Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/c3174a-a794-44ee-8d26-bc5b69144587/1/V1tG4JI2TgfiCHsTVskquJH5BLY.roa
File: V1tG4JI2TgfiCHsTVskquJH5BLY.roa (raw, json)
Hash identifier: iKJQs6KwQhs+3bS0fSbmtx1gBkdqrdjSmyBNUtOoR/A=
Subject key identifier: 57:5B:46:E0:92:36:4E:07:E2:08:7B:13:56:C9:2A:B8:91:F9:04:B6
Certificate issuer: /CN=af0dc12b0f1b533d8d04ec6117d6b9e512fcaa9f
Certificate serial: 018EE0FEED3FFD97273FB5E9A02DA4353126
Authority key identifier: AF:0D:C1:2B:0F:1B:53:3D:8D:04:EC:61:17:D6:B9:E5:12:FC:AA:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rw3BKw8bUz2NBOxhF9a55RL8qp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/c3174a-a794-44ee-8d26-bc5b69144587/1/V1tG4JI2TgfiCHsTVskquJH5BLY.roa
Signing time: Mon 15 Apr 2024 09:03:06 +0000
ROA not before: Mon 15 Apr 2024 09:03:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34762
IP address blocks: 213.158.88.0/23 maxlen: 24
213.158.90.0/23 maxlen: 24
213.158.92.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 17 Oct 2024 10:10:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e0:fe:ed:3f:fd:97:27:3f:b5:e9:a0:2d:a4:35:31:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af0dc12b0f1b533d8d04ec6117d6b9e512fcaa9f
Validity
Not Before: Apr 15 09:03:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=575b46e092364e07e2087b1356c92ab891f904b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:45:e6:f3:17:4a:20:b3:9a:da:2e:3d:54:3b:
70:2d:2a:a9:e3:6d:7c:c1:a7:e5:d1:76:42:2d:af:
81:19:35:91:1a:c2:69:d9:86:b0:75:81:04:17:8b:
ae:87:88:bd:cd:6a:f3:d3:c3:c4:e2:a3:37:69:3d:
8e:61:80:d0:02:09:f4:fa:ca:9d:af:f0:b8:c7:b9:
d1:0f:d6:bf:bb:a3:cc:35:c0:c8:d2:7e:9c:f9:3c:
d7:c6:f6:92:c8:80:ea:1c:aa:3b:a3:c2:3e:63:36:
fd:5f:3c:c4:13:37:8b:f9:a8:75:98:c5:d6:01:14:
fe:ff:e7:15:42:d7:16:c0:5a:a2:18:93:70:77:24:
4a:35:cf:fa:20:21:c2:1d:b8:26:6b:03:97:ee:17:
e3:2e:19:d7:22:55:aa:d5:52:a4:87:e7:be:81:35:
65:9e:44:aa:85:e5:e1:0f:27:a1:90:24:85:2f:7c:
8e:0a:92:91:00:b5:f3:0c:71:c5:01:c9:62:1a:35:
e7:f5:34:fb:7c:ad:d3:ce:f7:92:b2:fd:39:66:18:
94:7d:e3:ff:45:2a:4a:1c:76:62:a4:2d:58:d4:45:
20:aa:8b:f2:05:2c:57:10:0d:fd:90:8a:9a:e7:b2:
2d:0e:91:8d:60:a4:fc:f6:70:05:53:58:5a:06:77:
af:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:5B:46:E0:92:36:4E:07:E2:08:7B:13:56:C9:2A:B8:91:F9:04:B6
X509v3 Authority Key Identifier:
keyid:AF:0D:C1:2B:0F:1B:53:3D:8D:04:EC:61:17:D6:B9:E5:12:FC:AA:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rw3BKw8bUz2NBOxhF9a55RL8qp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/c3174a-a794-44ee-8d26-bc5b69144587/1/V1tG4JI2TgfiCHsTVskquJH5BLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/c3174a-a794-44ee-8d26-bc5b69144587/1/rw3BKw8bUz2NBOxhF9a55RL8qp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.158.88.0/21
