Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/hsnetY-DnHylE7g_fW3DVJSxvBs.roa
File: hsnetY-DnHylE7g_fW3DVJSxvBs.roa (raw, json)
Hash identifier: XWIDQBDo7kMOANiuQgCMJ9DH6A/44qVdBG4+FSxFrbk=
Subject key identifier: 86:C9:DE:B5:8F:83:9C:7C:A5:13:B8:3F:7D:6D:C3:54:94:B1:BC:1B
Certificate issuer: /CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Certificate serial: 018CC7275197F2A3CA0623549419D06D06FB
Authority key identifier: 54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/hsnetY-DnHylE7g_fW3DVJSxvBs.roa
Signing time: Mon 01 Jan 2024 22:31:31 +0000
ROA not before: Mon 01 Jan 2024 22:31:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51540
IP address blocks: 213.238.173.0/24 maxlen: 24
213.238.174.0/24 maxlen: 24
213.238.176.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Feb 2024 10:43:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:51:97:f2:a3:ca:06:23:54:94:19:d0:6d:06:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Validity
Not Before: Jan 1 22:31:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86c9deb58f839c7ca513b83f7d6dc35494b1bc1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:8e:1b:72:2f:49:3a:e9:85:94:94:6f:84:43:
2d:83:fe:dc:7a:64:af:75:ed:3f:02:ae:3c:52:4c:
7b:47:89:58:21:78:a6:58:7f:a9:a9:30:c6:70:da:
16:f6:33:d1:26:fd:8e:7e:b4:50:ec:74:e3:23:e0:
35:cf:8e:18:91:64:ce:d2:b4:53:fb:3d:53:05:aa:
67:ab:b9:54:49:2e:c5:01:28:b0:87:bc:5d:7e:08:
82:92:7c:95:a8:9a:41:f8:9d:3f:eb:bb:8c:26:31:
60:ef:df:d4:84:8b:60:92:d7:6b:a6:17:f6:f2:8d:
90:f0:31:89:ce:dc:b0:fc:b5:96:7a:2d:b3:63:1d:
b4:1b:5b:b8:e0:f3:2c:a8:66:87:b5:c6:bb:92:e9:
f6:77:48:21:3c:41:1e:a6:0e:6e:07:52:3f:c0:f9:
72:65:9f:89:20:1b:04:d9:88:de:dd:9b:e7:85:b6:
df:14:f2:a8:64:b0:d1:6d:1f:ff:ca:a5:76:58:c4:
41:c8:f7:96:c5:14:8e:91:54:dc:84:51:7e:c2:14:
17:17:a3:90:37:1c:92:42:9c:09:e8:97:0b:bf:5a:
40:18:92:7c:f4:aa:51:a3:46:e8:7e:c9:a8:33:bb:
a9:37:02:70:3a:7b:02:d2:99:0f:db:d9:1e:f3:b8:
bf:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:C9:DE:B5:8F:83:9C:7C:A5:13:B8:3F:7D:6D:C3:54:94:B1:BC:1B
X509v3 Authority Key Identifier:
keyid:54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/hsnetY-DnHylE7g_fW3DVJSxvBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/VMvaeLHRthPfVl_5lwC2rulA3j8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.238.173.0-213.238.174.255
213.238.176.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:f0:9a:fb:0b:4c:ba:c4:36:b4:7a:13:eb:4e:31:89:23:18:
