Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/btFtbjUq81zSMShsNpL08WoDVbY.roa
File: btFtbjUq81zSMShsNpL08WoDVbY.roa (raw, json)
Hash identifier: ZVZxvu5XO8U+tcZjvg4Zo5XvgqHeusMY4TcDdUGXADU=
Subject key identifier: 6E:D1:6D:6E:35:2A:F3:5C:D2:31:28:6C:36:92:F4:F1:6A:03:55:B6
Certificate issuer: /CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Certificate serial: 01856B5317B0A6F589FC779C624F43A56650
Authority key identifier: 54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/btFtbjUq81zSMShsNpL08WoDVbY.roa
Signing time: Sun 01 Jan 2023 03:14:45 +0000
ROA not before: Sun 01 Jan 2023 03:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9121
IP address blocks: 213.238.165.0/24 maxlen: 24
213.238.161.0/24 maxlen: 24
213.238.162.0/24 maxlen: 24
213.238.163.0/24 maxlen: 24
213.238.164.0/24 maxlen: 24
213.238.160.0/24 maxlen: 24
213.238.168.0/24 maxlen: 24
213.238.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:53:17:b0:a6:f5:89:fc:77:9c:62:4f:43:a5:66:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Validity
Not Before: Jan 1 03:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ed16d6e352af35cd231286c3692f4f16a0355b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b6:99:bd:69:57:01:26:1e:f8:51:3b:24:1f:
70:e1:43:35:b9:fc:3a:81:83:37:3e:27:14:54:55:
84:c1:7d:4b:0c:7b:d6:d7:f0:a2:36:8e:5a:6c:7e:
db:eb:e4:23:7a:e8:85:48:d3:9b:61:91:ce:37:49:
87:55:81:21:2b:ab:8c:b8:60:83:8d:e5:03:f0:90:
44:2e:6b:05:23:a5:1a:5b:54:22:6d:2b:9b:92:1d:
53:7e:98:4e:46:91:f3:42:2f:e5:76:94:5d:79:ff:
a0:15:a5:5a:5f:37:9c:da:e2:8c:79:50:0e:cd:4a:
0c:cf:d6:8c:4b:ca:1f:80:4a:68:80:3f:82:35:88:
15:4f:8d:f2:d6:96:31:7b:39:c3:14:4f:a4:d1:29:
43:48:de:d8:2f:60:52:ed:f3:5e:25:55:4d:40:f9:
8f:ab:84:da:90:f9:92:10:92:c0:e0:e5:c1:23:aa:
ae:08:bc:69:98:ae:b4:b3:bb:26:82:b9:c2:0a:4a:
39:21:3a:39:4d:b8:7d:f8:a7:e2:c8:c5:95:82:2b:
34:65:63:71:e2:91:40:04:4e:d5:87:02:d1:76:5d:
53:57:57:f0:1d:57:c6:94:1c:92:2b:fe:c0:54:d5:
cd:5e:52:da:b0:d1:82:51:23:74:39:e6:c8:f1:7e:
8a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:D1:6D:6E:35:2A:F3:5C:D2:31:28:6C:36:92:F4:F1:6A:03:55:B6
X509v3 Authority Key Identifier:
keyid:54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/btFtbjUq81zSMShsNpL08WoDVbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/VMvaeLHRthPfVl_5lwC2rulA3j8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.238.160.0-213.238.165.255
213.238.168.0/24
213.238.187.0/24
Signature Algorithm: sha256WithRSAEncryption
71:36:4a:a2:e1:3a:0c:40:21:00:d4:9f:21:cb:aa:13:a6:c3:
