Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/CRDfKFZ9tlrhSO4pZEtBnfsnUvI.roa
File: CRDfKFZ9tlrhSO4pZEtBnfsnUvI.roa (raw, json)
Hash identifier: h18BUYY6OfUVLHAm73D9xF/mvIEQDFvnp/1sJeQ68XU=
Subject key identifier: 09:10:DF:28:56:7D:B6:5A:E1:48:EE:29:64:4B:41:9D:FB:27:52:F2
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 019137EA8EC00A5FFC65DA5C86C869F8D7FD
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/CRDfKFZ9tlrhSO4pZEtBnfsnUvI.roa
Signing time: Fri 09 Aug 2024 16:13:24 +0000
ROA not before: Fri 09 Aug 2024 16:13:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44620
IP address blocks: 213.182.196.0/24 maxlen: 24
213.182.197.0/24 maxlen: 24
213.182.198.0/24 maxlen: 24
213.182.200.0/24 maxlen: 24
213.182.203.0/24 maxlen: 24
213.182.204.0/24 maxlen: 24
213.182.206.0/24 maxlen: 24
213.182.208.0/24 maxlen: 24
213.182.209.0/24 maxlen: 24
213.182.217.0/24 maxlen: 24
213.182.219.0/24 maxlen: 24
213.182.220.0/24 maxlen: 24
213.182.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Aug 2024 07:35:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:37:ea:8e:c0:0a:5f:fc:65:da:5c:86:c8:69:f8:d7:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Aug 9 16:13:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0910df28567db65ae148ee29644b419dfb2752f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:1a:06:96:a1:68:08:85:a4:52:a7:3f:2d:c3:
f5:e1:7c:3f:59:6c:1c:42:32:b1:d7:0b:fc:e0:4a:
fb:ff:91:a1:2b:d7:59:e7:28:ee:24:74:60:cb:3e:
48:54:05:9e:16:55:b5:bc:01:5e:99:69:18:bf:be:
40:36:3c:97:90:f7:ea:c8:51:b5:06:71:e1:59:3e:
b2:71:d6:16:7f:17:0d:7d:a8:e4:9a:c6:3d:71:dd:
51:ca:48:ce:03:43:c2:93:06:9b:e0:53:a2:ca:ef:
b6:40:07:5d:86:4d:e0:7d:c3:d0:46:76:7a:8f:e2:
cf:75:14:a3:98:07:32:45:45:1a:43:01:60:91:09:
5d:33:f8:28:30:cb:06:fb:3a:5f:b3:81:d6:6c:f0:
1e:d4:f8:e9:68:e8:63:06:40:ae:0d:b5:f7:b3:c1:
0f:9f:a5:71:97:17:d8:b0:23:e7:ac:41:b2:88:e1:
d4:07:91:d9:b0:1e:e6:e9:e5:a3:ce:0f:eb:d7:1f:
f8:2b:b4:b0:89:63:dc:4a:ae:ac:5c:85:6f:f4:28:
1e:e3:da:e1:81:a1:b3:52:f4:f2:75:a3:cb:a7:97:
4f:c2:d8:93:2c:02:c8:0f:c4:3a:9b:75:bc:07:f4:
72:48:de:fe:fb:66:9f:9f:55:6f:23:5a:b2:6f:aa:
89:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:10:DF:28:56:7D:B6:5A:E1:48:EE:29:64:4B:41:9D:FB:27:52:F2
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/CRDfKFZ9tlrhSO4pZEtBnfsnUvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.182.196.0-213.182.198.255
213.182.200.0/24
