Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/x3DcVcvagy8rtSdOtUbKLcD8B0E.roa
File: x3DcVcvagy8rtSdOtUbKLcD8B0E.roa (raw, json)
Hash identifier: uvbZlwKbzcq4SsBWds5rRQjQaNwGjEZEwho42HNLypc=
Subject key identifier: C7:70:DC:55:CB:DA:83:2F:2B:B5:27:4E:B5:46:CA:2D:C0:FC:07:41
Certificate issuer: /CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Certificate serial: 018CC7274EFB8FAFFB6E632EBCDBC5044FD9
Authority key identifier: 54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/x3DcVcvagy8rtSdOtUbKLcD8B0E.roa
Signing time: Mon 01 Jan 2024 22:31:31 +0000
ROA not before: Mon 01 Jan 2024 22:31:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 213.238.166.0/24 maxlen: 24
213.238.173.0/24 maxlen: 24
213.238.174.0/24 maxlen: 24
213.238.177.0/24 maxlen: 24
213.238.184.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Feb 2024 10:43:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:4e:fb:8f:af:fb:6e:63:2e:bc:db:c5:04:4f:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Validity
Not Before: Jan 1 22:31:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c770dc55cbda832f2bb5274eb546ca2dc0fc0741
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:66:18:53:f4:6f:bf:38:97:e9:33:35:9f:66:
c8:65:3d:6b:14:51:6f:89:09:c1:ef:da:09:e0:a9:
d1:ae:bf:19:3d:d3:d6:ba:cd:9d:64:52:b2:c9:2d:
10:3a:55:35:ea:08:02:45:67:40:c6:b0:87:67:40:
d8:9a:16:7c:e9:24:b4:86:a1:aa:f2:37:b5:49:6a:
71:08:2f:a3:a5:03:56:ae:07:71:0f:d9:5a:ee:de:
07:03:46:91:b9:ff:1c:9e:81:32:b6:c5:b0:6a:3a:
85:e7:4a:80:21:c9:be:95:5e:48:95:78:c0:80:3f:
d7:87:c6:8f:5d:25:01:06:45:7f:9e:b6:51:7d:c9:
ea:18:0b:cd:70:50:40:37:93:39:99:20:77:6b:a4:
a5:6f:bd:c7:17:da:c4:fa:6c:37:23:72:82:63:4f:
f5:3b:32:6f:6f:bf:ed:91:77:bc:6c:25:c2:52:ea:
f1:24:15:c5:2d:b0:5c:9b:bd:7d:05:37:90:a6:5b:
98:2c:fe:55:b1:db:3b:46:19:12:92:f3:df:5a:6a:
96:03:46:76:6a:ac:1f:8d:ca:86:54:9b:0b:de:36:
14:3a:d7:2f:2c:57:05:6d:fa:97:f3:a9:52:f5:b5:
d6:e8:cb:b7:4a:b6:56:39:4b:f8:ce:ce:d3:c3:30:
82:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:70:DC:55:CB:DA:83:2F:2B:B5:27:4E:B5:46:CA:2D:C0:FC:07:41
X509v3 Authority Key Identifier:
keyid:54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/x3DcVcvagy8rtSdOtUbKLcD8B0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/VMvaeLHRthPfVl_5lwC2rulA3j8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.238.166.0/24
213.238.173.0-213.238.174.255
213.238.177.0/24
213.238.184.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:16:99:e8:72:8e:4c:d3:ef:1c:2b:ab:6d:a6:b9:e4:f9:5c:
