Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/WEpwt45tq6pc7OjtGXqhcDt5H4E.roa
File: WEpwt45tq6pc7OjtGXqhcDt5H4E.roa (raw, json)
Hash identifier: eOrpyfukcyfwiJ8/3iU5jpCkhR+NKdt/cf0G4u4wWt4=
Subject key identifier: 58:4A:70:B7:8E:6D:AB:AA:5C:EC:E8:ED:19:7A:A1:70:3B:79:1F:81
Certificate issuer: /CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Certificate serial: 018A4B3B7D3E1F68F3DFF8908F508E1A8807
Authority key identifier: BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/WEpwt45tq6pc7OjtGXqhcDt5H4E.roa
Signing time: Thu 31 Aug 2023 10:55:04 +0000
ROA not before: Thu 31 Aug 2023 10:55:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24651
IP address blocks: 213.21.218.0/24 maxlen: 24
213.21.222.0/24 maxlen: 24
185.118.76.0/24 maxlen: 24
213.21.227.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4b:3b:7d:3e:1f:68:f3:df:f8:90:8f:50:8e:1a:88:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Validity
Not Before: Aug 31 10:55:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=584a70b78e6dabaa5cece8ed197aa1703b791f81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:e3:84:c8:66:da:ae:47:4d:5c:c9:f2:ae:dc:
97:65:94:ec:dc:30:31:e5:01:40:b9:a9:13:7e:40:
74:2e:d0:cd:15:ff:68:ea:4c:4a:29:89:cc:62:0d:
3e:53:02:c1:4c:f5:16:90:58:cd:e9:d5:10:f8:46:
c0:f6:40:f9:67:a2:e1:5d:5e:92:b9:c6:8d:53:41:
22:31:06:43:21:7c:e5:01:cc:82:24:a8:eb:b5:e1:
93:ca:dc:8c:fd:60:fe:f5:6f:04:77:e6:61:12:98:
0b:94:1b:67:42:75:b7:ed:00:b6:e0:4f:c7:a2:18:
94:b6:1e:d9:7d:f8:cb:6e:33:dc:49:b4:b7:fd:31:
94:83:0d:f9:7e:f4:86:94:44:9d:bb:c0:0d:72:2a:
c7:b6:0c:0c:70:b8:c0:55:34:44:88:f6:cd:5d:6f:
92:d2:59:17:ae:51:e2:db:e3:d0:51:76:69:66:fe:
b1:62:12:95:f4:b7:c7:1b:89:b3:5b:b5:c1:35:5d:
25:82:95:68:84:48:15:23:3b:2a:45:df:82:fd:8e:
70:78:23:d0:78:81:de:ae:2c:a8:26:8b:c6:62:1d:
f7:34:86:b7:d2:99:a3:b9:16:d4:48:bb:e7:95:19:
4d:34:18:a2:ba:ff:41:22:1b:ba:9d:62:70:fe:c2:
e2:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:4A:70:B7:8E:6D:AB:AA:5C:EC:E8:ED:19:7A:A1:70:3B:79:1F:81
X509v3 Authority Key Identifier:
keyid:BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/WEpwt45tq6pc7OjtGXqhcDt5H4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.76.0/24
213.21.218.0/24
213.21.222.0/24
213.21.227.0/24
Signature Algorithm: sha256WithRSAEncryption
61:ef:9c:27:2c:00:89:76:3f:1f:7d:26:ea:c1:00:bc:e5:53:
c1:a4:36:9b:a3:e2:78:53:9e:f4:53:5b:6f:53:ec:ab:40:88:
40:10:56:a3:15:8a:6d:55:5e:a7:bb:cd:6c:4a:c5:0a:d7:db:
4a:97:bc:9e:10:8f:e4:b0:eb:79:d6:45:5c:a4:8f:56:89:78:
d8:d4:c4:44:c3:12:32:51:ea:4f:70:9a:28:e7:7e:04:41:c0:
07:6f:19:f8:8a:c2:db:ab:d4:0a:1a:49:c4:8a:97:e6:33:20:
01:3a:04:52:25:a4:e5:27:3f:81:f2:5c:51:f7:8f:09:b3:45:
b4:00:0a:57:cf:ed:78:36:3e:d6:bd:00:92:80:ab:9a:f0:03:
44:07:75:1b:77:0b:61:f0:5a:a0:4a:3d:72:8d:e0:25:d2:af:
1d:e3:10:d3:47:f6:f2:1f:5e:93:3a:5a:d0:82:a9:86:fd:3c:
72:52:d4:55:e8:8a:f3:42:ea:b5:4e:89:7e:a9:a3:ac:5f:ce:
72:ed:99:3a:c5:0d:4d:e7:c1:0f:d1:1d:7a:14:10:76:e5:69:
8e:ca:75:9a:d5:c2:56:7a:1e:49:7f:4f:11:b3:1b:23:d0:f7:
1a:d2:98:5a:0a:c7:67:37:51:5f:ec:c9:00:b1:ec:5b:d2:87:
37:25:a6:f4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYpLO30+H2jz3/iQj1COGogHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmRmZTZkY2E4YWM3YmZhMWE5NDUwZWY5OWZkMzE1ZWQw
MmFjZDkwHhcNMjMwODMxMTA1NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODRhNzBiNzhlNmRhYmFhNWNlY2U4ZWQxOTdhYTE3MDNiNzkxZjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOOEyGbarkdNXMnyrtyXZZTs3DAx
5QFAuakTfkB0LtDNFf9o6kxKKYnMYg0+UwLBTPUWkFjN6dUQ+EbA9kD5Z6LhXV6S
ucaNU0EiMQZDIXzlAcyCJKjrteGTytyM/WD+9W8Ed+ZhEpgLlBtnQnW37QC24E/H
ohiUth7ZffjLbjPcSbS3/TGUgw35fvSGlESdu8ANcirHtgwMcLjAVTREiPbNXW+S
0lkXrlHi2+PQUXZpZv6xYhKV9LfHG4mzW7XBNV0lgpVohEgVIzsqRd+C/Y5weCPQ
eIHeriyoJovGYh33NIa30pmjuRbUSLvnlRlNNBiiuv9BIhu6nWJw/sLiZwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFhKcLeObauqXOzo7Rl6oXA7eR+BMB8GA1UdIwQY
MBaAFLz9/m3Kise/oalFDvmf0xXtAqzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmIt
MWFmMjQ2NWE4ZWVjLzEvV0Vwd3Q0NXRxNnBjN09qdEdYcWhjRHQ1SDRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmItMWFmMjQ2NWE4ZWVj
LzEvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuXZMAwQA
1RXaAwQA1RXeAwQA1RXjMA0GCSqGSIb3DQEBCwUAA4IBAQBh75wnLACJdj8ffSbq
wQC85VPBpDabo+J4U570U1tvU+yrQIhAEFajFYptVV6nu81sSsUK19tKl7yeEI/k
sOt51kVcpI9WiXjY1MREwxIyUepPcJoo534EQcAHbxn4isLbq9QKGknEipfmMyAB
OgRSJaTlJz+B8lxR948Js0W0AApXz+14Nj7WvQCSgKua8ANEB3Ubdwth8FqgSj1y
jeAl0q8d4xDTR/byH16TOlrQgqmG/TxyUtRV6IrzQuq1Tol+qaOsX85y7Zk6xQ1N
58EP0R16FBB25WmOynWa1cJWeh5Jf08Rsxsj0Pca0phaCsdnN1Ff7MkAsexb0oc3
Jab0
-----END CERTIFICATE-----
Generated at Mon Nov 6 10:35:13 2023 by rpki-client on console-fra.rpki-client.org