66:84:a1:12:a7:86:1a:e3:a1:58:36:7c:83:d1:ef:6f:1b:2e:
6f:3f:9b:02:5b:21:13:35:d8:3f:cb:b3:e5:62:cc:a9:a2:26:
3a:3d:a9:90:49:d8:33:ea:f2:c0:5f:26:e6:fa:17:4f:48:b1:
45:08:fe:b8:06:57:30:42:90:03:61:9e:ad:7c:54:13:9f:e8:
42:7f:88:db:5e:2e:16:ad:77:32:b6:66:38:c8:57:35:e7:c0:
57:e0:07:1c:e9:e9:e4:6b:b6:54:d8:c6:e4:86:5d:87:0e:87:
0e:83:52:a3:dd:22:78:ff:5a:3e:6b:5b:a4:18:fa:88:c1:f6:
dc:45:90:e0:bf:bb:ed:10:3f:57:b7:7c:a5:a8:ec:c2:fd:8f:
f2:a0:25:db:52:81:5a:9e:a0:82:a2:f3:50:78:dc:2e:b9:c7:
68:97:80:90:d5:0c:62:cb:ba:fe:b4:c6:3c:29:c1:47:73:91:
9b:6a:d0:0a:47:19:88:cb:f3:66:a9:8e:14:ba:c6:50:2a:3d:
ee:d9:16:78:ad:d2:45:54:c7:aa:d9:97:f5:78:79:53:5d:95:
be:27:d3:e3:19:f0:85:b2:62:f3:78:9b:4f:a7:69:48:58:71:
1f:07:8a:95
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVrUxewpvWJ/HecYk9DpWZQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0Y2JkYTc4YjFkMWI2MTNkZjU2NWZmOTk3MDBiNmFlZTk0
MGRlM2YwHhcNMjMwMTAxMDMxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWQxNmQ2ZTM1MmFmMzVjZDIzMTI4NmMzNjkyZjRmMTZhMDM1NWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLaZvWlXASYe+FE7JB9w4UM1ufw6
gYM3PicUVFWEwX1LDHvW1/CiNo5abH7b6+QjeuiFSNObYZHON0mHVYEhK6uMuGCD
jeUD8JBELmsFI6UaW1QibSubkh1TfphORpHzQi/ldpRdef+gFaVaXzec2uKMeVAO
zUoMz9aMS8ofgEpogD+CNYgVT43y1pYxeznDFE+k0SlDSN7YL2BS7fNeJVVNQPmP
q4TakPmSEJLA4OXBI6quCLxpmK60s7smgrnCCko5ITo5Tbh9+KfiyMWVgis0ZWNx
4pFABE7VhwLRdl1TV1fwHVfGlBySK/7AVNXNXlLasNGCUSN0OebI8X6K3QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFG7RbW41KvNc0jEobDaS9PFqA1W2MB8GA1UdIwQY
MBaAFFTL2nix0bYT31Zf+ZcAtq7pQN4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVk12YWVMSFJ0aFBmVmxfNWx3QzJydWxBM2o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82ZDYxZDktMGJmNy00NGJiLWI4MGYt
Y2QzMTYxNWQwMWE5LzEvYnRGdGJqVXE4MXpTTVNoc05wTDA4V29EVmJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82ZDYxZDktMGJmNy00NGJiLWI4MGYtY2QzMTYxNWQwMWE5
LzEvVk12YWVMSFJ0aFBmVmxfNWx3QzJydWxBM2o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAXV7qAD
BAHV7qQDBADV7qgDBADV7rswDQYJKoZIhvcNAQELBQADggEBAHE2SqLhOgxAIQDU
nyHLqhOmw2aEoRKnhhrjoVg2fIPR728bLm8/mwJbIRM12D/Ls+VizKmiJjo9qZBJ
2DPq8sBfJub6F09IsUUI/rgGVzBCkANhnq18VBOf6EJ/iNteLhatdzK2ZjjIVzXn
wFfgBxzp6eRrtlTYxuSGXYcOhw6DUqPdInj/Wj5rW6QY+ojB9txFkOC/u+0QP1e3
fKWo7ML9j/KgJdtSgVqeoIKi81B43C65x2iXgJDVDGLLuv60xjwpwUdzkZtq0ApH
GYjL82apjhS6xlAqPe7ZFnit0kVUx6rZl/V4eVNdlb4n0+MZ8IWyYvN4m0+naUhY
cR8HipU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:36 2024 by rpki-client on console-ams.rpki-client.org