Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/YPrj6coGOlAi6GOqb6Ug5fnZyHI.roa
File: YPrj6coGOlAi6GOqb6Ug5fnZyHI.roa (raw, json)
Hash identifier: /96ltZBXt8I6U1gzQV0v5ayIyb5HSsfTOvqxU2QzD90=
Subject key identifier: 60:FA:E3:E9:CA:06:3A:50:22:E8:63:AA:6F:A5:20:E5:F9:D9:C8:72
Certificate issuer: /CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Certificate serial: 018CC72753DD9637034A444B2E673A60BC5B
Authority key identifier: 54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/YPrj6coGOlAi6GOqb6Ug5fnZyHI.roa
Signing time: Mon 01 Jan 2024 22:31:32 +0000
ROA not before: Mon 01 Jan 2024 22:31:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201364
IP address blocks: 213.238.174.0/24 maxlen: 24
213.238.177.0/24 maxlen: 24
213.238.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Feb 2024 10:44:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:53:dd:96:37:03:4a:44:4b:2e:67:3a:60:bc:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Validity
Not Before: Jan 1 22:31:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60fae3e9ca063a5022e863aa6fa520e5f9d9c872
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:cb:97:10:42:56:b9:0f:d2:3f:50:c8:2f:b0:
38:b4:71:d2:3b:89:f2:e1:83:c8:5e:aa:93:fc:ed:
5d:98:29:3f:66:ea:65:7e:4f:d1:c0:67:1f:fc:6b:
fa:23:7b:86:1c:33:c5:b7:09:c0:38:8e:dc:f5:b9:
b3:e5:f0:31:c3:c6:35:fa:5e:22:41:69:cf:5c:87:
d2:c6:d2:7e:39:50:39:c7:1f:e2:54:86:b2:a4:6f:
35:0f:9d:3a:79:9e:c9:48:47:f8:5a:27:cc:b8:82:
57:62:3f:0f:86:1c:4f:19:d4:9a:22:ed:99:92:1f:
58:04:a9:9f:f5:87:ee:36:29:0e:7d:e7:6a:d0:8a:
20:18:e6:8c:e3:5b:77:c6:cb:c5:03:34:8f:09:9f:
26:0c:b5:af:38:f0:79:9f:7b:8b:b5:26:8d:fc:e0:
7a:9c:b0:b5:ab:3f:f7:df:ea:a6:8f:48:77:2f:1f:
de:26:72:ce:c1:41:4e:99:c2:af:45:a7:1f:10:fb:
20:28:5f:5c:2a:b3:c2:dd:3e:1e:0a:b1:73:2f:fa:
62:f5:2c:f3:17:1f:06:bc:d4:15:f0:7e:1b:b3:40:
d5:1f:46:d4:ab:3e:dd:4d:2b:49:38:27:cf:f5:8f:
f1:dd:fa:e6:e9:8a:43:10:c3:f9:d5:eb:ff:37:04:
c2:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:FA:E3:E9:CA:06:3A:50:22:E8:63:AA:6F:A5:20:E5:F9:D9:C8:72
X509v3 Authority Key Identifier:
keyid:54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/YPrj6coGOlAi6GOqb6Ug5fnZyHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/VMvaeLHRthPfVl_5lwC2rulA3j8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.238.173.0-213.238.174.255
213.238.177.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:12:86:0a:24:01:10:fd:99:20:c9:bd:e6:d5:99:91:4d:ad:
