Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/1dbd6b-35cc-4f09-b92e-198b6a61ce85/1/RILtowZesYOqJ0Gm_qSWX9oXZoM.roa
File: RILtowZesYOqJ0Gm_qSWX9oXZoM.roa (raw, json)
Hash identifier: Zoy2Mi2AiMo3/Ipuazr/9o0e5uNwsdh9BEbqMoGGDic=
Subject key identifier: 44:82:ED:A3:06:5E:B1:83:AA:27:41:A6:FE:A4:96:5F:DA:17:66:83
Certificate issuer: /CN=651bad95276947c7be536af4c870a3721f0b7761
Certificate serial: 018CC26CFC9381081D0ECACCA63CF045C3DE
Authority key identifier: 65:1B:AD:95:27:69:47:C7:BE:53:6A:F4:C8:70:A3:72:1F:0B:77:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZRutlSdpR8e-U2r0yHCjch8Ld2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/1dbd6b-35cc-4f09-b92e-198b6a61ce85/1/RILtowZesYOqJ0Gm_qSWX9oXZoM.roa
Signing time: Mon 01 Jan 2024 00:29:31 +0000
ROA not before: Mon 01 Jan 2024 00:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59795
IP address blocks: 213.184.84.0/24 maxlen: 24
213.184.86.0/24 maxlen: 24
2a09:3a00:3a00::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 21 Oct 2024 06:19:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:fc:93:81:08:1d:0e:ca:cc:a6:3c:f0:45:c3:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=651bad95276947c7be536af4c870a3721f0b7761
Validity
Not Before: Jan 1 00:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4482eda3065eb183aa2741a6fea4965fda176683
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:fe:a2:44:65:1f:3b:2a:f8:e4:ec:72:df:a4:
23:56:21:56:87:05:13:c3:27:12:66:f0:85:dd:72:
9b:ce:25:d7:88:5b:73:93:cd:8b:7e:70:c3:93:c4:
eb:5a:3c:ee:64:a5:5e:c8:57:ae:1b:05:47:59:81:
73:37:8d:25:70:15:c4:22:15:25:a3:e8:e4:f9:e4:
01:b9:ea:4d:c1:dd:d7:a0:29:88:95:ea:15:e9:ea:
3a:65:3e:2a:ac:65:83:04:91:73:9d:44:74:d1:4b:
89:a4:60:28:75:31:22:3f:ca:f7:0b:91:cd:64:24:
67:4b:c0:28:a8:92:e6:24:e7:86:bd:10:ab:04:68:
2b:33:11:18:b1:e4:f7:06:8c:39:bc:c4:e3:ac:43:
b9:b1:8b:7e:ef:46:76:0f:6b:36:45:85:b1:41:c9:
eb:ef:94:b0:8e:74:5c:b2:57:22:97:31:a2:dd:ea:
d1:3f:12:d1:15:d0:6b:ed:9e:80:c3:69:d8:3d:7e:
86:be:7e:91:80:4a:be:ae:6a:ad:e6:1f:7a:f3:a8:
f1:62:4e:6d:b7:9d:3b:68:f9:9c:db:e0:02:4c:0a:
b1:8d:90:af:2f:78:c5:0e:a0:ee:c6:86:6e:24:bf:
3f:cd:16:b6:2e:25:11:c7:48:68:b4:a4:82:f1:2d:
6b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:82:ED:A3:06:5E:B1:83:AA:27:41:A6:FE:A4:96:5F:DA:17:66:83
X509v3 Authority Key Identifier:
keyid:65:1B:AD:95:27:69:47:C7:BE:53:6A:F4:C8:70:A3:72:1F:0B:77:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZRutlSdpR8e-U2r0yHCjch8Ld2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/1dbd6b-35cc-4f09-b92e-198b6a61ce85/1/RILtowZesYOqJ0Gm_qSWX9oXZoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/1dbd6b-35cc-4f09-b92e-198b6a61ce85/1/ZRutlSdpR8e-U2r0yHCjch8Ld2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.184.84.0/24
