Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/od7Il_13Nk5_yDVtyaNXCF8VyNs.roa
File: od7Il_13Nk5_yDVtyaNXCF8VyNs.roa (raw, json)
Hash identifier: WLY/3qpyNKvrQJvMOc5CWyzl6TwOHX0c4gTudsITODQ=
Subject key identifier: A1:DE:C8:97:FD:77:36:4E:7F:C8:35:6D:C9:A3:57:08:5F:15:C8:DB
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 01924316508D3C812B648E4AC7D315A87487
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/od7Il_13Nk5_yDVtyaNXCF8VyNs.roa
Signing time: Mon 30 Sep 2024 13:19:48 +0000
ROA not before: Mon 30 Sep 2024 13:19:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6939
IP address blocks: 213.182.205.0/24 maxlen: 24
213.182.206.0/24 maxlen: 24
213.182.207.0/24 maxlen: 24
213.182.208.0/24 maxlen: 24
213.182.209.0/24 maxlen: 24
213.182.211.0/24 maxlen: 24
213.182.216.0/24 maxlen: 24
213.182.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Dec 2024 17:08:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:43:16:50:8d:3c:81:2b:64:8e:4a:c7:d3:15:a8:74:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Sep 30 13:19:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1dec897fd77364e7fc8356dc9a357085f15c8db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:99:27:1d:c1:a8:28:4d:db:74:aa:1b:26:ab:
ae:db:e5:bc:7f:f2:21:5e:05:41:57:b9:ad:a1:8f:
b4:0e:79:39:8e:d9:30:d9:00:c2:38:75:fc:d0:89:
e4:e4:dd:76:c2:59:56:a5:5b:b4:24:68:22:c7:60:
0d:05:85:18:c4:10:df:fa:d7:0e:e5:e0:de:36:16:
0a:a5:01:7a:e5:26:b8:d2:f7:f4:e3:79:ba:8d:fe:
c6:4c:4c:c7:fa:41:91:8b:26:a8:93:35:13:49:fb:
c3:d4:dc:d5:4b:40:c5:ed:74:63:f7:87:ed:6e:cc:
9b:74:92:7d:d5:41:ab:f6:af:d2:d6:71:9f:b9:24:
72:8d:2e:1f:d9:c2:bb:79:2f:60:4e:52:12:c9:ad:
4a:6f:c0:3c:75:70:c2:5c:06:25:84:03:56:2c:ac:
3c:5a:b6:24:b0:9b:25:c1:e3:42:87:f0:4b:4a:69:
b6:f3:f2:3f:05:7f:a1:79:62:40:a4:e4:6a:7a:e8:
ba:5d:07:cd:94:74:ad:d2:a7:18:56:bd:d1:45:fa:
ae:b5:f7:f7:90:d1:06:bf:7b:e2:d0:7a:95:c2:d0:
7e:4a:5e:64:c5:d3:3f:c2:53:e7:56:2f:ef:09:23:
aa:17:25:39:87:8c:58:d2:d5:e1:7e:e9:90:fc:9e:
e5:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:DE:C8:97:FD:77:36:4E:7F:C8:35:6D:C9:A3:57:08:5F:15:C8:DB
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/od7Il_13Nk5_yDVtyaNXCF8VyNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.182.205.0-213.182.209.255
213.182.211.0/24
213.182.216.0/23
Signature Algorithm: sha256WithRSAEncryption
55:96:8a:00:ff:5c:8c:7e:57:f5:42:d9:c1:55:12:1c:9a:0f:
46:40:a3:77:6d:44:53:3e:8b:2f:d0:77:62:65:31:30:95:3d:
59:85:27:5f:3d:2c:68:4b:95:3e:4e:dc:27:de:32:f4:32:1e:
66:56:59:72:6c:f5:df:d2:77:2c:1f:31:6c:69:0a:02:8d:ad:
3d:2f:0b:34:ea:13:05:12:65:18:85:56:7b:58:4a:04:4e:06:
01:4d:ae:4a:dd:00:34:ba:6c:ae:43:cc:67:91:ea:31:71:87:
1c:17:40:47:63:16:08:89:7a:7f:14:ab:f9:36:a6:f4:dd:a9:
df:c6:e0:1c:bb:09:9c:7e:18:a4:35:7a:5f:89:ca:d9:70:d5:
fe:2a:70:c9:39:d1:1f:04:3e:2c:d3:1d:53:48:21:43:ba:c5:
4c:cb:64:fd:b4:88:d8:a6:3d:fd:a6:5f:57:fe:5a:e3:c5:e8:
04:c8:65:04:21:54:db:74:8d:75:b3:23:3b:18:23:a4:e1:de:
61:9d:d3:dd:b5:4d:74:39:a2:9e:74:57:48:e8:db:c2:80:ce:
a3:7f:5c:31:ee:55:ed:e3:b5:58:4d:5e:b9:93:19:f9:c9:8d:
35:d0:f0:d4:9a:51:f5:af:f3:ff:c7:64:95:76:b1:9f:19:05:
4d:be:89:e6
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZJDFlCNPIErZI5Kx9MVqHSHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjQwOTMwMTMxOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWRlYzg5N2ZkNzczNjRlN2ZjODM1NmRjOWEzNTcwODVmMTVjOGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZknHcGoKE3bdKobJquu2+W8f/Ih
XgVBV7mtoY+0Dnk5jtkw2QDCOHX80Ink5N12wllWpVu0JGgix2ANBYUYxBDf+tcO
5eDeNhYKpQF65Sa40vf043m6jf7GTEzH+kGRiyaokzUTSfvD1NzVS0DF7XRj94ft
bsybdJJ91UGr9q/S1nGfuSRyjS4f2cK7eS9gTlISya1Kb8A8dXDCXAYlhANWLKw8
WrYksJslweNCh/BLSmm28/I/BX+heWJApORqeui6XQfNlHSt0qcYVr3RRfqutff3
kNEGv3vi0HqVwtB+Sl5kxdM/wlPnVi/vCSOqFyU5h4xY0tXhfumQ/J7l9wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFKHeyJf9dzZOf8g1bcmjVwhfFcjbMB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvb2Q3SWxfMTNOazVfeURWdHlhTlhDRjhWeU5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBADVts0D
BAHVttADBADVttMDBAHVttgwDQYJKoZIhvcNAQELBQADggEBAFWWigD/XIx+V/VC
2cFVEhyaD0ZAo3dtRFM+iy/Qd2JlMTCVPVmFJ189LGhLlT5O3CfeMvQyHmZWWXJs
9d/SdywfMWxpCgKNrT0vCzTqEwUSZRiFVntYSgROBgFNrkrdADS6bK5DzGeR6jFx
hxwXQEdjFgiJen8Uq/k2pvTdqd/G4By7CZx+GKQ1el+Jytlw1f4qcMk50R8EPizT
HVNIIUO6xUzLZP20iNimPf2mX1f+WuPF6ATIZQQhVNt0jXWzIzsYI6Th3mGd0921
TXQ5op50V0jo28KAzqN/XDHuVe3jtVhNXrmTGfnJjTXQ8NSaUfWv8//HZJV2sZ8Z
BU2+ieY=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:15:47 2025 by rpki-client