64:83:df:b4:cc:7b:ba:d5:f7:af:f5:04:e2:9f:33:d8:1f:5d:
22:07:02:50:7b:65:23:fc:5f:d3:90:64:3e:3d:33:5f:59:5e:
82:c3:8d:6c:be:78:a5:c0:c7:dc:64:63:2b:de:db:de:91:2a:
e6:54:68:53:db:4a:79:d4:ba:c1:22:c2:55:68:3b:21:b6:be:
84:68:3d:ab:5b:51:7c:c9:91:39:b0:5e:16:40:bb:b2:93:77:
0d:f4:0e:2e:5c:66:fb:51:2c:ba:13:6e:af:2d:9d:5a:67:66:
d2:39:09:0a:e0:16:44:75:6a:01:c5:15:14:1e:47:c0:67:2d:
ee:58:f4:07:4a:76:24:fb:cd:84:1f:5c:b3:21:86:56:c3:34:
36:a2:fb:8d:8b:ee:50:0b:38:d2:d6:03:14:da:45:90:10:2a:
8a:1f:1b:b6:40:2c:d9:de:bc:55:0e:9f:13:2d:57:53:52:d5:
dd:8d:c6:44:c8:59:af:ad:99:47:4e:89:6c:8a:cc:25:f7:6f:
26:0e:83:63:ab:1b:ed:cf:d7:e9:de:f2:87:7e:77:88:4a:6d:
7d:ba:4b:92:14:13:a0:c9:00:06:86:9f:38:04:a5:8c:e6:49:
a5:6c:32:07
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzHJ1GX8qPKBiNUlBnQbQb7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0Y2JkYTc4YjFkMWI2MTNkZjU2NWZmOTk3MDBiNmFlZTk0
MGRlM2YwHhcNMjQwMTAxMjIzMTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmM5ZGViNThmODM5YzdjYTUxM2I4M2Y3ZDZkYzM1NDk0YjFiYzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlY4bci9JOumFlJRvhEMtg/7cemSv
de0/Aq48Ukx7R4lYIXimWH+pqTDGcNoW9jPRJv2OfrRQ7HTjI+A1z44YkWTO0rRT
+z1TBapnq7lUSS7FASiwh7xdfgiCknyVqJpB+J0/67uMJjFg79/UhItgktdrphf2
8o2Q8DGJztyw/LWWei2zYx20G1u44PMsqGaHtca7kun2d0ghPEEepg5uB1I/wPly
ZZ+JIBsE2Yje3ZvnhbbfFPKoZLDRbR//yqV2WMRByPeWxRSOkVTchFF+whQXF6OQ
NxySQpwJ6JcLv1pAGJJ89KpRo0bofsmoM7upNwJwOnsC0pkP29ke87i/LQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFIbJ3rWPg5x8pRO4P31tw1SUsbwbMB8GA1UdIwQY
MBaAFFTL2nix0bYT31Zf+ZcAtq7pQN4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVk12YWVMSFJ0aFBmVmxfNWx3QzJydWxBM2o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82ZDYxZDktMGJmNy00NGJiLWI4MGYt
Y2QzMTYxNWQwMWE5LzEvaHNuZXRZLURuSHlsRTdnX2ZXM0RWSlN4dkJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82ZDYxZDktMGJmNy00NGJiLWI4MGYtY2QzMTYxNWQwMWE5
LzEvVk12YWVMSFJ0aFBmVmxfNWx3QzJydWxBM2o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBADV7q0D
BADV7q4DBADV7rAwDQYJKoZIhvcNAQELBQADggEBADrwmvsLTLrENrR6E+tOMYkj
GGSD37TMe7rV96/1BOKfM9gfXSIHAlB7ZSP8X9OQZD49M19ZXoLDjWy+eKXAx9xk
Yyve296RKuZUaFPbSnnUusEiwlVoOyG2voRoPatbUXzJkTmwXhZAu7KTdw30Di5c
ZvtRLLoTbq8tnVpnZtI5CQrgFkR1agHFFRQeR8BnLe5Y9AdKdiT7zYQfXLMhhlbD
NDai+42L7lALONLWAxTaRZAQKoofG7ZALNnevFUOnxMtV1NS1d2NxkTIWa+tmUdO
iWyKzCX3byYOg2OrG+3P1+ne8od+d4hKbX26S5IUE6DJAAaGnzgEpYzmSaVsMgc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:27 2024 by rpki-client on console-fra.rpki-client.org