213.184.86.0/24
IPv6:
2a09:3a00:3a00::/40
Signature Algorithm: sha256WithRSAEncryption
58:3e:e8:be:1a:1e:ff:5e:45:64:bd:da:4b:23:e4:1e:a3:1a:
ce:49:ee:69:42:cc:48:35:56:f7:61:fa:e0:d6:b9:22:19:46:
cb:81:b0:c3:01:bf:1a:b4:cd:1b:62:4e:fd:fe:5f:4c:d9:50:
63:3f:13:5f:65:53:62:e2:4d:ee:a7:e2:c6:f0:86:9b:60:c5:
ab:76:e5:9b:db:63:1b:6f:fb:13:35:9e:d4:07:b3:ae:b7:80:
1e:a4:6b:4f:73:32:26:3c:68:93:95:29:29:1d:18:95:3b:90:
45:26:c0:86:31:5d:1c:98:82:ed:56:2a:8a:31:01:9a:32:cf:
0d:45:b9:49:b1:e0:9c:4e:e9:a5:c7:a6:f0:f7:86:aa:fa:2e:
74:1d:d3:8f:8e:f0:56:45:7e:06:35:05:3a:61:4d:bf:e2:c5:
5f:19:94:03:1a:96:2d:3d:21:d6:ff:6f:1f:45:ed:f6:8d:b5:
ae:71:eb:4b:9d:ae:51:9c:2d:b7:b1:e4:60:3f:c0:85:1e:8e:
62:40:14:19:2b:0f:e9:59:d2:4e:ed:df:f3:92:d4:91:53:da:
1d:fc:03:1f:c9:10:33:36:0b:20:83:45:f1:7a:81:ee:41:88:
c7:8f:08:b9:e0:a6:67:79:ba:33:ec:c3:a1:a0:bb:42:fc:37:
b9:7e:92:02
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzCbPyTgQgdDsrMpjzwRcPeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MWJhZDk1Mjc2OTQ3YzdiZTUzNmFmNGM4NzBhMzcyMWYw
Yjc3NjEwHhcNMjQwMTAxMDAyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDgyZWRhMzA2NWViMTgzYWEyNzQxYTZmZWE0OTY1ZmRhMTc2NjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5/6iRGUfOyr45Oxy36QjViFWhwUT
wycSZvCF3XKbziXXiFtzk82LfnDDk8TrWjzuZKVeyFeuGwVHWYFzN40lcBXEIhUl
o+jk+eQBuepNwd3XoCmIleoV6eo6ZT4qrGWDBJFznUR00UuJpGAodTEiP8r3C5HN
ZCRnS8AoqJLmJOeGvRCrBGgrMxEYseT3Bow5vMTjrEO5sYt+70Z2D2s2RYWxQcnr
75SwjnRcslcilzGi3erRPxLRFdBr7Z6Aw2nYPX6Gvn6RgEq+rmqt5h9686jxYk5t
t507aPmc2+ACTAqxjZCvL3jFDqDuxoZuJL8/zRa2LiURx0hotKSC8S1rdQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFESC7aMGXrGDqidBpv6kll/aF2aDMB8GA1UdIwQY
MBaAFGUbrZUnaUfHvlNq9Mhwo3IfC3dhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlJ1dGxTZHBSOGUtVTJyMHlIQ2pjaDhMZDJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8xZGJkNmItMzVjYy00ZjA5LWI5MmUt
MTk4YjZhNjFjZTg1LzEvUklMdG93WmVzWU9xSjBHbV9xU1dYOW9YWm9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8xZGJkNmItMzVjYy00ZjA5LWI5MmUtMTk4YjZhNjFjZTg1
LzEvWlJ1dGxTZHBSOGUtVTJyMHlIQ2pjaDhMZDJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQA1bhUAwQA
1bhWMA4EAgACMAgDBgAqCToAOjANBgkqhkiG9w0BAQsFAAOCAQEAWD7ovhoe/15F
ZL3aSyPkHqMazknuaULMSDVW92H64Na5IhlGy4GwwwG/GrTNG2JO/f5fTNlQYz8T
X2VTYuJN7qfixvCGm2DFq3blm9tjG2/7EzWe1AezrreAHqRrT3MyJjxok5UpKR0Y
lTuQRSbAhjFdHJiC7VYqijEBmjLPDUW5SbHgnE7ppcem8PeGqvoudB3Tj47wVkV+
BjUFOmFNv+LFXxmUAxqWLT0h1v9vH0Xt9o21rnHrS52uUZwtt7HkYD/AhR6OYkAU
GSsP6VnSTu3f85LUkVPaHfwDH8kQMzYLIINF8XqB7kGIx48IueCmZ3m6M+zDoaC7
Qvw3uX6SAg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:29:40 2025 by rpki-client