Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/0baAooaBymG0ql1pcKt_6TEkpBY.roa
File: 0baAooaBymG0ql1pcKt_6TEkpBY.roa (raw, json)
Hash identifier: 9qvIfU5TL6e7X02DFHixNVmVZJIoGaMZyPbRXO0nMDs=
Subject key identifier: D1:B6:80:A2:86:81:CA:61:B4:AA:5D:69:70:AB:7F:E9:31:24:A4:16
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018609D4E456439E7BB31BB92624B852BB93
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/0baAooaBymG0ql1pcKt_6TEkpBY.roa
Signing time: Tue 31 Jan 2023 21:56:32 +0000
ROA not before: Tue 31 Jan 2023 21:56:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56690
IP address blocks: 193.233.12.0/23 maxlen: 23
193.233.24.0/23 maxlen: 23
193.233.26.0/23 maxlen: 23
193.233.28.0/23 maxlen: 23
193.233.150.0/24 maxlen: 24
193.233.54.0/23 maxlen: 23
193.233.166.0/23 maxlen: 23
193.233.168.0/23 maxlen: 23
193.233.176.0/20 maxlen: 20
193.233.73.0/24 maxlen: 24
193.233.212.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:09:d4:e4:56:43:9e:7b:b3:1b:b9:26:24:b8:52:bb:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 31 21:56:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1b680a28681ca61b4aa5d6970ab7fe93124a416
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:16:18:ef:c0:f2:2d:65:35:b8:af:7d:46:3c:
df:8c:54:89:da:52:7d:5e:5b:01:bc:72:cb:17:25:
79:c1:a2:dc:25:d2:81:2d:c3:4d:35:cc:53:c7:9e:
03:71:d8:f0:e7:48:e0:49:be:58:d4:46:3b:1c:82:
94:7a:0c:d3:c8:35:fa:a2:fe:bd:9a:ad:39:32:e9:
d7:3e:a3:db:e4:fa:e4:2d:43:28:cd:23:90:76:b9:
3f:ef:9c:1a:b9:2f:79:7c:76:a0:91:c8:78:d0:f5:
f8:44:8b:49:ce:a0:5f:e4:60:40:1a:50:34:cc:1f:
0a:62:2a:72:74:70:14:92:28:6e:4d:79:39:08:74:
cd:cb:ad:25:c1:16:a5:c2:d6:b1:9c:dc:50:f6:b5:
9b:6d:b6:22:f5:6f:65:0b:e4:5c:7f:21:67:2d:e6:
d1:35:f0:2a:49:8a:1d:e9:eb:ee:f6:e9:8b:8c:c3:
fc:9f:68:a4:b5:46:da:d2:c5:95:72:81:e1:99:61:
ef:4c:7a:2a:53:d6:e4:f3:2e:80:9f:34:93:70:4f:
e5:94:e6:90:16:88:bf:5e:0a:5f:77:de:88:79:7b:
29:22:63:ec:82:17:b5:ff:6e:e1:46:cb:d1:0c:13:
a8:74:de:d3:77:f8:d7:4e:60:d5:e6:3e:47:7e:a9:
e3:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:B6:80:A2:86:81:CA:61:B4:AA:5D:69:70:AB:7F:E9:31:24:A4:16
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/0baAooaBymG0ql1pcKt_6TEkpBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.12.0/23
193.233.24.0-193.233.29.255
193.233.54.0/23
193.233.73.0/24
193.233.150.0/24
193.233.166.0-193.233.169.255
193.233.176.0/20
193.233.212.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:2a:2d:de:b4:a0:f4:5b:38:11:dc:f6:43:aa:3c:3b:b8:f4:
22:f0:1d:de:cc:87:8d:9b:89:e5:76:17:f9:e8:24:c0:c7:3b:
1d:43:26:69:cd:bc:38:04:2c:ad:43:3f:4f:02:3c:fa:8f:73:
e3:5a:3f:9d:1c:4c:b5:d1:b2:e7:96:a4:ba:5d:db:70:93:61:
f9:a9:0c:e1:d7:85:1b:5b:72:0e:7e:dc:7e:a5:30:3e:49:c3:
2e:59:94:57:e4:d7:c0:23:74:d2:ac:15:57:11:89:c0:ef:c8:
17:5c:67:ea:16:ae:18:66:cc:55:2b:e8:cb:4e:39:a9:d4:31:
12:aa:1e:86:32:ae:d8:74:81:0f:8c:de:4c:83:40:a8:bc:ec:
f6:d2:b2:ec:d8:38:76:5b:f9:86:21:c6:31:f7:51:5b:ea:20:
e3:b8:b6:ca:0b:22:e0:ac:53:75:e3:75:b9:93:4b:64:13:18:
de:90:ba:57:fb:66:8b:3e:51:c7:6c:2a:c8:de:4f:a6:9f:8f:
de:c3:cb:10:af:11:6b:65:9e:57:61:ed:7f:cb:33:8b:16:3e:
6b:08:50:70:e0:a7:c5:f4:4e:6a:c7:6e:4e:db:41:42:58:25:
0a:e9:93:b4:f6:7e:39:e0:13:6f:f6:45:cb:7a:82:75:23:a2:
b1:77:48:bd
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYYJ1ORWQ557sxu5JiS4UruTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwMTMxMjE1NjMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWI2ODBhMjg2ODFjYTYxYjRhYTVkNjk3MGFiN2ZlOTMxMjRhNDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxYY78DyLWU1uK99RjzfjFSJ2lJ9
XlsBvHLLFyV5waLcJdKBLcNNNcxTx54Dcdjw50jgSb5Y1EY7HIKUegzTyDX6ov69
mq05MunXPqPb5PrkLUMozSOQdrk/75wauS95fHagkch40PX4RItJzqBf5GBAGlA0
zB8KYipydHAUkihuTXk5CHTNy60lwRalwtaxnNxQ9rWbbbYi9W9lC+RcfyFnLebR
NfAqSYod6evu9umLjMP8n2iktUba0sWVcoHhmWHvTHoqU9bk8y6AnzSTcE/llOaQ
Foi/Xgpfd96IeXspImPsghe1/27hRsvRDBOodN7Td/jXTmDV5j5HfqnjGwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFNG2gKKGgcphtKpdaXCrf+kxJKQWMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvMGJhQW9vYUJ5bUcwcWwxcGNLdF82VEVrcEJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQBwekMMAwD
BAPB6RgDBAHB6RwDBAHB6TYDBADB6UkDBADB6ZYwDAMEAcHppgMEAcHpqAMEBMHp
sAMEAsHp1DANBgkqhkiG9w0BAQsFAAOCAQEASiot3rSg9Fs4Edz2Q6o8O7j0IvAd
3syHjZuJ5XYX+egkwMc7HUMmac28OAQsrUM/TwI8+o9z41o/nRxMtdGy55akul3b
cJNh+akM4deFG1tyDn7cfqUwPknDLlmUV+TXwCN00qwVVxGJwO/IF1xn6hauGGbM
VSvoy045qdQxEqoehjKu2HSBD4zeTINAqLzs9tKy7Ng4dlv5hiHGMfdRW+og47i2
ygsi4KxTdeN1uZNLZBMY3pC6V/tmiz5Rx2wqyN5Ppp+P3sPLEK8Ra2WeV2Htf8sz
ixY+awhQcOCnxfROasduTttBQlglCumTtPZ+OeATb/ZFy3qCdSOisXdIvQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:30 2023 by rpki-client on console-ams.rpki-client.org