Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/lQ2v0PuA64CFrUNxHD1Lul8gLCY.roa
File: lQ2v0PuA64CFrUNxHD1Lul8gLCY.roa (raw, json)
Hash identifier: +BeDfanFN7U6MStcdo14L72iTa8v/TjtZJxcUOa2uFs=
Subject key identifier: 95:0D:AF:D0:FB:80:EB:80:85:AD:43:71:1C:3D:4B:BA:5F:20:2C:26
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 01912435B3662609D2E13AC989B30CA2D33F
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/lQ2v0PuA64CFrUNxHD1Lul8gLCY.roa
Signing time: Mon 05 Aug 2024 20:23:04 +0000
ROA not before: Mon 05 Aug 2024 20:23:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 213.145.68.0/24 maxlen: 24
213.145.84.0/24 maxlen: 24
213.145.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Aug 2024 06:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:24:35:b3:66:26:09:d2:e1:3a:c9:89:b3:0c:a2:d3:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Aug 5 20:23:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=950dafd0fb80eb8085ad43711c3d4bba5f202c26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:af:e6:43:b7:5d:f0:9c:81:2e:8d:bd:68:25:
c8:6c:7d:3a:73:62:65:40:51:64:96:f1:1a:25:25:
4b:6f:ce:c5:0b:74:24:3f:b4:6d:42:f6:cd:c0:60:
ca:e3:0b:0e:f8:4f:58:71:b7:4f:79:22:24:88:d1:
c3:59:6a:32:ef:fd:8a:af:cb:5b:58:58:50:62:12:
3f:bb:8b:46:33:71:14:8e:89:f0:d2:86:bb:b4:45:
19:9a:a0:1a:42:4f:d9:6a:47:13:61:1e:78:93:82:
e5:3a:16:2a:29:b6:dc:9b:b6:b3:38:58:0a:39:b9:
f6:a2:46:d5:e8:36:23:84:39:ed:4c:d0:d2:b0:37:
58:f5:f8:88:46:f0:9f:33:78:d8:7e:43:e2:4d:b1:
6d:d4:3b:1a:15:0f:f8:ec:57:73:e1:bd:b6:29:be:
50:32:79:ed:bb:e8:7d:da:a9:bd:65:9f:fe:fd:d1:
a4:d8:49:52:71:79:91:ef:05:dc:f7:8a:21:da:b8:
86:b2:9a:1a:b3:d1:65:ba:2e:df:f9:a0:ef:90:77:
7a:94:e1:2c:2e:d8:ff:9d:3b:03:b2:3a:30:0d:22:
02:64:bc:68:73:2e:95:a9:c8:20:f6:65:1f:7c:7d:
67:75:4f:53:7c:12:ab:81:f7:1f:83:f7:02:ca:67:
a5:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:0D:AF:D0:FB:80:EB:80:85:AD:43:71:1C:3D:4B:BA:5F:20:2C:26
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/lQ2v0PuA64CFrUNxHD1Lul8gLCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.145.68.0/24
213.145.84.0/24
213.145.86.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:1a:06:98:cf:9a:16:c9:28:47:1f:45:0e:83:28:8a:20:b9:
5d:15:d4:9c:ce:e4:57:76:74:e8:3b:27:58:9b:62:c8:7d:08:
59:94:6f:b4:d9:51:1c:63:df:ff:db:0f:35:88:c2:ee:99:86:
ab:d1:79:1c:15:10:7f:e6:85:bc:ac:5e:a9:49:a0:f9:dc:d5:
c3:15:74:3a:aa:f6:2d:55:7f:81:01:e3:8b:ae:41:70:c8:cf:
62:92:d4:f4:52:cc:19:36:a6:0a:86:f9:a2:29:9e:cf:ea:75:
33:60:c9:2c:f6:5b:82:7d:e6:2c:7f:13:e0:29:33:e6:33:99:
67:38:82:40:c7:af:25:76:1b:64:07:62:4f:1b:04:63:50:5b:
8d:b8:bd:02:f4:32:a1:20:37:1a:0c:da:fd:fe:98:5b:4a:19:
9f:c3:03:90:d5:c7:3a:eb:78:f5:20:77:72:63:35:4d:f1:88:
7a:3d:56:6c:13:4b:e5:2b:13:da:a9:06:ec:c1:9a:25:c3:70:
b4:7e:f9:6c:cc:19:a8:db:36:c3:9a:19:7a:9b:dc:8f:0d:12:
6e:8f:c9:af:1c:88:65:30:03:01:33:56:4e:4d:ce:98:cf:26:
b6:71:74:bc:89:e1:bb:e0:aa:60:c0:15:c1:16:90:be:a2:8f:
50:7f:08:d9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZEkNbNmJgnS4TrJibMMotM/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjQwODA1MjAyMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTBkYWZkMGZiODBlYjgwODVhZDQzNzExYzNkNGJiYTVmMjAyYzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAja/mQ7dd8JyBLo29aCXIbH06c2Jl
QFFklvEaJSVLb87FC3QkP7RtQvbNwGDK4wsO+E9YcbdPeSIkiNHDWWoy7/2Kr8tb
WFhQYhI/u4tGM3EUjonw0oa7tEUZmqAaQk/ZakcTYR54k4LlOhYqKbbcm7azOFgK
Obn2okbV6DYjhDntTNDSsDdY9fiIRvCfM3jYfkPiTbFt1DsaFQ/47Fdz4b22Kb5Q
Mnntu+h92qm9ZZ/+/dGk2ElScXmR7wXc94oh2riGspoas9Flui7f+aDvkHd6lOEs
Ltj/nTsDsjowDSICZLxocy6Vqcgg9mUffH1ndU9TfBKrgfcfg/cCymel2wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJUNr9D7gOuAha1DcRw9S7pfICwmMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvbFEydjBQdUE2NENGclVOeEhEMUx1bDhnTENZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1ZFEAwQA
1ZFUAwQA1ZFWMA0GCSqGSIb3DQEBCwUAA4IBAQDOGgaYz5oWyShHH0UOgyiKILld
FdSczuRXdnToOydYm2LIfQhZlG+02VEcY9//2w81iMLumYar0XkcFRB/5oW8rF6p
SaD53NXDFXQ6qvYtVX+BAeOLrkFwyM9iktT0UswZNqYKhvmiKZ7P6nUzYMks9luC
feYsfxPgKTPmM5lnOIJAx68ldhtkB2JPGwRjUFuNuL0C9DKhIDcaDNr9/phbShmf
wwOQ1cc663j1IHdyYzVN8Yh6PVZsE0vlKxPaqQbswZolw3C0fvlszBmo2zbDmhl6
m9yPDRJuj8mvHIhlMAMBM1ZOTc6Yzya2cXS8ieG74KpgwBXBFpC+oo9QfwjZ
-----END CERTIFICATE-----
Generated at Wed Aug 28 07:59:43 2024 by rpki-client on console-fra.rpki-client.org