Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/1-skzilXEzMuVAMRRnWgBeyRv28A.roa
File: 1-skzilXEzMuVAMRRnWgBeyRv28A.roa (raw, json)
Hash identifier: 8zhR9VA+DXtbAm8Mi7riRUoFscRkT+tsCiVQZtzbiDs=
Subject key identifier: FA:C9:33:8A:55:C4:CC:CB:95:00:C4:51:9D:68:01:7B:24:6F:DB:C0
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 019117E933BE136E5446E6399A5DB94DA507
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/1-skzilXEzMuVAMRRnWgBeyRv28A.roa
Signing time: Sat 03 Aug 2024 11:04:04 +0000
ROA not before: Sat 03 Aug 2024 11:04:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44620
IP address blocks: 213.182.196.0/24 maxlen: 24
213.182.198.0/24 maxlen: 24
213.182.200.0/24 maxlen: 24
213.182.203.0/24 maxlen: 24
213.182.204.0/24 maxlen: 24
213.182.206.0/24 maxlen: 24
213.182.208.0/24 maxlen: 24
213.182.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Aug 2024 08:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:17:e9:33:be:13:6e:54:46:e6:39:9a:5d:b9:4d:a5:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Aug 3 11:04:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fac9338a55c4cccb9500c4519d68017b246fdbc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f9:7e:d3:84:01:32:36:e4:64:ae:c8:a5:06:
ed:12:66:e3:91:40:93:a8:c4:eb:2e:33:9c:90:99:
e4:79:89:3d:89:d2:9c:38:3d:c3:78:4e:5d:4a:a2:
65:87:fc:60:85:d0:ba:27:78:0b:ce:36:61:90:66:
82:bc:1a:80:c0:b4:fc:ac:a8:78:d1:26:4a:2d:4a:
6d:01:53:8f:ee:25:6f:e2:bc:7c:94:3f:2d:96:35:
7d:a3:69:f6:d2:0c:b3:9c:77:bb:11:80:c4:4e:03:
f4:03:d0:57:1b:be:0a:a1:d0:da:42:8b:cb:2f:0a:
de:a8:fa:88:a7:58:8e:79:78:c5:98:7b:69:c3:3a:
ce:05:60:81:a5:fc:1e:d9:84:2f:ee:a8:48:e2:d6:
d6:bd:e1:e6:49:48:6d:2b:4a:7c:ec:a7:1b:8a:79:
d0:a8:16:15:fc:a5:f7:40:08:64:69:43:4b:95:fa:
92:07:fb:56:11:dc:97:9b:fd:54:9d:1e:4b:35:a0:
8f:b0:c1:a9:43:3f:82:98:09:e7:18:6b:e3:ba:13:
56:9d:fa:15:6f:b9:1d:5c:71:82:de:9a:bf:7c:c1:
28:2f:a5:f8:32:cd:dc:f0:b9:ed:c4:dc:ac:c3:e7:
9d:d7:70:66:02:4e:cd:4d:70:a8:aa:90:3f:80:88:
fa:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:C9:33:8A:55:C4:CC:CB:95:00:C4:51:9D:68:01:7B:24:6F:DB:C0
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/1-skzilXEzMuVAMRRnWgBeyRv28A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.182.196.0/24
213.182.198.0/24
213.182.200.0/24
213.182.203.0-213.182.204.255
213.182.206.0/24
213.182.208.0/23
Signature Algorithm: sha256WithRSAEncryption
