwlEdi6+YKhwMvU+4kxYGmbqQk+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK2YFTdIIDkvbKf0QYAEO0EqDj8eMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvclpnVk4wZ2dPUzlzcF9SQmdBUTdRU29PUHg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1dIjMA0G
CSqGSIb3DQEBCwUAA4IBAQCOXl0MDzzKT9etNL5Eo2FbonhivnWJV26yBkizJl/G
YKudOXpYGIQ9ev82izYN/i2/1TdO0nJokkKJA/mlC2YetnMb+KHZmI4VZsQ0fcWW
Rz5rVBFVtSnik/PwSLwLmA9R0q/T5Qlpx398wd4OlvAb7bVf4jbeQp0wCe8mXNGe
yeltSeYHOHUb3HVomM0aFTdi4thKd0NzbuYvPgEaYmoQVlApAUcMcA7LeCrXRAJp
+6ZY85yreV6jZ0Q5dkYIsMaaS/r1dbrcX5DQFL8UHVZWVtO7ARdPX+SR0q+wJM/K
+T1FtvWcuirQdh8cOi5AylcFWO1jXEOBFf+ZGy/CX3z6
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:32:57 2025 by rpki-client