Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/bLD_mqDYQD5DEE30oT8fL3hmOkI.roa
File: bLD_mqDYQD5DEE30oT8fL3hmOkI.roa (raw, json)
Hash identifier: UYpEPMA2hne4aa6GjkWJJdbNLLnvo3igYLCqFKWd2SM=
Subject key identifier: 6C:B0:FF:9A:A0:D8:40:3E:43:10:4D:F4:A1:3F:1F:2F:78:66:3A:42
Certificate issuer: /CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Certificate serial: 01856B531F16F03D64943ABCA19C87A5642A
Authority key identifier: 54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/bLD_mqDYQD5DEE30oT8fL3hmOkI.roa
Signing time: Sun 01 Jan 2023 03:14:47 +0000
ROA not before: Sun 01 Jan 2023 03:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51540
IP address blocks: 213.238.170.0/24 maxlen: 24
213.238.173.0/24 maxlen: 24
213.238.174.0/24 maxlen: 24
213.238.176.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 30 Mar 2023 18:22:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:53:1f:16:f0:3d:64:94:3a:bc:a1:9c:87:a5:64:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Validity
Not Before: Jan 1 03:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6cb0ff9aa0d8403e43104df4a13f1f2f78663a42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a4:2f:2f:43:73:30:10:f9:b0:07:6a:0a:ac:
3d:f8:13:58:7d:78:19:f1:8b:b8:10:d0:46:39:72:
24:05:f5:8b:df:43:c7:ae:35:48:33:36:82:50:7b:
3a:84:13:20:e0:29:cc:6c:e2:4f:77:d6:f1:f0:d8:
10:07:df:75:53:fc:aa:88:a5:e0:69:18:e0:64:85:
48:9f:7a:d1:69:31:41:d8:39:71:d7:b6:63:22:4f:
b2:8f:67:29:b0:41:1a:83:ef:ba:b0:ff:49:e5:c5:
6b:2a:1f:cf:ff:0b:cd:28:ff:9f:73:d3:cb:8d:c5:
e1:f5:61:2f:fb:dd:29:34:5b:03:b7:bc:e4:41:2c:
39:79:28:60:15:d8:85:7e:af:14:19:52:26:14:24:
f0:67:d2:88:7f:5b:2e:01:32:01:95:7c:94:31:97:
c7:1a:b2:c1:fa:f5:c3:24:36:e1:a3:1f:09:bf:2e:
ff:10:13:81:60:51:ed:80:be:13:ef:00:6c:f8:c9:
26:cb:89:bd:c1:e7:75:c3:95:9b:c7:64:71:af:05:
e1:be:6e:2b:50:ba:30:20:de:bc:e4:fd:3c:e2:de:
82:52:92:fa:4d:57:c5:ce:03:48:fb:a1:e2:4f:84:
62:8f:e2:62:6c:cd:30:3e:83:94:41:be:10:f8:34:
ac:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:B0:FF:9A:A0:D8:40:3E:43:10:4D:F4:A1:3F:1F:2F:78:66:3A:42
X509v3 Authority Key Identifier:
keyid:54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/bLD_mqDYQD5DEE30oT8fL3hmOkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/VMvaeLHRthPfVl_5lwC2rulA3j8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.238.170.0/24
213.238.173.0-213.238.174.255
213.238.176.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:a2:48:e5:fd:0c:0b:29:03:e7:4a:fe:dd:2b:28:4f:d4:57:
