Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/hDHn5A6sZ5TUq7gNQgaDbyFQfZ4.roa
File: hDHn5A6sZ5TUq7gNQgaDbyFQfZ4.roa (raw, json)
Hash identifier: 3LnzpDbyuQuGaVsyq/eC47xZS2ZLM5U5vZ6Gmjy29qM=
Subject key identifier: 84:31:E7:E4:0E:AC:67:94:D4:AB:B8:0D:42:06:83:6F:21:50:7D:9E
Certificate issuer: /CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Certificate serial: 018CC4934C7AD2EDFFD88B1505829678D301
Authority key identifier: BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/hDHn5A6sZ5TUq7gNQgaDbyFQfZ4.roa
Signing time: Mon 01 Jan 2024 10:30:36 +0000
ROA not before: Mon 01 Jan 2024 10:30:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8285
IP address blocks: 213.21.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Feb 2024 12:08:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:4c:7a:d2:ed:ff:d8:8b:15:05:82:96:78:d3:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Validity
Not Before: Jan 1 10:30:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8431e7e40eac6794d4abb80d4206836f21507d9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ff:f5:1a:b4:19:68:af:84:28:95:22:a1:f9:
3e:45:b0:9e:49:24:db:25:86:af:28:79:32:c6:76:
4b:f1:a6:e8:b5:f9:a9:bc:7f:23:a3:41:3b:f1:81:
ca:ff:2d:36:bc:3a:78:9f:98:0b:a2:1d:af:02:47:
98:9d:69:0c:15:3d:31:52:2c:ff:5f:17:e0:83:29:
21:d0:47:73:15:b2:e2:17:cf:5f:67:fb:89:7a:6c:
d1:37:8c:35:19:b2:25:8c:b4:cf:66:89:33:0a:bb:
35:fe:56:2d:3f:7f:83:22:91:1a:aa:87:43:71:32:
6f:8b:3a:d0:0e:78:d2:17:63:27:84:f2:aa:1d:aa:
d4:08:40:20:70:c4:78:04:9c:17:84:19:4d:aa:dc:
28:5c:1a:98:87:cc:ce:0d:ba:56:c2:df:69:ce:7a:
33:e6:54:40:8b:a8:1a:25:8a:73:29:68:67:4c:af:
5a:7d:12:c0:a5:a0:16:64:d9:ce:dc:e8:b2:99:16:
d6:78:d7:a1:f5:f6:18:f2:f1:7a:17:7c:21:9f:dd:
0e:7a:cf:06:29:c7:10:83:8a:55:20:10:44:61:5a:
c2:54:5a:66:b4:48:6a:2d:ef:79:a4:6c:91:10:2f:
4d:d2:fe:93:f5:58:f9:8f:5a:88:a7:fc:a5:dd:ab:
68:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:31:E7:E4:0E:AC:67:94:D4:AB:B8:0D:42:06:83:6F:21:50:7D:9E
X509v3 Authority Key Identifier:
keyid:BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/hDHn5A6sZ5TUq7gNQgaDbyFQfZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.21.239.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:58:17:ea:ab:7d:00:f8:4a:75:2f:ba:77:d1:94:e5:c8:ed:
c8:93:63:12:5a:bf:e6:d2:c7:70:f6:1f:03:0f:16:d7:86:14:
f3:48:07:44:a1:7e:b1:c6:6e:ad:ce:e0:af:6c:f3:95:43:69:
e2:0e:af:8d:f9:d5:ff:79:4a:e3:69:65:0d:13:9d:23:86:55:
d4:f2:fd:04:c4:3b:6f:51:37:6d:d6:d2:11:4b:c5:e0:73:64:
f6:20:a5:29:ad:35:53:e8:b3:8f:87:da:aa:ec:7a:2b:72:b0:
21:dd:df:95:d3:52:59:c7:73:56:c2:4d:d3:f0:fa:8f:62:92:
07:b8:28:e7:09:97:b1:3b:86:99:d8:00:d7:50:a3:bd:6f:0a:
98:c6:95:58:ac:7e:31:65:df:5c:ed:1d:70:5f:df:f2:59:c8:
94:9e:6f:37:19:dd:fb:b5:35:3b:1f:82:41:4a:99:ed:28:4a:
7c:80:8c:25:93:8c:44:35:85:cc:40:97:89:9f:ee:d8:a7:e8:
59:cc:1e:7a:eb:ff:40:d6:09:2a:86:0c:35:ba:cd:94:78:67:
40:7e:1a:cd:7b:82:c6:50:5b:46:07:0a:e9:1a:bc:17:f6:b8:
6f:47:f5:52:63:4e:7c:d1:39:8e:00:1e:c9:d8:7c:f8:73:b5:
f3:c4:af:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEk0x60u3/2IsVBYKWeNMBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmRmZTZkY2E4YWM3YmZhMWE5NDUwZWY5OWZkMzE1ZWQw
MmFjZDkwHhcNMjQwMTAxMTAzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDMxZTdlNDBlYWM2Nzk0ZDRhYmI4MGQ0MjA2ODM2ZjIxNTA3ZDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsf/1GrQZaK+EKJUiofk+RbCeSSTb
JYavKHkyxnZL8abotfmpvH8jo0E78YHK/y02vDp4n5gLoh2vAkeYnWkMFT0xUiz/
Xxfggykh0EdzFbLiF89fZ/uJemzRN4w1GbIljLTPZokzCrs1/lYtP3+DIpEaqodD
cTJvizrQDnjSF2MnhPKqHarUCEAgcMR4BJwXhBlNqtwoXBqYh8zODbpWwt9pznoz
5lRAi6gaJYpzKWhnTK9afRLApaAWZNnO3OiymRbWeNeh9fYY8vF6F3whn90Oes8G
KccQg4pVIBBEYVrCVFpmtEhqLe95pGyREC9N0v6T9Vj5j1qIp/yl3ato3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIQx5+QOrGeU1Ku4DUIGg28hUH2eMB8GA1UdIwQY
MBaAFLz9/m3Kise/oalFDvmf0xXtAqzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmIt
MWFmMjQ2NWE4ZWVjLzEvaERIbjVBNnNaNVRVcTdnTlFnYURieUZRZlo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmItMWFmMjQ2NWE4ZWVj
LzEvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1RXvMA0G
CSqGSIb3DQEBCwUAA4IBAQCPWBfqq30A+Ep1L7p30ZTlyO3Ik2MSWr/m0sdw9h8D
DxbXhhTzSAdEoX6xxm6tzuCvbPOVQ2niDq+N+dX/eUrjaWUNE50jhlXU8v0ExDtv
UTdt1tIRS8Xgc2T2IKUprTVT6LOPh9qq7HorcrAh3d+V01JZx3NWwk3T8PqPYpIH
uCjnCZexO4aZ2ADXUKO9bwqYxpVYrH4xZd9c7R1wX9/yWciUnm83Gd37tTU7H4JB
SpntKEp8gIwlk4xENYXMQJeJn+7Yp+hZzB566/9A1gkqhgw1us2UeGdAfhrNe4LG
UFtGBwrpGrwX9rhvR/VSY0580TmOAB7J2Hz4c7XzxK+d
-----END CERTIFICATE-----
Generated at Mon Feb 12 15:17:08 2024 by rpki-client on console-ams.rpki-client.org