Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/1-iy3CwQ9IzUQFMO-qEKbwwmFkmY.roa
File: 1-iy3CwQ9IzUQFMO-qEKbwwmFkmY.roa (raw, json)
Hash identifier: 70VKYijLS1n+Nu7FljSyjKPadgFYtgkMxsnIA5J+FIU=
Subject key identifier: FA:2C:B7:0B:04:3D:23:35:10:14:C3:BE:A8:42:9B:C3:09:85:92:66
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 019418151D9F5E46C8B81F34E2C70A963AC3
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/1-iy3CwQ9IzUQFMO-qEKbwwmFkmY.roa
Signing time: Mon 30 Dec 2024 15:00:24 +0000
ROA not before: Mon 30 Dec 2024 15:00:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 213.182.198.0/24 maxlen: 24
213.182.205.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:54:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:18:15:1d:9f:5e:46:c8:b8:1f:34:e2:c7:0a:96:3a:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Dec 30 15:00:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa2cb70b043d23351014c3bea8429bc309859266
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c2:77:48:6d:c0:63:08:43:66:99:47:f7:08:
4b:ab:38:43:df:a2:4a:45:9a:c4:05:ed:bf:c1:44:
8b:66:67:a7:0b:2e:76:a5:c8:55:05:61:cf:25:3a:
d8:28:6f:76:15:df:7d:09:2f:8f:40:4f:39:24:82:
53:48:76:77:f6:ca:ec:ea:05:9c:04:4f:27:d8:22:
8b:50:a6:f2:82:b4:14:88:f4:ea:e7:5b:b3:e5:4b:
f5:6f:b0:02:90:d3:53:81:f1:8d:da:f6:54:16:a8:
e8:62:64:03:8b:b7:e9:f4:58:65:52:b8:9e:e9:21:
92:de:c0:b3:d5:32:93:90:8f:11:a9:08:ff:41:28:
22:ac:04:22:da:75:cb:4f:14:72:a4:c2:00:1d:dc:
53:57:7b:54:28:6d:a5:e4:93:99:e3:74:57:50:5c:
65:21:58:30:6f:fd:b4:aa:a1:96:4d:24:81:72:bd:
64:c9:bc:51:32:a1:69:7f:52:94:22:61:42:c8:c1:
4c:80:1f:3b:87:63:2a:55:88:6b:15:ca:7d:6b:78:
38:5a:f8:b9:a6:6e:25:1c:8d:d5:f8:15:ed:1c:8e:
bf:97:3d:50:cc:92:3c:7f:fe:69:e9:c8:ab:b9:e6:
e1:2b:c3:ba:5e:c0:e5:be:fa:52:5f:ee:c1:ba:4d:
2e:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:2C:B7:0B:04:3D:23:35:10:14:C3:BE:A8:42:9B:C3:09:85:92:66
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/1-iy3CwQ9IzUQFMO-qEKbwwmFkmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.182.198.0/24
213.182.205.0/24
Signature Algorithm: sha256WithRSAEncryption
81:e7:d4:3c:38:a6:a2:e7:61:6e:8e:6b:76:90:f8:1a:35:12:
11:f8:a7:f2:d8:25:d8:4f:4c:0b:40:f4:1e:a6:ce:f1:11:75:
45:12:f9:ff:69:0f:a9:04:1a:9e:84:ff:01:fa:58:d1:b8:8f:
36:0f:0d:c8:6d:67:1e:43:b9:e6:22:37:cb:d1:c8:6e:33:a7:
08:4f:29:35:73:f1:be:ff:8e:5b:39:5c:c6:cf:f4:29:a2:c2:
b4:45:e8:df:56:93:0f:dd:13:67:15:dd:22:ab:be:b9:13:27:
b8:fd:ec:e4:a7:76:7a:00:05:24:ad:7f:51:8b:f8:52:7b:54:
93:25:15:3d:32:8d:63:2c:eb:37:96:93:e5:3e:e2:77:79:28:
4a:d7:4b:e7:64:ed:a1:ae:57:a8:2e:37:97:8a:79:5f:a8:62:
02:55:6e:cd:27:e1:07:42:b7:f8:07:ae:ca:b5:84:bf:4a:0d:
b4:2b:df:97:4a:81:2e:9d:80:34:9a:ad:5d:8f:e0:65:21:fb:
ec:9a:d8:a3:55:17:70:93:87:78:9d:f7:2b:f7:8a:f6:e8:bd:
b7:ee:5b:c2:4f:08:f4:f6:7d:5c:4f:a1:83:5d:54:c8:95:3d:
8f:e8:be:e9:9c:c0:79:bc:7d:8c:6a:5b:d2:67:e9:4f:52:6d:
ca:75:96:94
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZQYFR2fXkbIuB804scKljrDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjQxMjMwMTUwMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTJjYjcwYjA0M2QyMzM1MTAxNGMzYmVhODQyOWJjMzA5ODU5MjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8J3SG3AYwhDZplH9whLqzhD36JK
RZrEBe2/wUSLZmenCy52pchVBWHPJTrYKG92Fd99CS+PQE85JIJTSHZ39srs6gWc
BE8n2CKLUKbygrQUiPTq51uz5Uv1b7ACkNNTgfGN2vZUFqjoYmQDi7fp9FhlUrie
6SGS3sCz1TKTkI8RqQj/QSgirAQi2nXLTxRypMIAHdxTV3tUKG2l5JOZ43RXUFxl
IVgwb/20qqGWTSSBcr1kybxRMqFpf1KUImFCyMFMgB87h2MqVYhrFcp9a3g4Wvi5
pm4lHI3V+BXtHI6/lz1QzJI8f/5p6ciruebhK8O6XsDlvvpSX+7Buk0uZQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPostwsEPSM1EBTDvqhCm8MJhZJmMB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvMS1peTNDd1E5SXpVUUZNTy1xRUtid3dtRmttWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTAvMDI1ZWU4LTNmNDctNDU3ZC04ZDQ3LTllNDEzZWJmNDJm
My8xL1piZldhWmcxdi1tb0NCMzhFVTN4djIwaFhhYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEANW2xgME
ANW2zTANBgkqhkiG9w0BAQsFAAOCAQEAgefUPDimoudhbo5rdpD4GjUSEfin8tgl
2E9MC0D0HqbO8RF1RRL5/2kPqQQanoT/AfpY0biPNg8NyG1nHkO55iI3y9HIbjOn
CE8pNXPxvv+OWzlcxs/0KaLCtEXo31aTD90TZxXdIqu+uRMnuP3s5Kd2egAFJK1/
UYv4UntUkyUVPTKNYyzrN5aT5T7id3koStdL52Ttoa5XqC43l4p5X6hiAlVuzSfh
B0K3+AeuyrWEv0oNtCvfl0qBLp2ANJqtXY/gZSH77JrYo1UXcJOHeJ33K/eK9ui9
t+5bwk8I9PZ9XE+hg11UyJU9j+i+6ZzAebx9jGpb0mfpT1JtynWWlA==
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:39:23 2025 by rpki-client