Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/v8VZ559Xy6FXumvjTdarmJl5kTI.roa
File: v8VZ559Xy6FXumvjTdarmJl5kTI.roa (raw, json)
Hash identifier: bcOaRPzV53U2QubKlapvHCm5PJvT1rNi7KpsmsOE4Rc=
Subject key identifier: BF:C5:59:E7:9F:57:CB:A1:57:BA:6B:E3:4D:D6:AB:98:99:79:91:32
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01942143F790DF8DCADEAA8E291AFC275E93
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/v8VZ559Xy6FXumvjTdarmJl5kTI.roa
Signing time: Wed 01 Jan 2025 09:48:09 +0000
ROA not before: Wed 01 Jan 2025 09:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 138195
IP address blocks: 213.218.208.0/24 maxlen: 24
213.218.215.0/24 maxlen: 24
213.218.232.0/24 maxlen: 24
213.218.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 10:30:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:f7:90:df:8d:ca:de:aa:8e:29:1a:fc:27:5e:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bfc559e79f57cba157ba6be34dd6ab9899799132
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:d5:f1:91:18:b9:9c:f6:ae:17:a9:2a:e1:b9:
6d:f3:ac:bf:44:f8:72:78:a5:df:ea:02:fe:b3:97:
56:b3:9a:14:69:94:ee:bc:7b:b2:1b:c3:4d:64:1e:
6b:07:23:83:f1:94:77:ea:b7:9d:25:a1:5f:4c:bf:
71:f7:1a:e3:c0:fd:9d:d1:67:9f:fa:da:d6:7f:0f:
0f:58:b3:de:35:00:95:ce:ff:e8:60:64:8c:fa:d7:
12:9d:40:55:4f:21:0d:8e:4e:94:56:aa:cb:e0:51:
e6:92:82:76:5f:ad:78:a0:ff:ab:1e:14:e3:4b:4a:
a4:ff:ea:38:e1:85:f6:83:02:c6:9d:bd:14:32:32:
50:d5:01:cf:f3:f3:e1:1f:c4:f7:1f:be:73:ef:f3:
af:7d:a2:b8:07:fe:ac:53:6a:a2:f2:db:19:9f:5c:
3f:75:a7:2d:18:6d:3a:fa:6b:55:ba:0a:61:bc:16:
47:6f:70:22:48:94:40:a7:ce:14:31:a6:30:3e:d5:
c1:d2:2d:c8:6b:37:fb:27:29:bb:c2:f9:aa:77:f4:
7c:8a:20:11:e4:b8:73:a2:42:a7:c8:45:78:31:dd:
f7:36:a2:4f:a8:61:0a:f1:5f:f5:64:f7:e6:f0:0f:
67:56:33:41:f9:81:74:7a:b7:4f:0e:65:a1:b9:7f:
d3:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:C5:59:E7:9F:57:CB:A1:57:BA:6B:E3:4D:D6:AB:98:99:79:91:32
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/v8VZ559Xy6FXumvjTdarmJl5kTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.218.208.0/24
213.218.215.0/24
213.218.232.0/24
213.218.235.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:ac:e0:e6:21:02:55:86:55:34:b5:3a:68:ff:d0:4a:43:2c:
12:d8:33:36:f6:0e:c0:c5:50:c0:9a:b7:4d:a5:a2:27:89:2c:
60:46:d3:1d:34:2e:fd:52:fa:99:a8:4c:a2:e3:7e:26:80:38:
3a:15:74:21:51:c5:13:ff:87:7d:39:72:5b:82:33:9c:dc:28:
9e:f7:ee:45:45:04:dc:3e:c1:18:55:53:07:07:24:ae:5e:96:
31:13:de:2b:31:32:67:0e:40:a0:70:96:3c:d5:cb:ac:39:ad:
6e:d7:d8:dc:74:e2:12:e5:50:d4:75:27:ef:22:6d:fd:c6:92:
c1:21:4a:c6:58:cb:22:6f:52:c4:09:24:08:91:69:d9:41:74:
0e:50:c7:09:e1:10:94:a8:e8:65:0c:2f:76:8d:6a:89:5e:3e:
f0:8e:89:3d:ee:25:6a:95:39:8e:32:66:2f:06:0a:5b:a8:dd:
3b:2a:f3:b8:04:38:41:c6:74:7c:04:d0:6d:a2:6f:06:60:df:
0f:3f:64:d4:f5:11:56:d7:4e:6e:98:31:6f:00:13:ef:c8:79:
a1:3e:9b:47:18:e8:06:ac:c0:7f:de:bf:bf:1a:4b:32:5f:3b:
60:e4:9d:ad:ce:2a:65:0c:fc:eb:61:f8:ab:a7:4b:fe:5e:3f:
09:c8:d5:18
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQhQ/eQ343K3qqOKRr8J16TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmM1NTllNzlmNTdjYmExNTdiYTZiZTM0ZGQ2YWI5ODk5Nzk5MTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldXxkRi5nPauF6kq4blt86y/RPhy
eKXf6gL+s5dWs5oUaZTuvHuyG8NNZB5rByOD8ZR36redJaFfTL9x9xrjwP2d0Wef
+trWfw8PWLPeNQCVzv/oYGSM+tcSnUBVTyENjk6UVqrL4FHmkoJ2X614oP+rHhTj
S0qk/+o44YX2gwLGnb0UMjJQ1QHP8/PhH8T3H75z7/OvfaK4B/6sU2qi8tsZn1w/
dactGG06+mtVugphvBZHb3AiSJRAp84UMaYwPtXB0i3Iazf7Jym7wvmqd/R8iiAR
5LhzokKnyEV4Md33NqJPqGEK8V/1ZPfm8A9nVjNB+YF0erdPDmWhuX/T0wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFL/FWeefV8uhV7pr403Wq5iZeZEyMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdjhWWjU1OVh5NkZYdW12alRkYXJtSmw1a1RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQA1drQAwQA
1drXAwQA1droAwQA1drrMA0GCSqGSIb3DQEBCwUAA4IBAQAerODmIQJVhlU0tTpo
/9BKQywS2DM29g7AxVDAmrdNpaIniSxgRtMdNC79UvqZqEyi434mgDg6FXQhUcUT
/4d9OXJbgjOc3Cie9+5FRQTcPsEYVVMHBySuXpYxE94rMTJnDkCgcJY81cusOa1u
19jcdOIS5VDUdSfvIm39xpLBIUrGWMsib1LECSQIkWnZQXQOUMcJ4RCUqOhlDC92
jWqJXj7wjok97iVqlTmOMmYvBgpbqN07KvO4BDhBxnR8BNBtom8GYN8PP2TU9RFW
105umDFvABPvyHmhPptHGOgGrMB/3r+/GksyXztg5J2tziplDPzrYfirp0v+Xj8J
yNUY
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:16:12 2025 by rpki-client