88:23:0c:8b:c5:e1:8f:86:d4:72:65:f6:88:c6:99:41:7a:45:
c2:01:c0:ee:31:ac:3a:25:48:12:c0:0e:e7:3e:cf:13:09:62:
75:c2:ff:e0:27:88:b9:5e:c8:df:75:72:40:c8:19:5e:bf:15:
9f:cb:7f:fb:f3:8e:dc:06:1e:42:a5:77:5e:51:d5:ec:84:34:
92:b4:e7:2d:15:d5:46:ef:2f:27:b5:8f:cf:9e:a1:18:83:5c:
68:33:df:1d:2a:2f:ce:47:a8:0b:53:aa:dc:f2:1a:15:23:ff:
71:1b:0a:b3:36:99:0b:6d:d3:36:53:77:f5:df:15:bb:8b:48:
aa:48:a1:d2:35:5a:71:57:e6:1b:a1:3b:22:dd:59:66:2c:53:
fe:b6:50:9b:f9:90:23:8a:da:a9:24:5b:a6:09:05:9d:d5:c4:
1e:07:76:68:4c:f2:80:42:ef:99:b9:d9:3a:58:f0:ce:82:ec:
54:d6:b3:fc:c6:1e:da:57:6a:02:00:e4:b7:05:56:cc:9b:15:
61:a7:ee:a5:ab:3f:ad:f7:af:10:70:8b:70:87:3b:12:86:e2:
6a:f2:bd:2c:6a:db:bf:14:9c:2f:94:e8:c9:ba:eb:f8:d2:0d:
a6:1c:51:8e
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzHJ077j6/7bmMuvNvFBE/ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0Y2JkYTc4YjFkMWI2MTNkZjU2NWZmOTk3MDBiNmFlZTk0
MGRlM2YwHhcNMjQwMTAxMjIzMTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzcwZGM1NWNiZGE4MzJmMmJiNTI3NGViNTQ2Y2EyZGMwZmMwNzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWYYU/RvvziX6TM1n2bIZT1rFFFv
iQnB79oJ4KnRrr8ZPdPWus2dZFKyyS0QOlU16ggCRWdAxrCHZ0DYmhZ86SS0hqGq
8je1SWpxCC+jpQNWrgdxD9la7t4HA0aRuf8cnoEytsWwajqF50qAIcm+lV5IlXjA
gD/Xh8aPXSUBBkV/nrZRfcnqGAvNcFBAN5M5mSB3a6Slb73HF9rE+mw3I3KCY0/1
OzJvb7/tkXe8bCXCUurxJBXFLbBcm719BTeQpluYLP5Vsds7RhkSkvPfWmqWA0Z2
aqwfjcqGVJsL3jYUOtcvLFcFbfqX86lS9bXW6Mu3SrZWOUv4zs7TwzCCRwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFMdw3FXL2oMvK7UnTrVGyi3A/AdBMB8GA1UdIwQY
MBaAFFTL2nix0bYT31Zf+ZcAtq7pQN4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVk12YWVMSFJ0aFBmVmxfNWx3QzJydWxBM2o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82ZDYxZDktMGJmNy00NGJiLWI4MGYt
Y2QzMTYxNWQwMWE5LzEveDNEY1ZjdmFneThydFNkT3RVYktMY0Q4QjBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82ZDYxZDktMGJmNy00NGJiLWI4MGYtY2QzMTYxNWQwMWE5
LzEvVk12YWVMSFJ0aFBmVmxfNWx3QzJydWxBM2o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQA1e6mMAwD
BADV7q0DBADV7q4DBADV7rEDBADV7rgwDQYJKoZIhvcNAQELBQADggEBALgWmehy
jkzT7xwrq22mueT5XIgjDIvF4Y+G1HJl9ojGmUF6RcIBwO4xrDolSBLADuc+zxMJ
YnXC/+AniLleyN91ckDIGV6/FZ/Lf/vzjtwGHkKld15R1eyENJK05y0V1UbvLye1
j8+eoRiDXGgz3x0qL85HqAtTqtzyGhUj/3EbCrM2mQtt0zZTd/XfFbuLSKpIodI1
WnFX5huhOyLdWWYsU/62UJv5kCOK2qkkW6YJBZ3VxB4HdmhM8oBC75m52TpY8M6C
7FTWs/zGHtpXagIA5LcFVsybFWGn7qWrP633rxBwi3CHOxKG4mryvSxq278UnC+U
6Mm66/jSDaYcUY4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:36 2024 by rpki-client on console-ams.rpki-client.org