Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/0fl7ulK7aoEnHYnZBBobXcjpNt8.roa
File: 0fl7ulK7aoEnHYnZBBobXcjpNt8.roa (raw, json)
Hash identifier: f60tziKq6HZA+jQN6hzliH9stTID5hSuhhTkKqZ2wm0=
Subject key identifier: D1:F9:7B:BA:52:BB:6A:81:27:1D:89:D9:04:1A:1B:5D:C8:E9:36:DF
Certificate issuer: /CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Certificate serial: 018930AA8ACCD587BBB8F0FC68CFAC53C1BC
Authority key identifier: BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/0fl7ulK7aoEnHYnZBBobXcjpNt8.roa
Signing time: Fri 07 Jul 2023 14:03:50 +0000
ROA not before: Fri 07 Jul 2023 14:03:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 213.21.232.0/24 maxlen: 24
213.21.236.0/24 maxlen: 24
213.21.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Jul 2023 05:07:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:30:aa:8a:cc:d5:87:bb:b8:f0:fc:68:cf:ac:53:c1:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Validity
Not Before: Jul 7 14:03:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1f97bba52bb6a81271d89d9041a1b5dc8e936df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:10:70:47:3c:79:77:52:a1:7b:07:a9:35:fe:
f3:6c:43:52:65:fd:bc:9c:9b:e8:38:0c:28:e3:6c:
d6:71:aa:a7:ad:c5:ab:c6:6c:1e:3f:39:21:2f:90:
04:d3:29:de:f2:0f:84:04:b7:54:ec:68:bc:21:11:
22:dc:78:8d:8e:5b:84:cf:68:e3:a9:78:ee:2e:77:
81:39:5b:2c:73:b5:2f:32:b1:1a:16:99:b0:f0:84:
5c:2e:0b:c5:ae:92:55:0b:79:41:89:69:56:17:86:
48:15:25:8c:9d:8e:77:d4:ea:d2:e5:1e:94:ec:a2:
39:eb:cd:77:1e:3a:a7:42:3e:70:30:34:dc:ba:c2:
25:69:f3:ce:b5:93:5d:24:8b:fe:e3:4c:88:43:89:
f4:1f:d9:ff:32:1d:eb:eb:43:dc:06:fe:45:d7:52:
05:52:86:b1:2e:9b:50:ae:b6:61:ce:5f:3b:f8:34:
0a:f5:69:a5:31:d5:43:be:77:02:7b:7d:f9:eb:05:
f8:3c:ff:5a:0c:1f:04:68:00:b2:cc:b2:8e:be:80:
97:f0:14:c1:8b:0f:8c:06:36:c1:60:6c:80:8b:91:
52:b0:7a:cd:0f:77:3c:b6:18:5a:de:93:4d:a8:93:
64:d6:39:94:cd:8b:f9:41:28:c1:fe:a9:2c:50:5b:
f1:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:F9:7B:BA:52:BB:6A:81:27:1D:89:D9:04:1A:1B:5D:C8:E9:36:DF
X509v3 Authority Key Identifier:
keyid:BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/0fl7ulK7aoEnHYnZBBobXcjpNt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.21.232.0/24
213.21.236.0/24
213.21.245.0/24
Signature Algorithm: sha256WithRSAEncryption
09:c0:60:67:86:10:60:95:9b:e6:2c:63:56:5c:31:f0:09:36:
4c:c2:b8:a6:47:ca:5c:9c:b1:cf:55:5b:59:b5:91:cc:e6:6d:
65:39:e8:51:6f:ab:16:ad:ef:70:1f:dd:74:f5:7d:50:93:37:
78:c4:f2:e0:61:4f:83:a4:fb:4a:89:a4:ce:e7:c8:84:56:7a:
8e:e5:cf:d1:a7:50:2d:23:7f:94:18:01:f4:35:31:fd:53:14:
96:61:4c:f0:89:60:40:db:77:d3:d2:e7:7a:c8:d4:2a:ed:36:
73:e0:67:c5:30:80:b8:a5:28:60:41:3a:7c:c3:80:ae:08:ba:
56:04:cd:9e:41:f4:77:aa:da:b1:e4:cb:a1:85:05:39:fe:3a:
d4:1a:04:63:fb:ea:5e:a0:86:3d:13:25:bb:a4:a5:3a:8d:9c:
2d:d2:89:5d:f7:14:5d:5c:82:25:32:e1:81:2a:b3:e0:bc:18:
74:e7:e3:5c:52:74:63:f2:9a:4d:7b:47:c2:e0:38:34:91:4d:
a5:db:22:a1:5d:e6:6b:6f:d6:ae:0e:2e:c6:0f:8b:18:eb:da:
06:2e:28:a0:08:e4:de:da:21:1e:04:49:0a:46:5d:97:33:fb:
99:2a:76:e3:b6:ea:71:2b:e6:af:f7:7b:f3:b5:68:be:de:3f:
88:54:34:28
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYkwqorM1Ye7uPD8aM+sU8G8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmRmZTZkY2E4YWM3YmZhMWE5NDUwZWY5OWZkMzE1ZWQw
MmFjZDkwHhcNMjMwNzA3MTQwMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWY5N2JiYTUyYmI2YTgxMjcxZDg5ZDkwNDFhMWI1ZGM4ZTkzNmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRBwRzx5d1KhewepNf7zbENSZf28
nJvoOAwo42zWcaqnrcWrxmwePzkhL5AE0yne8g+EBLdU7Gi8IREi3HiNjluEz2jj
qXjuLneBOVssc7UvMrEaFpmw8IRcLgvFrpJVC3lBiWlWF4ZIFSWMnY531OrS5R6U
7KI56813HjqnQj5wMDTcusIlafPOtZNdJIv+40yIQ4n0H9n/Mh3r60PcBv5F11IF
UoaxLptQrrZhzl87+DQK9WmlMdVDvncCe3356wX4PP9aDB8EaACyzLKOvoCX8BTB
iw+MBjbBYGyAi5FSsHrND3c8thha3pNNqJNk1jmUzYv5QSjB/qksUFvx4wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNH5e7pSu2qBJx2J2QQaG13I6TbfMB8GA1UdIwQY
MBaAFLz9/m3Kise/oalFDvmf0xXtAqzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmIt
MWFmMjQ2NWE4ZWVjLzEvMGZsN3VsSzdhb0VuSFluWkJCb2JYY2pwTnQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmItMWFmMjQ2NWE4ZWVj
LzEvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1RXoAwQA
1RXsAwQA1RX1MA0GCSqGSIb3DQEBCwUAA4IBAQAJwGBnhhBglZvmLGNWXDHwCTZM
wrimR8pcnLHPVVtZtZHM5m1lOehRb6sWre9wH9109X1Qkzd4xPLgYU+DpPtKiaTO
58iEVnqO5c/Rp1AtI3+UGAH0NTH9UxSWYUzwiWBA23fT0ud6yNQq7TZz4GfFMIC4
pShgQTp8w4CuCLpWBM2eQfR3qtqx5MuhhQU5/jrUGgRj++peoIY9EyW7pKU6jZwt
0old9xRdXIIlMuGBKrPgvBh05+NcUnRj8ppNe0fC4Dg0kU2l2yKhXeZrb9auDi7G
D4sY69oGLiigCOTe2iEeBEkKRl2XM/uZKnbjtupxK+av93vztWi+3j+IVDQo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:49 2024 by rpki-client on console-fra.rpki-client.org