c6:78:e9:ae:1f:a3:e5:0f:2a:b9:c7:e1:9c:4e:52:b2:04:40:
b0:50:90:97:d7:ca:9a:ea:79:3a:e2:7e:d7:e5:19:3e:59:fa:
0c:c2:95:78:06:62:04:96:55:ee:70:0e:34:3b:77:d1:b3:84:
d8:46:7f:21:9f:69:02:40:ef:07:12:6e:8b:25:2f:b5:b2:cf:
a5:4f:b2:76:83:8b:83:ad:2d:41:92:99:62:6f:33:8d:b1:76:
89:09:9d:09:12:09:a9:97:89:c8:b5:ed:2b:d3:75:d1:01:f3:
f1:33:4d:9a:ae:76:d9:d8:f3:4a:6b:1a:ea:5b:3b:3e:62:94:
6a:ac:94:6a:67:a9:eb:6a:99:b3:98:96:fc:4e:5c:26:27:d1:
b3:4f:e1:1e:0b:5a:44:e6:ba:12:e2:c7:ff:58:e6:01:7f:e3:
a9:20:29:8d:28:1e:44:c9:51:80:a5:d4:de:00:98:b1:6c:a0:
dc:5a:61:09:2e:71:0d:56:eb:b9:fb:3d:dc:67:9e:3c:b9:41:
f0:52:f9:a0:b9:db:fd:8f:3f:08:db:c4:f0:d5:28:14:8b:95:
4a:4a:79:38:74:e7:1f:c3:7d:ea:c4:c6:d1:35:aa:2f:ba:39:
ed:03:23:0e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVrUx8W8D1klDq8oZyHpWQqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0Y2JkYTc4YjFkMWI2MTNkZjU2NWZmOTk3MDBiNmFlZTk0
MGRlM2YwHhcNMjMwMTAxMDMxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2IwZmY5YWEwZDg0MDNlNDMxMDRkZjRhMTNmMWYyZjc4NjYzYTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKQvL0NzMBD5sAdqCqw9+BNYfXgZ
8Yu4ENBGOXIkBfWL30PHrjVIMzaCUHs6hBMg4CnMbOJPd9bx8NgQB991U/yqiKXg
aRjgZIVIn3rRaTFB2Dlx17ZjIk+yj2cpsEEag++6sP9J5cVrKh/P/wvNKP+fc9PL
jcXh9WEv+90pNFsDt7zkQSw5eShgFdiFfq8UGVImFCTwZ9KIf1suATIBlXyUMZfH
GrLB+vXDJDbhox8Jvy7/EBOBYFHtgL4T7wBs+Mkmy4m9wed1w5Wbx2RxrwXhvm4r
ULowIN685P084t6CUpL6TVfFzgNI+6HiT4Rij+JibM0wPoOUQb4Q+DSszwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFGyw/5qg2EA+QxBN9KE/Hy94ZjpCMB8GA1UdIwQY
MBaAFFTL2nix0bYT31Zf+ZcAtq7pQN4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVk12YWVMSFJ0aFBmVmxfNWx3QzJydWxBM2o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82ZDYxZDktMGJmNy00NGJiLWI4MGYt
Y2QzMTYxNWQwMWE5LzEvYkxEX21xRFlRRDVERUUzMG9UOGZMM2htT2tJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82ZDYxZDktMGJmNy00NGJiLWI4MGYtY2QzMTYxNWQwMWE5
LzEvVk12YWVMSFJ0aFBmVmxfNWx3QzJydWxBM2o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQA1e6qMAwD
BADV7q0DBADV7q4DBADV7rAwDQYJKoZIhvcNAQELBQADggEBAI6iSOX9DAspA+dK
/t0rKE/UV8Z46a4fo+UPKrnH4ZxOUrIEQLBQkJfXyprqeTriftflGT5Z+gzClXgG
YgSWVe5wDjQ7d9GzhNhGfyGfaQJA7wcSboslL7Wyz6VPsnaDi4OtLUGSmWJvM42x
dokJnQkSCamXici17SvTddEB8/EzTZqudtnY80prGupbOz5ilGqslGpnqetqmbOY
lvxOXCYn0bNP4R4LWkTmuhLix/9Y5gF/46kgKY0oHkTJUYCl1N4AmLFsoNxaYQku
cQ1W67n7Pdxnnjy5QfBS+aC52/2PPwjbxPDVKBSLlUpKeTh05x/DferExtE1qi+6
Oe0DIw4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:27 2024 by rpki-client on console-fra.rpki-client.org