6c:3d:d9:ea:d8:62:e2:b5:0d:77:7f:c0:ac:05:fc:80:9a:4f:
6d:0e:bc:df:25:35:cc:d6:71:24:a4:1d:6c:1f:06:e5:82:c7:
7b:c6:8d:22:f9:c1:08:5d:99:6a:ff:56:01:62:49:d9:41:f0:
9a:0d:ae:f4:21:52:4c:fa:e5:4a:9e:0c:10:6e:61:61:55:06:
63:93:b4:cf:61:e9:2a:62:65:ac:77:4f:84:62:fd:49:ea:c7:
91:c3:85:85:64:34:99:8c:9a:44:92:c0:41:0e:88:83:34:7c:
9f:b2:35:e8:7d:04:68:6a:69:5a:0c:49:ca:19:73:d9:f9:23:
76:f4:22:a5:17:29:59:96:aa:cd:c4:9b:0e:10:ff:81:fb:14:
2d:69:99:94:a4:7c:3e:c6:34:6b:73:47:5c:da:af:91:7c:97:
6e:16:28:ca:77:95:9f:79:0a:27:93:05:07:48:10:47:1f:0d:
e2:a5:97:25:86:cb:a3:04:c9:17:2f:be:37:2c:d6:32:aa:37:
be:0a:7d:3d:e9:a1:55:7a:5a:db:c8:77:33:f3:25:15:bb:e8:
a0:1a:63:58:cf:f2:fb:c3:a5:fa:e4:ad:a7:c9:19:fc:53:d5:
6c:25:85:12
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzHJ1PdljcDSkRLLmc6YLxbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0Y2JkYTc4YjFkMWI2MTNkZjU2NWZmOTk3MDBiNmFlZTk0
MGRlM2YwHhcNMjQwMTAxMjIzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGZhZTNlOWNhMDYzYTUwMjJlODYzYWE2ZmE1MjBlNWY5ZDljODcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMuXEEJWuQ/SP1DIL7A4tHHSO4ny
4YPIXqqT/O1dmCk/Zuplfk/RwGcf/Gv6I3uGHDPFtwnAOI7c9bmz5fAxw8Y1+l4i
QWnPXIfSxtJ+OVA5xx/iVIaypG81D506eZ7JSEf4WifMuIJXYj8PhhxPGdSaIu2Z
kh9YBKmf9YfuNikOfedq0IogGOaM41t3xsvFAzSPCZ8mDLWvOPB5n3uLtSaN/OB6
nLC1qz/33+qmj0h3Lx/eJnLOwUFOmcKvRacfEPsgKF9cKrPC3T4eCrFzL/pi9Szz
Fx8GvNQV8H4bs0DVH0bUqz7dTStJOCfP9Y/x3frm6YpDEMP51ev/NwTCXQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGD64+nKBjpQIuhjqm+lIOX52chyMB8GA1UdIwQY
MBaAFFTL2nix0bYT31Zf+ZcAtq7pQN4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVk12YWVMSFJ0aFBmVmxfNWx3QzJydWxBM2o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82ZDYxZDktMGJmNy00NGJiLWI4MGYt
Y2QzMTYxNWQwMWE5LzEvWVByajZjb0dPbEFpNkdPcWI2VWc1Zm5aeUhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82ZDYxZDktMGJmNy00NGJiLWI4MGYtY2QzMTYxNWQwMWE5
LzEvVk12YWVMSFJ0aFBmVmxfNWx3QzJydWxBM2o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBADV7q0D
BADV7q4DBADV7rEwDQYJKoZIhvcNAQELBQADggEBAD0ShgokARD9mSDJvebVmZFN
rWw92erYYuK1DXd/wKwF/ICaT20OvN8lNczWcSSkHWwfBuWCx3vGjSL5wQhdmWr/
VgFiSdlB8JoNrvQhUkz65UqeDBBuYWFVBmOTtM9h6SpiZax3T4Ri/Unqx5HDhYVk
NJmMmkSSwEEOiIM0fJ+yNeh9BGhqaVoMScoZc9n5I3b0IqUXKVmWqs3Emw4Q/4H7
FC1pmZSkfD7GNGtzR1zar5F8l24WKMp3lZ95CieTBQdIEEcfDeKllyWGy6MEyRcv
vjcs1jKqN74KfT3poVV6WtvIdzPzJRW76KAaY1jP8vvDpfrkrafJGfxT1WwlhRI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:36 2024 by rpki-client on console-ams.rpki-client.org