Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/FR06OQNXEiIt9lH7eU7sgEp8GMc.roa
File: FR06OQNXEiIt9lH7eU7sgEp8GMc.roa (raw, json)
Hash identifier: mg1L0FpyKO7DPMVGFiZfg6/kntwj/K0R070JJgGS5IM=
Subject key identifier: 15:1D:3A:39:03:57:12:22:2D:F6:51:FB:79:4E:EC:80:4A:7C:18:C7
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 01938858EFD03EC719F8636618BFDA8FB7D2
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/FR06OQNXEiIt9lH7eU7sgEp8GMc.roa
Signing time: Mon 02 Dec 2024 17:09:10 +0000
ROA not before: Mon 02 Dec 2024 17:09:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6939
IP address blocks: 213.182.207.0/24 maxlen: 24
213.182.208.0/24 maxlen: 24
213.182.209.0/24 maxlen: 24
213.182.211.0/24 maxlen: 24
213.182.216.0/24 maxlen: 24
213.182.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:54:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:88:58:ef:d0:3e:c7:19:f8:63:66:18:bf:da:8f:b7:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Dec 2 17:09:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=151d3a39035712222df651fb794eec804a7c18c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:4b:db:34:e1:25:dd:8a:6a:b2:e0:a4:d5:3f:
07:9b:89:bb:6a:de:25:5b:40:76:de:1b:67:ce:85:
ae:31:4c:d3:b4:06:83:9b:55:fc:c0:3e:0d:18:73:
be:e6:ba:a2:3e:4b:e8:ae:39:0c:8f:bf:0b:93:e4:
e4:34:81:b2:5c:0e:b7:4c:07:e3:39:e3:69:a4:28:
f8:41:ae:86:47:51:08:ad:9b:7f:44:20:7d:ef:e6:
18:df:00:28:2e:7f:c2:22:29:d0:66:72:15:b5:b5:
28:c4:f1:9b:6d:3a:0c:b0:65:a1:3e:f6:5c:92:10:
b7:02:f0:eb:a3:f9:12:e0:02:9b:a4:95:6e:3f:4a:
43:e2:db:39:12:1d:fe:48:18:e1:7b:0d:aa:d4:b1:
2a:c4:f3:eb:91:8b:8d:70:fe:5e:53:d6:10:a4:17:
2c:29:16:02:50:76:a8:a5:b7:b7:e7:7a:be:ea:f4:
a1:0a:78:37:e9:f8:83:d9:17:e1:72:0f:ce:e3:59:
04:3c:0c:14:21:e3:60:2e:9f:a1:67:5c:ff:27:39:
7b:d9:fc:d9:e0:42:46:69:59:f2:af:46:ad:44:49:
0a:58:bb:c1:cb:a1:77:91:bd:b8:30:49:d0:da:b5:
a6:c6:f2:91:bb:a0:35:1a:60:a7:84:cf:a2:11:07:
82:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:1D:3A:39:03:57:12:22:2D:F6:51:FB:79:4E:EC:80:4A:7C:18:C7
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/FR06OQNXEiIt9lH7eU7sgEp8GMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.182.207.0-213.182.209.255
213.182.211.0/24
213.182.216.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:c4:88:d6:c0:9e:9d:e0:0b:21:ce:02:7f:2f:59:33:67:76:
14:a7:9f:5f:ca:70:e8:9f:6b:1e:46:37:b5:83:43:a9:66:04:
42:4a:9f:86:6b:bc:8b:73:62:1c:8f:ed:8e:0b:43:8d:8e:1f:
a5:6a:09:cd:d2:cd:f2:54:d1:9e:60:69:0f:90:37:6b:47:cb:
19:82:86:99:f2:1f:73:c5:11:21:75:78:98:20:7d:c0:2c:09:
39:ef:5c:dd:7d:8a:18:88:a4:04:06:91:94:bf:98:d7:78:bc:
a0:4f:1c:a0:93:3e:01:82:74:4c:b3:4f:4b:ca:d0:a1:e8:a8:
ab:6e:4b:aa:07:85:bf:db:a8:b7:d5:45:e5:95:83:19:2b:05:
d4:b2:20:87:99:5c:b5:2b:1d:ae:a9:56:32:a5:6c:a3:84:0f:
c4:bc:5c:95:01:c5:a2:52:2c:fd:2a:7d:87:10:a9:9f:d7:7d:
39:7e:f5:b6:5c:2c:38:eb:fe:72:38:78:55:0c:90:7b:dd:4d:
9b:ae:32:6a:fb:74:91:32:61:07:b3:e9:71:ca:5b:21:a4:aa:
61:56:5b:66:04:e2:7e:b6:1e:4d:af:01:dd:85:9f:f1:40:49:
6b:b2:a3:49:b2:a8:bc:2e:da:63:86:3a:94:ef:b5:fe:e7:0b:
5f:bb:60:5f
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZOIWO/QPscZ+GNmGL/aj7fSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjQxMjAyMTcwOTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTFkM2EzOTAzNTcxMjIyMmRmNjUxZmI3OTRlZWM4MDRhN2MxOGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9kvbNOEl3YpqsuCk1T8Hm4m7at4l
W0B23htnzoWuMUzTtAaDm1X8wD4NGHO+5rqiPkvorjkMj78Lk+TkNIGyXA63TAfj
OeNppCj4Qa6GR1EIrZt/RCB97+YY3wAoLn/CIinQZnIVtbUoxPGbbToMsGWhPvZc
khC3AvDro/kS4AKbpJVuP0pD4ts5Eh3+SBjhew2q1LEqxPPrkYuNcP5eU9YQpBcs
KRYCUHaopbe353q+6vShCng36fiD2Rfhcg/O41kEPAwUIeNgLp+hZ1z/Jzl72fzZ
4EJGaVnyr0atREkKWLvBy6F3kb24MEnQ2rWmxvKRu6A1GmCnhM+iEQeCqwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBUdOjkDVxIiLfZR+3lO7IBKfBjHMB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvRlIwNk9RTlhFaUl0OWxIN2VVN3NnRXA4R01jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBADVts8D
BAHVttADBADVttMDBAHVttgwDQYJKoZIhvcNAQELBQADggEBAF7EiNbAnp3gCyHO
An8vWTNndhSnn1/KcOifax5GN7WDQ6lmBEJKn4ZrvItzYhyP7Y4LQ42OH6VqCc3S
zfJU0Z5gaQ+QN2tHyxmChpnyH3PFESF1eJggfcAsCTnvXN19ihiIpAQGkZS/mNd4
vKBPHKCTPgGCdEyzT0vK0KHoqKtuS6oHhb/bqLfVReWVgxkrBdSyIIeZXLUrHa6p
VjKlbKOED8S8XJUBxaJSLP0qfYcQqZ/XfTl+9bZcLDjr/nI4eFUMkHvdTZuuMmr7
dJEyYQez6XHKWyGkqmFWW2YE4n62Hk2vAd2Fn/FASWuyo0myqLwu2mOGOpTvtf7n
C1+7YF8=
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:42:17 2025 by rpki-client