Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/sxaq1jcvU7kY-86weKFWiNgX0zM.roa
File: sxaq1jcvU7kY-86weKFWiNgX0zM.roa (raw, json)
Hash identifier: JuMCIRyzA28Wf4FPsNrF8VhNpvEayGXx0y8yb+26zNI=
Subject key identifier: B3:16:AA:D6:37:2F:53:B9:18:FB:CE:B0:78:A1:56:88:D8:17:D3:33
Certificate issuer: /CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Certificate serial: 018733C226B56926BC7F96E516223EED5C57
Authority key identifier: 54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/sxaq1jcvU7kY-86weKFWiNgX0zM.roa
Signing time: Thu 30 Mar 2023 18:22:54 +0000
ROA not before: Thu 30 Mar 2023 18:22:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51540
IP address blocks: 213.238.173.0/24 maxlen: 24
213.238.174.0/24 maxlen: 24
213.238.176.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:33:c2:26:b5:69:26:bc:7f:96:e5:16:22:3e:ed:5c:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Validity
Not Before: Mar 30 18:22:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b316aad6372f53b918fbceb078a15688d817d333
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:45:72:50:80:7d:81:6c:e1:95:fa:2a:ab:1d:
1e:40:75:af:0e:d6:ad:25:bf:d4:01:4f:3d:42:4c:
74:fb:bd:94:4b:bb:27:b6:90:24:6a:57:0f:13:04:
c5:43:1e:4b:c1:61:4b:e9:41:1d:65:d5:01:c7:e2:
3c:b6:1d:f4:0e:c9:32:dd:44:6b:35:71:b2:85:fd:
62:70:78:34:62:6e:f5:ef:f0:0a:26:d5:c0:80:cb:
7d:4c:f6:79:85:c6:7a:c1:33:15:90:41:e2:5f:d1:
e6:4e:8f:20:95:2e:a3:eb:56:62:36:0e:22:98:d7:
b2:e7:f3:a3:f8:af:1e:5a:7e:42:e2:6e:b6:b9:8e:
81:50:cb:39:1d:8c:08:c5:ac:2d:1c:6a:3f:d5:9b:
3e:d0:14:c4:c6:80:50:30:b7:c3:7d:69:7d:e2:f4:
dc:f6:30:88:c3:9b:a5:07:bc:3d:a9:b0:b8:71:a3:
79:a5:33:20:48:5c:7c:aa:b1:d3:7d:d9:77:8a:eb:
1c:42:c0:87:8b:e3:63:64:44:35:d8:40:02:6b:f0:
d4:58:c0:fe:16:72:ea:cb:dc:79:1f:f4:2e:46:5a:
25:2b:75:ad:9b:e5:77:63:33:d4:56:69:82:6a:dd:
b6:fa:bf:de:e3:76:cb:52:5b:04:b6:ff:61:ed:17:
4e:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:16:AA:D6:37:2F:53:B9:18:FB:CE:B0:78:A1:56:88:D8:17:D3:33
X509v3 Authority Key Identifier:
keyid:54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/sxaq1jcvU7kY-86weKFWiNgX0zM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/VMvaeLHRthPfVl_5lwC2rulA3j8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.238.173.0-213.238.174.255
213.238.176.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:76:99:61:03:6b:96:bf:92:d1:2a:3d:78:a1:33:a6:40:ed:
c0:6b:43:e7:90:ac:7e:27:4c:d0:f4:04:65:6a:6b:18:27:17:
