Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xo3bInlpptF8Th50MKKgMz5Qxnc.roa
File: xo3bInlpptF8Th50MKKgMz5Qxnc.roa (raw, json)
Hash identifier: ioETu53UECA4ww6gDXB+/zLJlp+ai/FFszEZusdFP0M=
Subject key identifier: C6:8D:DB:22:79:69:A6:D1:7C:4E:1E:74:30:A2:A0:33:3E:50:C6:77
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0193841776292FED416CBDE1502AB77377A1
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xo3bInlpptF8Th50MKKgMz5Qxnc.roa
Signing time: Sun 01 Dec 2024 21:19:10 +0000
ROA not before: Sun 01 Dec 2024 21:19:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215287
IP address blocks: 213.152.43.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:84:17:76:29:2f:ed:41:6c:bd:e1:50:2a:b7:73:77:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 1 21:19:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c68ddb227969a6d17c4e1e7430a2a0333e50c677
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b6:2b:bd:25:6a:ee:d9:53:b5:85:e0:4a:c4:
77:6e:07:f8:a9:c5:6d:73:70:f1:b7:70:76:59:78:
9c:73:6d:45:f0:91:12:82:83:83:3a:0d:11:77:99:
b7:49:95:2c:9f:0a:f1:31:79:d5:4d:04:d0:ef:7c:
37:66:60:ac:ac:92:1a:5b:c9:01:88:66:24:5f:54:
cc:4d:7a:9e:04:5f:f7:25:18:a3:3c:a5:48:1f:cc:
64:34:6c:81:a4:f1:b4:72:5d:f2:9e:43:ef:bf:dd:
cf:07:af:6a:ec:a9:22:52:f8:3d:25:81:81:e9:36:
a2:e5:2e:ee:ef:f3:47:48:df:0c:f9:49:91:94:f9:
02:be:cc:ed:b1:b4:ad:47:38:19:7f:f2:78:96:1e:
2e:1d:0c:79:73:1c:09:64:77:4c:29:9a:40:93:9b:
07:48:f2:89:71:e5:ed:c2:90:6c:b5:5f:4e:35:1e:
b1:60:0c:07:6a:91:ba:4d:60:40:5f:a8:c8:ba:e4:
17:52:c2:21:52:a8:08:17:57:1b:b9:c6:9a:b2:ab:
2b:3b:7a:b2:ee:1c:b8:80:47:12:39:62:c6:c1:61:
69:af:ab:78:cb:f3:52:98:50:e5:25:da:3d:b9:33:
f8:85:f8:32:f1:37:0a:c6:8d:00:c4:90:c0:02:f4:
3b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:8D:DB:22:79:69:A6:D1:7C:4E:1E:74:30:A2:A0:33:3E:50:C6:77
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xo3bInlpptF8Th50MKKgMz5Qxnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.152.43.0/24
Signature Algorithm: sha256WithRSAEncryption
35:ea:20:6f:b2:f5:4f:28:71:cf:a0:41:bb:59:8a:2a:51:4e:
36:4f:a0:ee:70:cd:7f:ce:e9:3e:72:30:b1:7a:09:30:44:a9:
93:ec:ea:68:cb:63:69:9b:5c:67:38:12:5d:5b:2e:6a:28:5a:
30:da:b6:be:52:3b:9f:93:74:d7:6b:c4:f2:05:74:c9:37:e6:
b2:1d:70:71:11:b6:98:74:a1:63:2f:12:ae:8c:9d:d5:97:3f:
20:dc:f8:0d:73:43:83:dc:36:4c:0a:53:a5:69:e0:77:9a:52:
89:7b:df:b3:6b:73:89:c4:f7:b1:53:32:bc:13:77:c1:c5:a6:
17:d1:3a:83:7f:d4:c2:79:7f:92:a3:22:43:0b:85:af:78:76:
43:f2:9e:ae:a1:df:6c:e8:a2:f1:c0:b1:fe:b8:51:09:a3:2a:
cf:4b:6d:0b:c5:21:3e:fa:73:81:d3:e2:a1:82:5a:85:75:77:
5a:cc:d6:f9:fb:c7:bd:46:83:89:92:ee:44:e3:c2:83:4e:49:
dc:c0:87:fd:cb:e1:c9:df:ed:fb:02:98:e3:df:0a:9c:7f:92:
5c:39:a7:4d:a3:4d:40:4c:35:5e:02:ab:cf:b5:86:66:14:12:
1d:3a:ac:70:83:b8:65:4c:b1:08:0b:e4:c7:81:fc:e4:60:3a:
dd:09:22:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOEF3YpL+1BbL3hUCq3c3ehMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMjAxMjExOTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjhkZGIyMjc5NjlhNmQxN2M0ZTFlNzQzMGEyYTAzMzNlNTBjNjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrYrvSVq7tlTtYXgSsR3bgf4qcVt
c3Dxt3B2WXicc21F8JESgoODOg0Rd5m3SZUsnwrxMXnVTQTQ73w3ZmCsrJIaW8kB
iGYkX1TMTXqeBF/3JRijPKVIH8xkNGyBpPG0cl3ynkPvv93PB69q7KkiUvg9JYGB
6Tai5S7u7/NHSN8M+UmRlPkCvsztsbStRzgZf/J4lh4uHQx5cxwJZHdMKZpAk5sH
SPKJceXtwpBstV9ONR6xYAwHapG6TWBAX6jIuuQXUsIhUqgIF1cbucaasqsrO3qy
7hy4gEcSOWLGwWFpr6t4y/NSmFDlJdo9uTP4hfgy8TcKxo0AxJDAAvQ7swIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMaN2yJ5aabRfE4edDCioDM+UMZ3MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEveG8zYklubHBwdEY4VGg1ME1LS2dNejVReG5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1ZgrMA0G
CSqGSIb3DQEBCwUAA4IBAQA16iBvsvVPKHHPoEG7WYoqUU42T6DucM1/zuk+cjCx
egkwRKmT7Opoy2Npm1xnOBJdWy5qKFow2ra+Ujufk3TXa8TyBXTJN+ayHXBxEbaY
dKFjLxKujJ3Vlz8g3PgNc0OD3DZMClOlaeB3mlKJe9+za3OJxPexUzK8E3fBxaYX
0TqDf9TCeX+SoyJDC4WveHZD8p6uod9s6KLxwLH+uFEJoyrPS20LxSE++nOB0+Kh
glqFdXdazNb5+8e9RoOJku5E48KDTkncwIf9y+HJ3+37Apjj3wqcf5JcOadNo01A
TDVeAqvPtYZmFBIdOqxwg7hlTLEIC+THgfzkYDrdCSKW
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:12:22 2025 by rpki-client