213.182.203.0-213.182.204.255
213.182.206.0/24
213.182.208.0/23
213.182.217.0/24
213.182.219.0-213.182.220.255
213.182.223.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:0d:27:0d:79:17:f0:5a:d5:b6:68:7f:75:0e:0e:ea:e9:37:
92:91:dc:a8:52:5e:0d:74:46:24:37:97:f8:24:67:6c:45:e9:
6f:77:d8:cf:4c:79:fe:15:10:a3:cb:14:57:58:d0:cd:95:f8:
50:af:cf:b7:c4:bd:2d:a6:80:5d:2e:39:9c:87:4e:15:a4:17:
ab:04:a3:c0:4c:e0:58:df:b2:8d:c5:01:0e:33:2c:d4:64:37:
8a:e9:a8:ac:8d:12:32:ed:1f:ad:fd:c2:45:19:ac:a4:dc:56:
ee:7c:8f:73:15:38:a9:1a:fd:e0:22:c7:ce:50:a8:74:13:7f:
2a:c7:3a:eb:74:08:4e:3c:0a:9b:27:57:2c:6d:ea:df:ee:f1:
61:2c:8a:9f:db:b6:22:9f:b3:48:f6:9d:97:a2:15:68:1f:e4:
8b:b3:40:0a:da:b3:7c:75:12:5f:8f:a1:16:88:8f:1c:10:eb:
fb:3d:32:c7:80:e8:26:50:09:74:4a:9d:77:57:d2:46:01:ec:
57:88:02:87:3f:83:25:74:a8:4e:a5:2a:99:36:b5:dd:33:e5:
b1:c1:a5:eb:22:a5:11:b8:f5:15:1f:bb:24:32:90:f9:de:93:
d0:17:67:eb:1d:97:96:7c:c9:1b:4e:50:56:91:96:ed:b8:7a:
9a:83:06:fd
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZE36o7ACl/8Zdpchshp+Nf9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjQwODA5MTYxMzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTEwZGYyODU2N2RiNjVhZTE0OGVlMjk2NDRiNDE5ZGZiMjc1MmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRoGlqFoCIWkUqc/LcP14Xw/WWwc
QjKx1wv84Er7/5GhK9dZ5yjuJHRgyz5IVAWeFlW1vAFemWkYv75ANjyXkPfqyFG1
BnHhWT6ycdYWfxcNfajkmsY9cd1RykjOA0PCkwab4FOiyu+2QAddhk3gfcPQRnZ6
j+LPdRSjmAcyRUUaQwFgkQldM/goMMsG+zpfs4HWbPAe1PjpaOhjBkCuDbX3s8EP
n6VxlxfYsCPnrEGyiOHUB5HZsB7m6eWjzg/r1x/4K7SwiWPcSq6sXIVv9Cge49rh
gaGzUvTydaPLp5dPwtiTLALID8Q6m3W8B/RySN7++2afn1VvI1qyb6qJPQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFAkQ3yhWfbZa4UjuKWRLQZ37J1LyMB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvQ1JEZktGWjl0bHJoU080cFpFdEJuZnNuVXZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIMAwDBALVtsQD
BADVtsYDBADVtsgwDAMEANW2ywMEANW2zAMEANW2zgMEAdW20AMEANW22TAMAwQA
1bbbAwQA1bbcAwQA1bbfMA0GCSqGSIb3DQEBCwUAA4IBAQBcDScNeRfwWtW2aH91
Dg7q6TeSkdyoUl4NdEYkN5f4JGdsRelvd9jPTHn+FRCjyxRXWNDNlfhQr8+3xL0t
poBdLjmch04VpBerBKPATOBY37KNxQEOMyzUZDeK6aisjRIy7R+t/cJFGayk3Fbu
fI9zFTipGv3gIsfOUKh0E38qxzrrdAhOPAqbJ1csberf7vFhLIqf27Yin7NI9p2X
ohVoH+SLs0AK2rN8dRJfj6EWiI8cEOv7PTLHgOgmUAl0Sp13V9JGAexXiAKHP4Ml
dKhOpSqZNrXdM+WxwaXrIqURuPUVH7skMpD53pPQF2frHZeWfMkbTlBWkZbtuHqa
gwb9
-----END CERTIFICATE-----
Generated at Mon Aug 12 10:21:01 2024 by rpki-client on console-fra.rpki-client.org