Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/L8UweIfd1mpFRidRFbXAHZDmvgQ.roa
File: L8UweIfd1mpFRidRFbXAHZDmvgQ.roa (raw, json)
Hash identifier: +rFA43UYuk0sdpeHanRCz/o41CqsuCGpkVkVht4fIS4=
Subject key identifier: 2F:C5:30:78:87:DD:D6:6A:45:46:27:51:15:B5:C0:1D:90:E6:BE:04
Certificate issuer: /CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Certificate serial: 018890C494DCCE00C48018A061D14C4DBB2F
Authority key identifier: 54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/L8UweIfd1mpFRidRFbXAHZDmvgQ.roa
Signing time: Tue 06 Jun 2023 12:53:02 +0000
ROA not before: Tue 06 Jun 2023 12:53:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209956
IP address blocks: 213.238.166.0/24 maxlen: 24
213.238.184.0/24 maxlen: 24
213.238.189.0/24 maxlen: 24
213.238.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:90:c4:94:dc:ce:00:c4:80:18:a0:61:d1:4c:4d:bb:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Validity
Not Before: Jun 6 12:53:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2fc5307887ddd66a4546275115b5c01d90e6be04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:f0:e8:c3:bb:84:61:eb:c3:cd:8b:30:f8:9f:
7a:54:ed:65:50:47:db:22:56:b4:fc:ee:9c:cd:51:
d6:5b:be:67:c4:d1:1b:02:6e:13:df:85:a5:6d:99:
21:a1:92:76:6a:f1:a7:22:e3:f5:37:61:71:ef:29:
dc:0d:73:29:01:81:91:92:6a:1d:4f:f0:0a:77:de:
75:41:6b:43:06:3e:a2:00:d6:64:9b:1e:77:f6:3e:
b0:7f:3a:32:a2:55:b4:47:44:54:e0:fd:a9:10:0c:
5e:4a:65:a6:53:0b:37:68:09:2e:34:08:ff:8c:62:
45:0c:82:5d:f7:bd:49:2c:0f:7b:07:3a:a1:a5:46:
aa:e9:44:fb:9e:20:41:c5:d5:53:fe:d6:28:db:17:
7e:76:32:fe:b4:cb:0a:3a:40:19:63:0b:9a:a7:17:
fd:16:dd:82:14:18:ef:10:d7:47:92:f3:44:9a:22:
39:8e:f4:9e:b1:f8:1c:93:33:5c:0a:83:23:22:b5:
71:2c:bb:15:4f:5d:22:c6:12:4a:ef:ec:47:c3:e9:
21:c3:f2:b2:db:e5:c3:a0:19:7f:42:dc:94:2e:2e:
10:7f:05:66:f8:f4:e6:57:c9:b5:3e:7b:c6:a2:7c:
3b:3b:61:35:f0:7c:63:b9:24:e5:c3:95:2e:b1:93:
5d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:C5:30:78:87:DD:D6:6A:45:46:27:51:15:B5:C0:1D:90:E6:BE:04
X509v3 Authority Key Identifier:
keyid:54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/L8UweIfd1mpFRidRFbXAHZDmvgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/VMvaeLHRthPfVl_5lwC2rulA3j8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.238.166.0/24
213.238.184.0/24
213.238.187.0/24
213.238.189.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:e4:83:f4:78:05:a2:f2:3c:fa:53:0c:dd:ec:13:9d:ca:af:
32:7a:43:1a:91:61:1a:8a:ab:3e:98:0a:85:c9:ed:ad:d4:78:
1c:99:48:bb:72:33:78:84:e1:61:1e:f7:cd:de:f5:82:7b:0e:
8d:97:5b:a5:74:f7:0c:3f:86:07:88:bc:91:8e:2b:ed:04:de:
ed:98:1a:8e:bf:15:cd:35:aa:e8:4e:94:1a:c4:ba:c6:c4:1e:
f7:05:a7:f2:b2:0b:ba:e3:44:62:62:56:b4:80:cb:37:cb:63:
35:e1:49:54:b8:c8:5e:8e:04:93:b8:03:d7:71:d2:8a:2c:11:
de:c3:37:fa:91:86:81:84:b5:53:f0:1c:77:56:84:97:48:8d:
a9:0b:8a:37:bb:92:dc:d8:e3:6a:51:e8:99:7a:d0:29:0e:15:
fc:44:19:2b:0e:8d:8d:15:5e:6e:eb:0b:0c:68:1d:ae:a7:c1:
97:50:4f:85:fd:6c:e1:48:2e:e9:e7:98:a3:e6:47:99:1d:79:
40:9f:67:c4:65:82:2c:ac:1b:da:85:55:36:12:0a:41:5d:06:
f3:30:97:3f:0f:4f:2f:d1:91:40:56:c1:3f:70:07:68:77:fa:
db:f7:d2:00:89:c3:41:d0:dd:55:05:8c:6f:23:a1:bd:c4:ad:
b3:15:eb:f8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYiQxJTczgDEgBigYdFMTbsvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0Y2JkYTc4YjFkMWI2MTNkZjU2NWZmOTk3MDBiNmFlZTk0
MGRlM2YwHhcNMjMwNjA2MTI1MzAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmM1MzA3ODg3ZGRkNjZhNDU0NjI3NTExNWI1YzAxZDkwZTZiZTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfDow7uEYevDzYsw+J96VO1lUEfb
Ila0/O6czVHWW75nxNEbAm4T34WlbZkhoZJ2avGnIuP1N2Fx7yncDXMpAYGRkmod
T/AKd951QWtDBj6iANZkmx539j6wfzoyolW0R0RU4P2pEAxeSmWmUws3aAkuNAj/
jGJFDIJd971JLA97BzqhpUaq6UT7niBBxdVT/tYo2xd+djL+tMsKOkAZYwuapxf9
Ft2CFBjvENdHkvNEmiI5jvSesfgckzNcCoMjIrVxLLsVT10ixhJK7+xHw+khw/Ky
2+XDoBl/QtyULi4QfwVm+PTmV8m1PnvGonw7O2E18HxjuSTlw5UusZNdFwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFC/FMHiH3dZqRUYnURW1wB2Q5r4EMB8GA1UdIwQY
MBaAFFTL2nix0bYT31Zf+ZcAtq7pQN4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVk12YWVMSFJ0aFBmVmxfNWx3QzJydWxBM2o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82ZDYxZDktMGJmNy00NGJiLWI4MGYt
Y2QzMTYxNWQwMWE5LzEvTDhVd2VJZmQxbXBGUmlkUkZiWEFIWkRtdmdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82ZDYxZDktMGJmNy00NGJiLWI4MGYtY2QzMTYxNWQwMWE5
LzEvVk12YWVMSFJ0aFBmVmxfNWx3QzJydWxBM2o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQA1e6mAwQA
1e64AwQA1e67AwQA1e69MA0GCSqGSIb3DQEBCwUAA4IBAQC75IP0eAWi8jz6Uwzd
7BOdyq8yekMakWEaiqs+mAqFye2t1HgcmUi7cjN4hOFhHvfN3vWCew6Nl1uldPcM
P4YHiLyRjivtBN7tmBqOvxXNNaroTpQaxLrGxB73Bafysgu640RiYla0gMs3y2M1
4UlUuMhejgSTuAPXcdKKLBHewzf6kYaBhLVT8Bx3VoSXSI2pC4o3u5Lc2ONqUeiZ
etApDhX8RBkrDo2NFV5u6wsMaB2up8GXUE+F/WzhSC7p55ij5keZHXlAn2fEZYIs
rBvahVU2EgpBXQbzMJc/D08v0ZFAVsE/cAdod/rb99IAicNB0N1VBYxvI6G9xK2z
Fev4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:27 2024 by rpki-client on console-fra.rpki-client.org