Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/uZqHG7MwQ2H4DuTOAJZco4shbhs.roa
File: uZqHG7MwQ2H4DuTOAJZco4shbhs.roa (raw, json)
Hash identifier: jIDB5jqUhvs+AI5nQ9ITMYuKw/NLJyEmJthB9lHAPTs=
Subject key identifier: B9:9A:87:1B:B3:30:43:61:F8:0E:E4:CE:00:96:5C:A3:8B:21:6E:1B
Certificate issuer: /CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Certificate serial: 018CCA2BB94FE6F96070655871901F9E34CB
Authority key identifier: E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/uZqHG7MwQ2H4DuTOAJZco4shbhs.roa
Signing time: Tue 02 Jan 2024 12:35:12 +0000
ROA not before: Tue 02 Jan 2024 12:35:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206055
IP address blocks: 213.215.92.0/24 maxlen: 24
2a00:1298:8016::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:b9:4f:e6:f9:60:70:65:58:71:90:1f:9e:34:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Validity
Not Before: Jan 2 12:35:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b99a871bb3304361f80ee4ce00965ca38b216e1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:21:ea:e7:09:04:05:92:15:9b:49:16:ce:9a:
7a:57:be:f2:f0:28:cb:91:e6:34:1e:d1:c0:2b:9f:
3e:e6:c5:80:f2:1c:96:9f:52:c3:62:67:fb:43:8d:
2e:57:a8:a5:0f:87:92:0f:08:08:64:c6:9f:e8:78:
16:55:53:35:9d:ac:69:ce:3c:b9:41:2f:17:f8:54:
4b:f7:1d:ce:86:13:57:e8:9f:2d:21:34:cc:ee:63:
5f:5e:18:1f:7c:6b:57:ac:bc:3f:b4:7f:62:7e:cd:
82:73:e7:25:a9:bd:92:f9:66:cc:8c:10:38:fd:d9:
15:17:18:1d:d2:92:a5:75:c6:5f:3b:46:fe:cd:c0:
7f:1e:79:1f:0c:a7:03:77:67:ca:aa:a7:fc:73:b3:
8a:d5:47:f8:7b:e9:85:87:9e:2f:ad:b2:31:98:0d:
17:54:c9:1d:9c:6f:5a:a2:05:d6:34:35:06:21:2c:
2f:e0:16:07:e4:ae:e9:67:78:1b:18:92:85:39:b6:
01:73:74:8f:cd:f1:47:08:d0:96:08:08:12:a5:6e:
28:f4:4a:22:27:9e:ed:f9:6e:a3:cb:79:53:ae:8d:
7d:a0:75:64:10:c9:17:55:4d:dc:6b:b2:35:d1:77:
72:50:17:b3:61:55:6d:5e:b2:ea:4c:b2:ad:c8:2a:
15:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:9A:87:1B:B3:30:43:61:F8:0E:E4:CE:00:96:5C:A3:8B:21:6E:1B
X509v3 Authority Key Identifier:
keyid:E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/uZqHG7MwQ2H4DuTOAJZco4shbhs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.215.92.0/24
IPv6:
2a00:1298:8016::/48
Signature Algorithm: sha256WithRSAEncryption
82:b4:64:57:c6:d3:14:8c:11:9d:49:33:18:3a:b8:28:10:20:
91:71:05:5f:ee:d0:ea:78:54:9d:3c:4d:47:26:ed:b6:97:2a:
c9:2d:95:e4:15:c4:12:98:b5:ea:ef:e8:32:75:ca:34:72:f4:
6d:50:a9:f8:2b:e2:3e:c3:a4:02:e1:f0:6c:78:be:e7:e0:56:
4b:9a:42:d9:e2:c2:86:ef:94:34:90:a8:e2:27:4a:ab:c8:0f:
9c:b2:22:c8:0e:cf:93:0f:17:3d:f4:99:8d:0d:03:8c:8e:f9:
fa:64:ba:77:21:ac:c9:7e:17:e5:2c:93:53:e0:03:80:c1:c4:
1b:39:3e:26:f8:49:16:47:63:79:71:06:3f:40:1e:8c:2e:e6:
0c:af:a8:f8:3e:cc:01:b5:82:bb:50:85:23:64:fe:3c:73:ee:
41:53:5d:ac:2f:26:d8:f1:46:11:a1:59:f0:a8:0e:91:47:dc:
3e:f4:28:fb:66:9d:af:d4:66:c5:7a:f4:ff:4f:48:32:7a:07:
8b:81:ce:fc:c5:a8:d3:9d:3d:26:6e:61:94:cb:07:34:2d:41:
0c:9d:5a:e6:80:52:e6:78:b4:ae:20:52:11:fc:7d:1e:01:5e:
22:cc:0d:ab:8f:f9:f6:eb:3e:e5:97:f3:a1:0e:52:38:1e:95:
73:80:7f:83
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzKK7lP5vlgcGVYcZAfnjTLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Zjg4MTQwMWFiYWNjODhjOTQxZmRmNzQwZjFhYjE1MzZm
MDVkYmEwHhcNMjQwMTAyMTIzNTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTlhODcxYmIzMzA0MzYxZjgwZWU0Y2UwMDk2NWNhMzhiMjE2ZTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyHq5wkEBZIVm0kWzpp6V77y8CjL
keY0HtHAK58+5sWA8hyWn1LDYmf7Q40uV6ilD4eSDwgIZMaf6HgWVVM1naxpzjy5
QS8X+FRL9x3OhhNX6J8tITTM7mNfXhgffGtXrLw/tH9ifs2Cc+clqb2S+WbMjBA4
/dkVFxgd0pKldcZfO0b+zcB/HnkfDKcDd2fKqqf8c7OK1Uf4e+mFh54vrbIxmA0X
VMkdnG9aogXWNDUGISwv4BYH5K7pZ3gbGJKFObYBc3SPzfFHCNCWCAgSpW4o9Eoi
J57t+W6jy3lTro19oHVkEMkXVU3ca7I10XdyUBezYVVtXrLqTLKtyCoVpwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLmahxuzMENh+A7kzgCWXKOLIW4bMB8GA1UdIwQY
MBaAFOf4gUAausyIyUH990DxqxU28F26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmIt
ZTJmYmMzYTY4ODAwLzEvdVpxSEc3TXdRMkg0RHVUT0FKWmNvNHNoYmhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmItZTJmYmMzYTY4ODAw
LzEvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQA1ddcMA8E
AgACMAkDBwAqABKYgBYwDQYJKoZIhvcNAQELBQADggEBAIK0ZFfG0xSMEZ1JMxg6
uCgQIJFxBV/u0Op4VJ08TUcm7baXKsktleQVxBKYterv6DJ1yjRy9G1Qqfgr4j7D
pALh8Gx4vufgVkuaQtniwobvlDSQqOInSqvID5yyIsgOz5MPFz30mY0NA4yO+fpk
unchrMl+F+Usk1PgA4DBxBs5Pib4SRZHY3lxBj9AHowu5gyvqPg+zAG1grtQhSNk
/jxz7kFTXawvJtjxRhGhWfCoDpFH3D70KPtmna/UZsV69P9PSDJ6B4uBzvzFqNOd
PSZuYZTLBzQtQQydWuaAUuZ4tK4gUhH8fR4BXiLMDauP+fbrPuWX86EOUjgelXOA
f4M=
-----END CERTIFICATE-----
Generated at Tue Apr 29 16:18:15 2025 by rpki-client