b0:91:76:ca:46:2a:fe:6c:6c:f0:e9:8f:f4:89:6d:d8:a1:bb:
63:2e:39:5c:96:78:48:11:da:4d:09:96:a4:e6:07:18:0f:47:
25:17:9b:b7:9b:2a:81:fd:4c:c0:5b:f9:ad:f0:6a:51:70:6b:
34:42:ad:04:13:ab:b4:33:c2:28:57:8b:88:2d:c7:11:0a:ec:
44:f0:63:f9:d2:8a:86:f1:a3:96:fc:5b:3f:84:88:a4:23:ad:
de:28:e9:18:79:86:f8:ec:e9:8c:bd:fe:53:2a:77:5a:d2:2d:
ce:91:30:bb:c1:db:e0:e2:06:52:01:59:df:38:3d:c7:4b:c8:
31:5a:0e:c7:36:93:2c:32:29:61:8e:3f:fe:d1:8e:e2:79:76:
30:02:81:28:23:79:a8:7e:bd:5a:b6:d5:89:18:09:a5:f0:d6:
e3:c7:63:54:e8:f0:11:e5:c4:f8:09:fe:74:e2:3d:dd:13:12:
01:12:21:74:ca:96:90:ba:eb:21:39:76:87:d8:3b:60:71:bc:
d1:7f:a5:54:71:7a:a7:56:09:6f:12:b9:57:7a:e4:c5:45:9d:
91:c1:f1:71
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYczwia1aSa8f5blFiI+7VxXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0Y2JkYTc4YjFkMWI2MTNkZjU2NWZmOTk3MDBiNmFlZTk0
MGRlM2YwHhcNMjMwMzMwMTgyMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzE2YWFkNjM3MmY1M2I5MThmYmNlYjA3OGExNTY4OGQ4MTdkMzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUVyUIB9gWzhlfoqqx0eQHWvDtat
Jb/UAU89Qkx0+72US7sntpAkalcPEwTFQx5LwWFL6UEdZdUBx+I8th30Dsky3URr
NXGyhf1icHg0Ym717/AKJtXAgMt9TPZ5hcZ6wTMVkEHiX9HmTo8glS6j61ZiNg4i
mNey5/Oj+K8eWn5C4m62uY6BUMs5HYwIxawtHGo/1Zs+0BTExoBQMLfDfWl94vTc
9jCIw5ulB7w9qbC4caN5pTMgSFx8qrHTfdl3iuscQsCHi+NjZEQ12EACa/DUWMD+
FnLqy9x5H/QuRlolK3Wtm+V3YzPUVmmCat22+r/e43bLUlsEtv9h7RdO7wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLMWqtY3L1O5GPvOsHihVojYF9MzMB8GA1UdIwQY
MBaAFFTL2nix0bYT31Zf+ZcAtq7pQN4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVk12YWVMSFJ0aFBmVmxfNWx3QzJydWxBM2o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82ZDYxZDktMGJmNy00NGJiLWI4MGYt
Y2QzMTYxNWQwMWE5LzEvc3hhcTFqY3ZVN2tZLTg2d2VLRldpTmdYMHpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82ZDYxZDktMGJmNy00NGJiLWI4MGYtY2QzMTYxNWQwMWE5
LzEvVk12YWVMSFJ0aFBmVmxfNWx3QzJydWxBM2o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBADV7q0D
BADV7q4DBADV7rAwDQYJKoZIhvcNAQELBQADggEBAB12mWEDa5a/ktEqPXihM6ZA
7cBrQ+eQrH4nTND0BGVqaxgnF7CRdspGKv5sbPDpj/SJbdihu2MuOVyWeEgR2k0J
lqTmBxgPRyUXm7ebKoH9TMBb+a3walFwazRCrQQTq7QzwihXi4gtxxEK7ETwY/nS
iobxo5b8Wz+EiKQjrd4o6Rh5hvjs6Yy9/lMqd1rSLc6RMLvB2+DiBlIBWd84PcdL
yDFaDsc2kywyKWGOP/7RjuJ5djACgSgjeah+vVq21YkYCaXw1uPHY1To8BHlxPgJ
/nTiPd0TEgESIXTKlpC66yE5dofYO2BxvNF/pVRxeqdWCW8SuVd65MVFnZHB8XE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:36 2024 by rpki-client on console-ams.rpki-client.org