Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/dDyCmTtG5zKMUg4CW1meJyW4WO0.roa
File: dDyCmTtG5zKMUg4CW1meJyW4WO0.roa (raw, json)
Hash identifier: sYAbvElBnWFFdJZUP2aZAdENHMe/8poWKovJa7W9w9E=
Subject key identifier: 74:3C:82:99:3B:46:E7:32:8C:52:0E:02:5B:59:9E:27:25:B8:58:ED
Certificate issuer: /CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Certificate serial: 0190B5CD13D0E2AE147268D037CF3E939577
Authority key identifier: BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/dDyCmTtG5zKMUg4CW1meJyW4WO0.roa
Signing time: Mon 15 Jul 2024 09:50:34 +0000
ROA not before: Mon 15 Jul 2024 09:50:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 213.21.232.0/24 maxlen: 24
213.21.236.0/24 maxlen: 24
213.21.243.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Jul 2024 07:48:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:b5:cd:13:d0:e2:ae:14:72:68:d0:37:cf:3e:93:95:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Validity
Not Before: Jul 15 09:50:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=743c82993b46e7328c520e025b599e2725b858ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:73:32:a0:4d:0b:3d:e0:b6:e4:b7:19:29:c2:
50:55:a5:5d:52:9c:29:f3:24:df:ff:0d:3a:e6:d9:
e4:03:3b:66:03:ff:3d:b7:7a:64:8f:5e:ea:b2:11:
19:ba:53:d6:08:e7:0c:a1:67:3e:5a:5f:90:5d:7e:
25:f4:6d:8a:40:c4:61:c4:75:1e:52:c0:4c:96:58:
27:24:a3:8e:9d:d4:22:b8:20:d0:16:dc:8f:4a:11:
f9:10:5e:60:f8:4b:b6:75:3f:83:82:a3:61:09:f8:
5d:93:ba:8a:e2:46:f5:2b:43:fb:d6:7f:8e:33:12:
6a:ce:6f:46:09:45:89:dc:aa:32:2a:82:a1:4b:c0:
d4:63:9e:8b:20:2a:e8:d5:8b:f5:ce:d3:b7:2f:33:
9a:c8:c7:c9:d6:ca:ea:73:fc:49:ee:a7:7c:af:75:
5e:db:d6:15:cd:58:20:97:6f:d8:81:61:97:39:b4:
bb:36:28:7e:2d:75:7e:39:ac:b7:c2:84:32:8c:d5:
6a:44:33:b0:58:43:d6:b8:dc:3c:82:28:4e:bd:4e:
60:ad:52:7b:86:75:50:2c:d6:04:99:e4:72:66:b2:
08:ad:5c:6c:d9:6e:a9:d8:3f:0e:81:10:d9:99:fc:
18:71:0f:0d:a3:73:36:00:88:02:39:0c:ef:c7:d4:
8a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:3C:82:99:3B:46:E7:32:8C:52:0E:02:5B:59:9E:27:25:B8:58:ED
X509v3 Authority Key Identifier:
keyid:BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/dDyCmTtG5zKMUg4CW1meJyW4WO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.21.232.0/24
213.21.236.0/24
213.21.243.0/24
Signature Algorithm: sha256WithRSAEncryption
74:dc:3a:0e:fe:50:af:cd:f9:46:60:21:f3:d2:1a:62:be:f2:
6f:71:8e:47:23:1e:c5:a6:91:6e:71:e1:1a:60:15:54:f0:c3:
81:fb:c4:8e:42:10:15:c6:0f:a8:9c:0e:f5:95:66:1b:86:00:
6a:dc:d2:31:ce:66:11:94:8c:c8:e6:7f:ec:51:a0:77:d8:3e:
b1:6d:9b:63:2e:78:06:bf:4b:0f:98:3d:ac:3b:f1:88:2a:16:
fb:2a:7b:56:df:71:70:fd:86:91:8f:96:94:9f:70:9d:83:d1:
a1:cb:93:af:93:23:59:c5:e8:62:af:d4:ea:bc:a9:ba:fe:74:
8a:f7:00:2d:25:99:14:23:6b:b7:1c:e3:87:a0:7d:0e:87:13:
c4:53:ba:8e:89:57:15:e4:27:cc:31:bd:9b:de:4c:73:8f:f4:
c8:ac:9c:c6:4b:c6:0d:02:6e:ff:8c:6e:c4:63:9d:9c:bc:ec:
8c:5b:8d:bd:c6:2f:e4:b7:31:9b:c7:94:f6:83:e1:54:49:56:
2b:53:d2:c1:32:58:3d:5b:56:28:26:8f:ee:2f:d5:7f:d0:08:
54:d6:12:f6:23:dc:83:73:03:12:f3:60:a8:d7:0b:6c:20:f9:
a3:a9:c5:57:d6:2b:37:d5:8d:af:63:9c:61:48:7a:5d:19:d3:
07:4a:69:86
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZC1zRPQ4q4UcmjQN88+k5V3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmRmZTZkY2E4YWM3YmZhMWE5NDUwZWY5OWZkMzE1ZWQw
MmFjZDkwHhcNMjQwNzE1MDk1MDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDNjODI5OTNiNDZlNzMyOGM1MjBlMDI1YjU5OWUyNzI1Yjg1OGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHMyoE0LPeC25LcZKcJQVaVdUpwp
8yTf/w065tnkAztmA/89t3pkj17qshEZulPWCOcMoWc+Wl+QXX4l9G2KQMRhxHUe
UsBMllgnJKOOndQiuCDQFtyPShH5EF5g+Eu2dT+DgqNhCfhdk7qK4kb1K0P71n+O
MxJqzm9GCUWJ3KoyKoKhS8DUY56LICro1Yv1ztO3LzOayMfJ1srqc/xJ7qd8r3Ve
29YVzVggl2/YgWGXObS7Nih+LXV+Oay3woQyjNVqRDOwWEPWuNw8gihOvU5grVJ7
hnVQLNYEmeRyZrIIrVxs2W6p2D8OgRDZmfwYcQ8No3M2AIgCOQzvx9SKPQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHQ8gpk7RucyjFIOAltZnicluFjtMB8GA1UdIwQY
MBaAFLz9/m3Kise/oalFDvmf0xXtAqzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmIt
MWFmMjQ2NWE4ZWVjLzEvZER5Q21UdEc1ektNVWc0Q1cxbWVKeVc0V08wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmItMWFmMjQ2NWE4ZWVj
LzEvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1RXoAwQA
1RXsAwQA1RXzMA0GCSqGSIb3DQEBCwUAA4IBAQB03DoO/lCvzflGYCHz0hpivvJv
cY5HIx7FppFuceEaYBVU8MOB+8SOQhAVxg+onA71lWYbhgBq3NIxzmYRlIzI5n/s
UaB32D6xbZtjLngGv0sPmD2sO/GIKhb7KntW33Fw/YaRj5aUn3Cdg9Ghy5OvkyNZ
xehir9TqvKm6/nSK9wAtJZkUI2u3HOOHoH0OhxPEU7qOiVcV5CfMMb2b3kxzj/TI
rJzGS8YNAm7/jG7EY52cvOyMW429xi/ktzGbx5T2g+FUSVYrU9LBMlg9W1YoJo/u
L9V/0AhU1hL2I9yDcwMS82Co1wtsIPmjqcVX1is31Y2vY5xhSHpdGdMHSmmG
-----END CERTIFICATE-----
Generated at Wed Jul 24 09:54:24 2024 by rpki-client on console-ams.rpki-client.org