Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/l47nCrKzNIFEb91IKtsy1FeE3vU.roa
File: l47nCrKzNIFEb91IKtsy1FeE3vU.roa (raw, json)
Hash identifier: d8nbAM+EuNaA6YS0PnfglXgdscXhaguJu0aK3ZKAbyY=
Subject key identifier: 97:8E:E7:0A:B2:B3:34:81:44:6F:DD:48:2A:DB:32:D4:57:84:DE:F5
Certificate issuer: /CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Certificate serial: 01942AE7734CE54C36043622C94C9EC6CCEA
Authority key identifier: BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/l47nCrKzNIFEb91IKtsy1FeE3vU.roa
Signing time: Fri 03 Jan 2025 06:43:18 +0000
ROA not before: Fri 03 Jan 2025 06:43:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8285
IP address blocks: 213.21.237.0/24 maxlen: 24
2a06:e8c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 09 Jan 2025 15:59:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:2a:e7:73:4c:e5:4c:36:04:36:22:c9:4c:9e:c6:cc:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Validity
Not Before: Jan 3 06:43:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=978ee70ab2b33481446fdd482adb32d45784def5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ef:86:fd:f8:54:73:ef:73:10:1e:c2:7e:43:
9d:71:b2:44:02:fd:84:c9:c8:7a:f7:8e:44:c2:a2:
e5:9d:fd:6f:97:f8:bf:e8:e7:14:a0:cd:8e:6d:22:
d0:31:5c:bf:4a:9c:11:80:28:36:0e:6d:af:0d:8a:
e8:71:11:4d:de:20:f3:d8:e8:79:b1:11:86:d8:fd:
30:a2:61:83:6e:a4:3f:89:0b:37:09:a7:59:67:db:
df:c4:a0:6c:8d:4d:8c:1c:a7:dc:48:6c:85:68:e8:
ee:bc:5b:79:5d:d5:9c:53:84:2e:df:f9:61:df:6a:
eb:41:58:98:f2:e7:5e:fb:08:df:73:7a:00:06:1a:
38:1a:78:49:2d:01:ce:92:44:31:8b:be:55:5b:a8:
f6:49:61:c1:d5:5b:65:2e:d3:6c:e4:ce:5c:51:b5:
95:74:19:31:94:75:f1:38:ba:d8:50:ee:b0:d1:28:
10:2c:43:d1:15:e4:a6:cb:fa:ab:6a:3e:42:52:39:
eb:9c:d2:5d:1c:00:93:90:76:c8:dd:7c:b2:c1:0b:
ad:5b:ca:74:d0:28:73:5f:dd:d2:81:b5:e2:d6:e3:
0e:b5:63:dd:d3:88:46:d8:ef:27:12:25:ad:90:aa:
8f:cf:8c:e8:51:0e:9f:72:77:12:03:60:b2:99:0c:
5b:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:8E:E7:0A:B2:B3:34:81:44:6F:DD:48:2A:DB:32:D4:57:84:DE:F5
X509v3 Authority Key Identifier:
keyid:BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/l47nCrKzNIFEb91IKtsy1FeE3vU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.21.237.0/24
IPv6:
2a06:e8c0::/29
Signature Algorithm: sha256WithRSAEncryption
96:62:5f:14:02:0f:2c:0a:6d:14:68:df:49:0a:cb:0e:89:6a:
8f:a5:44:c7:2c:3d:1e:1b:24:ab:22:0b:d4:80:d3:8c:14:ce:
03:d7:31:75:e2:af:93:99:10:48:5f:25:3e:73:e5:c4:dc:99:
d6:83:55:df:cc:dd:a9:03:77:78:18:62:b9:37:2a:a8:8c:61:
25:dc:0e:31:8c:06:7f:d3:71:39:a5:96:fd:1e:37:23:24:38:
96:82:c7:77:a7:74:28:60:32:ef:4d:85:09:f6:b5:8a:61:eb:
c9:e1:6f:35:11:22:21:a7:1f:1c:cd:c3:89:26:7a:8d:e5:dd:
64:de:fb:a5:0e:79:da:3f:fd:de:59:98:db:e0:f0:27:c2:50:
dc:b1:23:fe:b2:0b:11:05:b5:93:6e:94:f8:00:74:1d:77:c5:
1e:e2:c6:da:bc:23:63:03:4a:1a:17:71:76:c8:43:49:2a:60:
74:7b:2e:dc:1c:0c:dc:b1:29:ae:83:28:96:ea:94:1e:94:99:
9f:e9:96:91:c2:11:1b:12:4a:df:ba:7c:4e:3d:ab:9b:52:59:
45:36:9d:8c:40:69:09:e5:e3:33:0d:16:bc:e6:08:e5:18:23:
35:6a:c4:e0:08:9f:7c:8c:b1:c4:de:fa:e5:f4:f8:a7:50:c9:
02:d5:44:59
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQq53NM5Uw2BDYiyUyexszqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmRmZTZkY2E4YWM3YmZhMWE5NDUwZWY5OWZkMzE1ZWQw
MmFjZDkwHhcNMjUwMTAzMDY0MzE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzhlZTcwYWIyYjMzNDgxNDQ2ZmRkNDgyYWRiMzJkNDU3ODRkZWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqe+G/fhUc+9zEB7CfkOdcbJEAv2E
ych6945EwqLlnf1vl/i/6OcUoM2ObSLQMVy/SpwRgCg2Dm2vDYrocRFN3iDz2Oh5
sRGG2P0womGDbqQ/iQs3CadZZ9vfxKBsjU2MHKfcSGyFaOjuvFt5XdWcU4Qu3/lh
32rrQViY8ude+wjfc3oABho4GnhJLQHOkkQxi75VW6j2SWHB1VtlLtNs5M5cUbWV
dBkxlHXxOLrYUO6w0SgQLEPRFeSmy/qraj5CUjnrnNJdHACTkHbI3XyywQutW8p0
0ChzX93SgbXi1uMOtWPd04hG2O8nEiWtkKqPz4zoUQ6fcncSA2CymQxbCwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJeO5wqyszSBRG/dSCrbMtRXhN71MB8GA1UdIwQY
MBaAFLz9/m3Kise/oalFDvmf0xXtAqzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmIt
MWFmMjQ2NWE4ZWVjLzEvbDQ3bkNyS3pOSUZFYjkxSUt0c3kxRmVFM3ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmItMWFmMjQ2NWE4ZWVj
LzEvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA1RXtMA0E
AgACMAcDBQMqBujAMA0GCSqGSIb3DQEBCwUAA4IBAQCWYl8UAg8sCm0UaN9JCssO
iWqPpUTHLD0eGySrIgvUgNOMFM4D1zF14q+TmRBIXyU+c+XE3JnWg1XfzN2pA3d4
GGK5NyqojGEl3A4xjAZ/03E5pZb9HjcjJDiWgsd3p3QoYDLvTYUJ9rWKYevJ4W81
ESIhpx8czcOJJnqN5d1k3vulDnnaP/3eWZjb4PAnwlDcsSP+sgsRBbWTbpT4AHQd
d8Ue4sbavCNjA0oaF3F2yENJKmB0ey7cHAzcsSmugyiW6pQelJmf6ZaRwhEbEkrf
unxOPaubUllFNp2MQGkJ5eMzDRa85gjlGCM1asTgCJ98jLHE3vrl9PinUMkC1URZ
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:26:41 2025 by rpki-client