Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/L67IDP5oXGXQW4SVEzryhxjrrnQ.roa
File: L67IDP5oXGXQW4SVEzryhxjrrnQ.roa (raw, json)
Hash identifier: S55Gvtpo1s38bETcnNV3cOK+j8ro5s7ahcfXe6JRLcc=
Subject key identifier: 2F:AE:C8:0C:FE:68:5C:65:D0:5B:84:95:13:3A:F2:87:18:EB:AE:74
Certificate issuer: /CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Certificate serial: 0193872F6471D3D1B8FD06861DA2A42EAF2E
Authority key identifier: BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/L67IDP5oXGXQW4SVEzryhxjrrnQ.roa
Signing time: Mon 02 Dec 2024 11:44:10 +0000
ROA not before: Mon 02 Dec 2024 11:44:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199785
IP address blocks: 213.21.236.0/24 maxlen: 24
213.21.241.0/24 maxlen: 24
213.21.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:87:2f:64:71:d3:d1:b8:fd:06:86:1d:a2:a4:2e:af:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Validity
Not Before: Dec 2 11:44:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2faec80cfe685c65d05b8495133af28718ebae74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:88:e4:ec:c3:72:10:71:3b:36:68:ba:80:b3:
69:18:50:a7:b1:fb:8a:2c:06:01:af:e0:8c:1d:b7:
77:3e:2b:7b:5c:f3:75:cd:98:62:89:1b:4b:bf:09:
fe:33:b8:5f:80:6b:ad:c5:ab:82:c3:59:54:70:5e:
80:fa:e1:82:3d:74:cd:ad:5f:89:f6:3f:17:d2:d5:
8d:4c:b7:db:70:dd:d3:14:73:46:ef:76:e6:52:d7:
27:af:bb:b7:0d:5e:ed:c6:31:f5:18:a7:dc:ba:0a:
a2:10:53:3a:24:b7:f7:1b:f2:83:5a:8b:78:f2:d7:
a9:19:41:8f:99:fb:07:83:c6:9c:a6:0f:4c:ba:86:
f1:b1:ad:ab:23:14:2c:0f:9d:4a:07:71:f7:16:12:
6e:09:9d:73:3c:5d:0e:13:7d:c9:ea:f7:ab:12:ba:
e8:85:dd:db:46:58:6e:7a:46:78:c9:bb:dc:81:42:
6a:89:a3:7c:a2:55:8f:8d:11:a1:bf:0f:c1:68:a7:
d5:82:61:a3:c6:08:33:b6:bc:82:4a:1a:58:6e:3b:
82:42:b3:ee:7a:82:0f:9b:90:ca:a9:d9:0c:9e:d7:
3a:c4:75:24:06:3c:a4:08:ed:26:74:f2:98:93:62:
70:19:a5:eb:73:78:d8:c5:6e:42:59:c2:08:f4:85:
87:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:AE:C8:0C:FE:68:5C:65:D0:5B:84:95:13:3A:F2:87:18:EB:AE:74
X509v3 Authority Key Identifier:
keyid:BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/L67IDP5oXGXQW4SVEzryhxjrrnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.21.236.0/24
213.21.241.0/24
213.21.253.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:d9:58:7d:2e:ea:c9:c7:f0:e1:9a:f1:d8:8c:83:4c:6d:ea:
d1:92:98:f2:ec:df:fd:e1:98:90:a5:6f:46:1e:ac:53:dd:49:
d6:e0:c5:8d:fd:29:35:a8:38:13:5e:33:3e:02:d8:b4:26:ca:
df:30:b4:d1:00:30:61:a3:14:4e:31:35:a7:01:ba:0b:da:78:
85:f2:27:66:aa:f2:4a:48:6b:6d:05:54:b9:31:5a:bb:b3:dd:
91:b7:08:02:a6:8e:f1:55:d2:4b:be:ba:02:b4:7b:93:56:90:
a4:1c:3a:05:2a:24:3a:1d:a7:d8:5a:cf:d1:42:29:1b:64:33:
19:bb:d8:ea:56:bf:fe:d9:ee:26:10:3c:30:15:2f:39:d8:f0:
08:04:73:c8:42:04:06:26:68:aa:9e:44:17:6b:48:4e:d7:54:
42:8c:e4:9a:f7:d1:f1:aa:9d:b0:70:3b:0a:2d:57:89:7e:75:
01:a2:b6:ed:45:d8:54:93:99:d5:d3:a2:70:27:1e:5c:31:1f:
47:a6:cc:b7:4c:15:45:5f:7e:7a:1f:15:c9:38:da:c0:b8:2e:
4b:ab:00:8c:c7:c8:d4:b0:9f:97:3a:90:10:d9:63:14:e7:5a:
fc:94:92:6e:8e:06:60:f9:1c:8c:3a:25:46:f6:a1:5b:63:a0:
93:82:51:c2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZOHL2Rx09G4/QaGHaKkLq8uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmRmZTZkY2E4YWM3YmZhMWE5NDUwZWY5OWZkMzE1ZWQw
MmFjZDkwHhcNMjQxMjAyMTE0NDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmFlYzgwY2ZlNjg1YzY1ZDA1Yjg0OTUxMzNhZjI4NzE4ZWJhZTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoojk7MNyEHE7Nmi6gLNpGFCnsfuK
LAYBr+CMHbd3Pit7XPN1zZhiiRtLvwn+M7hfgGutxauCw1lUcF6A+uGCPXTNrV+J
9j8X0tWNTLfbcN3TFHNG73bmUtcnr7u3DV7txjH1GKfcugqiEFM6JLf3G/KDWot4
8tepGUGPmfsHg8acpg9Muobxsa2rIxQsD51KB3H3FhJuCZ1zPF0OE33J6verErro
hd3bRlhuekZ4ybvcgUJqiaN8olWPjRGhvw/BaKfVgmGjxggztryCShpYbjuCQrPu
eoIPm5DKqdkMntc6xHUkBjykCO0mdPKYk2JwGaXrc3jYxW5CWcII9IWHywIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC+uyAz+aFxl0FuElRM68ocY6650MB8GA1UdIwQY
MBaAFLz9/m3Kise/oalFDvmf0xXtAqzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmIt
MWFmMjQ2NWE4ZWVjLzEvTDY3SURQNW9YR1hRVzRTVkV6cnloeGpycm5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmItMWFmMjQ2NWE4ZWVj
LzEvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1RXsAwQA
1RXxAwQA1RX9MA0GCSqGSIb3DQEBCwUAA4IBAQB62Vh9LurJx/DhmvHYjINMberR
kpjy7N/94ZiQpW9GHqxT3UnW4MWN/Sk1qDgTXjM+Ati0JsrfMLTRADBhoxROMTWn
AboL2niF8idmqvJKSGttBVS5MVq7s92RtwgCpo7xVdJLvroCtHuTVpCkHDoFKiQ6
HafYWs/RQikbZDMZu9jqVr/+2e4mEDwwFS852PAIBHPIQgQGJmiqnkQXa0hO11RC
jOSa99Hxqp2wcDsKLVeJfnUBorbtRdhUk5nV06JwJx5cMR9Hpsy3TBVFX356HxXJ
ONrAuC5LqwCMx8jUsJ+XOpAQ2WMU51r8lJJujgZg+RyMOiVG9qFbY6CTglHC
-----END CERTIFICATE-----
Generated at Sun Apr 27 06:36:35 2025 by rpki-client