Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/Wb1WD8ZcW7WdIZ-Y-zFKdANkHbE.roa
File: Wb1WD8ZcW7WdIZ-Y-zFKdANkHbE.roa (raw, json)
Hash identifier: nJvSIveYjdhvqiErIWZXMHQIQeoTogOp0DUoC26RfvA=
Subject key identifier: 59:BD:56:0F:C6:5C:5B:B5:9D:21:9F:98:FB:31:4A:74:03:64:1D:B1
Certificate issuer: /CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Certificate serial: 01856B53228FEB00EBDAF57394C99771C6D8
Authority key identifier: 54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/Wb1WD8ZcW7WdIZ-Y-zFKdANkHbE.roa
Signing time: Sun 01 Jan 2023 03:14:48 +0000
ROA not before: Sun 01 Jan 2023 03:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201364
IP address blocks: 213.238.174.0/24 maxlen: 24
213.238.177.0/24 maxlen: 24
213.238.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:53:22:8f:eb:00:eb:da:f5:73:94:c9:97:71:c6:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Validity
Not Before: Jan 1 03:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=59bd560fc65c5bb59d219f98fb314a7403641db1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:81:eb:46:f4:2f:2d:5c:4c:c5:54:ba:99:5d:
dc:7d:fa:63:d4:32:7c:55:7e:8c:97:93:21:19:81:
3f:8b:7a:60:23:39:4e:ee:93:6f:23:4c:95:d5:9b:
36:89:26:a3:c4:18:3a:85:ab:4f:1f:ea:15:43:01:
92:29:c9:63:6a:4e:f5:16:46:c3:80:f9:17:fb:8f:
e8:bf:b7:97:cd:35:f3:c4:3a:3d:05:fb:50:23:9a:
25:b7:89:74:29:ac:69:df:9c:18:f5:5f:22:8d:bf:
ff:ef:83:77:d1:53:92:64:d6:ff:d2:d8:c0:9b:81:
24:bd:60:3a:fe:de:08:f2:58:d9:9d:6c:03:3f:fc:
56:74:41:db:f4:89:b9:5e:53:b2:5e:09:30:f3:fd:
f5:6c:01:db:df:fa:3a:ec:65:2a:f6:b6:18:fc:82:
26:8d:68:00:99:09:da:2e:14:57:87:53:ee:1f:83:
6e:db:fb:2a:80:11:67:82:a9:07:bf:b2:80:34:54:
ac:af:8e:3d:da:de:e2:62:7d:16:b6:12:ab:01:3d:
52:4b:89:6f:b4:f3:a0:0b:b5:dd:c5:a2:d2:fa:2b:
3e:01:8f:72:24:fa:72:97:9f:12:ba:7c:d4:44:d3:
0c:a9:c2:d8:49:2e:31:8f:28:09:d3:07:02:84:5b:
f8:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:BD:56:0F:C6:5C:5B:B5:9D:21:9F:98:FB:31:4A:74:03:64:1D:B1
X509v3 Authority Key Identifier:
keyid:54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/Wb1WD8ZcW7WdIZ-Y-zFKdANkHbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/VMvaeLHRthPfVl_5lwC2rulA3j8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.238.173.0-213.238.174.255
213.238.177.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:38:26:8b:cc:88:52:5c:1d:db:42:5b:65:f9:af:7a:83:fd:
cf:ef:6e:a6:49:4f:d4:35:3f:17:d4:75:f2:d7:24:21:62:07:
f0:89:9a:4f:41:49:f9:f4:86:c5:55:1d:83:84:e3:b0:02:0c:
5c:df:93:ba:19:17:13:1f:7a:a6:a3:b9:f5:9c:81:26:20:76:
85:13:38:77:1d:5e:9b:5d:d7:5f:d1:df:1c:4e:3c:26:f9:71:
cc:7f:a1:c8:45:d8:2a:b2:c2:87:eb:b7:0e:84:cd:91:0b:08:
9c:af:4c:25:0c:fd:26:b9:59:ed:51:73:39:47:28:51:61:59:
21:94:cf:e5:1c:ab:e5:b5:1d:2a:d4:18:ae:1b:bb:63:cb:88:
ba:e5:0b:32:39:71:7c:b0:63:63:20:94:2c:59:a2:a8:10:a1:
70:d5:e9:8d:49:78:ab:4f:3a:34:19:31:dd:9c:4b:cc:d2:1c:
8d:3d:d6:7b:53:e6:c0:4f:3a:ad:7e:50:e2:65:5b:23:80:6a:
29:b1:da:5e:5f:3d:5b:ed:47:d7:f4:9b:1c:e6:81:2c:40:1d:
c9:e0:fc:ec:44:dc:2a:3d:7b:b2:e2:58:44:31:e7:f1:84:dc:
99:b4:71:83:e0:c9:66:93:35:f1:1c:8f:e2:58:cd:09:49:ea:
bd:fb:e3:5d
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVrUyKP6wDr2vVzlMmXccbYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0Y2JkYTc4YjFkMWI2MTNkZjU2NWZmOTk3MDBiNmFlZTk0
MGRlM2YwHhcNMjMwMTAxMDMxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWJkNTYwZmM2NWM1YmI1OWQyMTlmOThmYjMxNGE3NDAzNjQxZGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYHrRvQvLVxMxVS6mV3cffpj1DJ8
VX6Ml5MhGYE/i3pgIzlO7pNvI0yV1Zs2iSajxBg6hatPH+oVQwGSKcljak71FkbD
gPkX+4/ov7eXzTXzxDo9BftQI5olt4l0Kaxp35wY9V8ijb//74N30VOSZNb/0tjA
m4EkvWA6/t4I8ljZnWwDP/xWdEHb9Im5XlOyXgkw8/31bAHb3/o67GUq9rYY/IIm
jWgAmQnaLhRXh1PuH4Nu2/sqgBFngqkHv7KANFSsr4492t7iYn0WthKrAT1SS4lv
tPOgC7XdxaLS+is+AY9yJPpyl58SunzURNMMqcLYSS4xjygJ0wcChFv4TwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFFm9Vg/GXFu1nSGfmPsxSnQDZB2xMB8GA1UdIwQY
MBaAFFTL2nix0bYT31Zf+ZcAtq7pQN4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVk12YWVMSFJ0aFBmVmxfNWx3QzJydWxBM2o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82ZDYxZDktMGJmNy00NGJiLWI4MGYt
Y2QzMTYxNWQwMWE5LzEvV2IxV0Q4WmNXN1dkSVotWS16RktkQU5rSGJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82ZDYxZDktMGJmNy00NGJiLWI4MGYtY2QzMTYxNWQwMWE5
LzEvVk12YWVMSFJ0aFBmVmxfNWx3QzJydWxBM2o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBADV7q0D
BADV7q4DBADV7rEwDQYJKoZIhvcNAQELBQADggEBALs4JovMiFJcHdtCW2X5r3qD
/c/vbqZJT9Q1PxfUdfLXJCFiB/CJmk9BSfn0hsVVHYOE47ACDFzfk7oZFxMfeqaj
ufWcgSYgdoUTOHcdXptd11/R3xxOPCb5ccx/ochF2Cqywofrtw6EzZELCJyvTCUM
/Sa5We1RczlHKFFhWSGUz+Ucq+W1HSrUGK4bu2PLiLrlCzI5cXywY2MglCxZoqgQ
oXDV6Y1JeKtPOjQZMd2cS8zSHI091ntT5sBPOq1+UOJlWyOAaimx2l5fPVvtR9f0
mxzmgSxAHcng/OxE3Co9e7LiWEQx5/GE3Jm0cYPgyWaTNfEcj+JYzQlJ6r37410=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:36 2024 by rpki-client on console-ams.rpki-client.org