Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/0exC3H99ULstiX2uySK6aK3bH78.roa
File: 0exC3H99ULstiX2uySK6aK3bH78.roa (raw, json)
Hash identifier: SEm8ABi4RT3rD5+L4ik3NGhMwSj8XKJTNR599sHnz6E=
Subject key identifier: D1:EC:42:DC:7F:7D:50:BB:2D:89:7D:AE:C9:22:BA:68:AD:DB:1F:BF
Certificate issuer: /CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Certificate serial: 018AFFCDFAD1B5A50C409251176D28E5C00F
Authority key identifier: 54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/0exC3H99ULstiX2uySK6aK3bH78.roa
Signing time: Thu 05 Oct 2023 12:26:43 +0000
ROA not before: Thu 05 Oct 2023 12:26:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198520
IP address blocks: 213.238.186.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ff:cd:fa:d1:b5:a5:0c:40:92:51:17:6d:28:e5:c0:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Validity
Not Before: Oct 5 12:26:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1ec42dc7f7d50bb2d897daec922ba68addb1fbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:20:38:28:35:b2:5b:13:9f:cc:b9:bf:8a:d0:
e3:2d:5b:9e:3f:d1:84:77:b6:9f:66:bc:9e:95:14:
68:96:d3:9a:85:61:04:a4:05:f7:89:f2:2d:5c:ee:
4f:c7:de:09:3c:30:a6:00:b3:2f:a8:30:03:df:fb:
f4:d0:79:d4:60:a7:de:aa:25:fe:62:6a:2b:84:e3:
25:49:02:bc:a2:3d:e5:1e:44:dd:7e:a7:6a:ef:7c:
8c:b3:d7:d9:54:6e:4c:a1:5f:27:3b:d1:23:db:bd:
22:a0:b7:d8:b2:98:5f:c5:a0:c7:42:f9:de:64:cb:
b5:3e:50:1f:73:7e:ee:9e:be:bb:ff:73:2c:f1:fe:
ed:9e:79:67:ed:1a:0f:33:7a:3b:9e:4b:ca:d9:9d:
72:53:19:6d:20:03:95:78:3b:68:42:9c:b0:b8:1d:
04:f4:74:6d:6a:2c:5e:ab:b0:d3:03:82:f5:a9:ab:
71:79:27:35:2f:e1:69:e4:ad:4f:3f:f8:ab:75:28:
ee:1e:25:71:9a:2c:30:d4:ad:36:ff:b1:fb:ab:cf:
c2:70:dc:cc:c5:17:67:40:e2:40:10:56:9a:57:59:
df:64:b1:d0:63:17:ee:7d:ff:3b:ea:8e:47:a6:ba:
d9:7f:7e:af:f4:0b:0c:36:8a:0a:bb:47:dc:f3:f2:
90:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:EC:42:DC:7F:7D:50:BB:2D:89:7D:AE:C9:22:BA:68:AD:DB:1F:BF
X509v3 Authority Key Identifier:
keyid:54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/0exC3H99ULstiX2uySK6aK3bH78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/VMvaeLHRthPfVl_5lwC2rulA3j8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.238.186.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:20:65:9a:60:3e:fd:18:37:76:28:e8:17:ce:ed:58:b3:9d:
26:c5:08:24:84:5e:fa:e1:a9:c9:6e:30:69:5c:67:7b:5e:0a:
67:ac:e0:2e:fb:72:02:25:c8:02:3c:81:34:2a:7a:de:4c:4c:
94:9a:03:d4:07:cf:0f:63:39:80:77:0c:de:28:f8:41:93:7f:
7b:46:67:59:ef:93:11:f4:43:04:8e:c9:fe:ad:02:4c:51:c4:
63:c8:30:76:4d:46:86:01:f7:40:f0:b8:48:01:80:3c:9b:6f:
25:88:d1:1d:ec:cc:4e:99:35:b7:2d:57:41:91:d6:1b:85:c9:
93:6f:72:86:05:81:bf:b3:21:01:c3:92:8a:05:cd:e4:41:89:
16:9d:95:c8:30:9a:4e:b0:4e:98:a4:18:85:5d:d1:6d:32:c5:
38:00:70:db:ed:33:59:ea:88:a2:f6:ff:e3:e5:63:79:b0:30:
46:08:67:0b:1b:fb:b0:48:23:64:f2:1e:bf:a2:d9:34:40:5a:
ee:c0:21:a3:fc:02:21:98:32:81:e7:8e:bc:57:05:e0:ee:2a:
70:33:6d:8f:9e:d7:ef:89:cd:cf:54:5e:a9:fa:72:b3:b3:bd:
03:78:46:ba:c6:1f:6d:60:46:37:42:76:ea:17:23:ad:42:e0:
e0:64:f8:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYr/zfrRtaUMQJJRF20o5cAPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0Y2JkYTc4YjFkMWI2MTNkZjU2NWZmOTk3MDBiNmFlZTk0
MGRlM2YwHhcNMjMxMDA1MTIyNjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWVjNDJkYzdmN2Q1MGJiMmQ4OTdkYWVjOTIyYmE2OGFkZGIxZmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAliA4KDWyWxOfzLm/itDjLVueP9GE
d7afZryelRRoltOahWEEpAX3ifItXO5Px94JPDCmALMvqDAD3/v00HnUYKfeqiX+
YmorhOMlSQK8oj3lHkTdfqdq73yMs9fZVG5MoV8nO9Ej270ioLfYsphfxaDHQvne
ZMu1PlAfc37unr67/3Ms8f7tnnln7RoPM3o7nkvK2Z1yUxltIAOVeDtoQpywuB0E
9HRtaixeq7DTA4L1qatxeSc1L+Fp5K1PP/irdSjuHiVxmiww1K02/7H7q8/CcNzM
xRdnQOJAEFaaV1nfZLHQYxfuff876o5HprrZf36v9AsMNooKu0fc8/KQQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNHsQtx/fVC7LYl9rskiumit2x+/MB8GA1UdIwQY
MBaAFFTL2nix0bYT31Zf+ZcAtq7pQN4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVk12YWVMSFJ0aFBmVmxfNWx3QzJydWxBM2o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82ZDYxZDktMGJmNy00NGJiLWI4MGYt
Y2QzMTYxNWQwMWE5LzEvMGV4QzNIOTlVTHN0aVgydXlTSzZhSzNiSDc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82ZDYxZDktMGJmNy00NGJiLWI4MGYtY2QzMTYxNWQwMWE5
LzEvVk12YWVMSFJ0aFBmVmxfNWx3QzJydWxBM2o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1e66MA0G
CSqGSIb3DQEBCwUAA4IBAQC7IGWaYD79GDd2KOgXzu1Ys50mxQgkhF764anJbjBp
XGd7XgpnrOAu+3ICJcgCPIE0KnreTEyUmgPUB88PYzmAdwzeKPhBk397RmdZ75MR
9EMEjsn+rQJMUcRjyDB2TUaGAfdA8LhIAYA8m28liNEd7MxOmTW3LVdBkdYbhcmT
b3KGBYG/syEBw5KKBc3kQYkWnZXIMJpOsE6YpBiFXdFtMsU4AHDb7TNZ6oii9v/j
5WN5sDBGCGcLG/uwSCNk8h6/otk0QFruwCGj/AIhmDKB5468VwXg7ipwM22Pntfv
ic3PVF6p+nKzs70DeEa6xh9tYEY3QnbqFyOtQuDgZPhR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:27 2024 by rpki-client on console-fra.rpki-client.org