15:97:0c:48:51:ad:26:d2:f4:11:09:e2:53:35:12:0f:85:15:
01:73:2a:ad:57:b8:c0:f1:5f:da:b9:ba:98:2d:3d:bb:fa:f8:
29:a2:e7:34:1b:1c:dc:39:49:89:d9:f7:ee:a5:53:85:2e:39:
72:6a:57:22:d0:65:db:09:0a:9b:89:71:28:0c:a8:79:23:fc:
32:0a:7e:0c:35:c8:05:07:98:25:4a:c5:4c:39:59:86:38:b2:
df:79:1c:55:af:a1:7d:eb:ed:18:cf:8b:ee:dc:25:e2:02:57:
df:c9:e3:be:da:2f:de:2b:5b:2a:8a:49:9b:05:f3:2f:e9:3e:
37:3f:7d:52:77:e8:48:8e:d6:c2:7f:4d:07:c3:46:23:cd:bf:
e6:0a:02:ca:48:9e:70:35:ba:84:c1:83:8d:59:e9:a5:49:9c:
ca:62:f1:f6:05:4c:30:b0:49:86:02:66:9f:99:15:25:3e:62:
72:69:f1:45:4a:12:4c:a1:eb:31:4b:8d:da:a1:52:b9:74:e2:
0b:62:ca:ec:64:83:13:6a:51:a2:f1:8e:46:1a:10:37:57:f2:
37:9d:be:55:25:c7:c9:9d:b0:63:0d:21:60:a4:32:b0:a6:ac:
b8:2b:e9:44:f2:8d:0b:3f:5e:31:44:97:2b:f9:41:ac:b7:f3:
00:78:51:4b
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZEX6TO+E25URuY5ml25TaUHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjQwODAzMTEwNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWM5MzM4YTU1YzRjY2NiOTUwMGM0NTE5ZDY4MDE3YjI0NmZkYmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivl+04QBMjbkZK7IpQbtEmbjkUCT
qMTrLjOckJnkeYk9idKcOD3DeE5dSqJlh/xghdC6J3gLzjZhkGaCvBqAwLT8rKh4
0SZKLUptAVOP7iVv4rx8lD8tljV9o2n20gyznHe7EYDETgP0A9BXG74KodDaQovL
LwreqPqIp1iOeXjFmHtpwzrOBWCBpfwe2YQv7qhI4tbWveHmSUhtK0p87KcbinnQ
qBYV/KX3QAhkaUNLlfqSB/tWEdyXm/1UnR5LNaCPsMGpQz+CmAnnGGvjuhNWnfoV
b7kdXHGC3pq/fMEoL6X4Ms3c8LntxNysw+ed13BmAk7NTXCoqpA/gIj6JwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFPrJM4pVxMzLlQDEUZ1oAXskb9vAMB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvMS1za3ppbFhFek11VkFNUlJuV2dCZXlSdjI4QS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTAvMDI1ZWU4LTNmNDctNDU3ZC04ZDQ3LTllNDEzZWJmNDJm
My8xL1piZldhWmcxdi1tb0NCMzhFVTN4djIwaFhhYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBFBggrBgEFBQcBBwEB/wQ2MDQwMgQCAAEwLAMEANW2xAME
ANW2xgMEANW2yDAMAwQA1bbLAwQA1bbMAwQA1bbOAwQB1bbQMA0GCSqGSIb3DQEB
CwUAA4IBAQAVlwxIUa0m0vQRCeJTNRIPhRUBcyqtV7jA8V/aubqYLT27+vgpouc0
GxzcOUmJ2ffupVOFLjlyalci0GXbCQqbiXEoDKh5I/wyCn4MNcgFB5glSsVMOVmG
OLLfeRxVr6F96+0Yz4vu3CXiAlffyeO+2i/eK1sqikmbBfMv6T43P31Sd+hIjtbC
f00Hw0Yjzb/mCgLKSJ5wNbqEwYONWemlSZzKYvH2BUwwsEmGAmafmRUlPmJyafFF
ShJMoesxS43aoVK5dOILYsrsZIMTalGi8Y5GGhA3V/I3nb5VJcfJnbBjDSFgpDKw
pqy4K+lE8o0LP14xRJcr+UGst/MAeFFL
-----END CERTIFICATE-----
Generated at Mon Aug 5 11:00:26 2024 by rpki-client on console-fra.rpki-client.org