Signature Algorithm: sha256WithRSAEncryption
59:5d:3c:84:e0:11:d5:d0:df:70:d1:29:b9:9c:29:59:2c:1d:
9e:6f:e5:4a:ea:71:61:a8:bd:65:a9:ff:ee:3f:15:e3:c9:04:
55:3c:26:e1:7e:a6:a3:bb:d0:81:3d:32:bd:b5:d3:d8:25:1b:
04:0d:51:c7:35:cc:e8:c0:a6:9d:09:9c:a8:35:c8:bb:cb:98:
13:b0:4a:ff:1c:11:bb:53:56:1e:5f:eb:6d:1c:75:17:0a:7b:
69:7c:66:92:42:de:5c:6c:b8:e1:f2:b0:9c:bc:a0:fc:0f:ee:
53:54:4e:07:e6:24:03:3c:8e:b0:ac:05:1c:4c:b7:4f:bd:f8:
17:36:79:48:dc:b4:0c:23:cd:b6:7e:0d:da:47:a3:e5:ba:6c:
4e:59:e5:a8:e4:23:62:5c:e8:49:1a:44:dd:32:ed:66:19:c5:
3a:d5:33:c6:09:64:fe:b8:30:01:c6:67:96:85:05:4a:7c:5a:
cd:32:07:28:12:92:68:8b:dd:40:e6:69:60:b1:97:36:6f:2d:
cb:d2:e4:e0:c2:6a:9a:bc:51:5a:a0:eb:24:aa:6a:96:ce:62:
40:dc:e9:39:2c:e7:7c:de:31:17:3f:0a:43:06:db:5f:24:a9:
46:09:c0:43:12:e7:09:ac:07:00:30:e1:27:08:12:c5:15:93:
cf:91:6b:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7g/u0//ZcnP7XpoC2kNTEmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMGRjMTJiMGYxYjUzM2Q4ZDA0ZWM2MTE3ZDZiOWU1MTJm
Y2FhOWYwHhcNMjQwNDE1MDkwMzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzViNDZlMDkyMzY0ZTA3ZTIwODdiMTM1NmM5MmFiODkxZjkwNGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUXm8xdKILOa2i49VDtwLSqp4218
wafl0XZCLa+BGTWRGsJp2YawdYEEF4uuh4i9zWrz08PE4qM3aT2OYYDQAgn0+sqd
r/C4x7nRD9a/u6PMNcDI0n6c+TzXxvaSyIDqHKo7o8I+Yzb9XzzEEzeL+ah1mMXW
ART+/+cVQtcWwFqiGJNwdyRKNc/6ICHCHbgmawOX7hfjLhnXIlWq1VKkh+e+gTVl
nkSqheXhDyehkCSFL3yOCpKRALXzDHHFAcliGjXn9TT7fK3TzveSsv05ZhiUfeP/
RSpKHHZipC1Y1EUgqovyBSxXEA39kIqa57ItDpGNYKT89nAFU1haBnevOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFdbRuCSNk4H4gh7E1bJKriR+QS2MB8GA1UdIwQY
MBaAFK8NwSsPG1M9jQTsYRfWueUS/KqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnczQkt3OGJVejJOQk94aEY5YTU1Ukw4cXA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9jMzE3NGEtYTc5NC00NGVlLThkMjYt
YmM1YjY5MTQ0NTg3LzEvVjF0RzRKSTJUZ2ZpQ0hzVFZza3F1Skg1QkxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9jMzE3NGEtYTc5NC00NGVlLThkMjYtYmM1YjY5MTQ0NTg3
LzEvcnczQkt3OGJVejJOQk94aEY5YTU1Ukw4cXA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD1Z5YMA0G
CSqGSIb3DQEBCwUAA4IBAQBZXTyE4BHV0N9w0Sm5nClZLB2eb+VK6nFhqL1lqf/u
PxXjyQRVPCbhfqaju9CBPTK9tdPYJRsEDVHHNczowKadCZyoNci7y5gTsEr/HBG7
U1YeX+ttHHUXCntpfGaSQt5cbLjh8rCcvKD8D+5TVE4H5iQDPI6wrAUcTLdPvfgX
NnlI3LQMI822fg3aR6PlumxOWeWo5CNiXOhJGkTdMu1mGcU61TPGCWT+uDABxmeW
hQVKfFrNMgcoEpJoi91A5mlgsZc2by3L0uTgwmqavFFaoOskqmqWzmJA3Ok5LOd8
3jEXPwpDBttfJKlGCcBDEucJrAcAMOEnCBLFFZPPkWuO
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:12:05 2025 by rpki-client