Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/0cipBEMuygqCIVNiKNQ0qban0Ew.roa
File: 0cipBEMuygqCIVNiKNQ0qban0Ew.roa (raw, json)
Hash identifier: SHFTwzVzrhntJuWcBbhNLkUmy7yCV5A3bOVEeK/LGAM=
Subject key identifier: D1:C8:A9:04:43:2E:CA:0A:82:21:53:62:28:D4:34:A9:B6:A7:D0:4C
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018618FD7A40923BA14E3CB1B93923B1CFA2
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/0cipBEMuygqCIVNiKNQ0qban0Ew.roa
Signing time: Fri 03 Feb 2023 20:35:10 +0000
ROA not before: Fri 03 Feb 2023 20:35:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52000
IP address blocks: 193.233.22.0/24 maxlen: 24
193.233.250.0/24 maxlen: 24
193.233.249.0/24 maxlen: 24
193.233.248.0/24 maxlen: 24
193.233.251.0/24 maxlen: 24
193.233.171.0/24 maxlen: 24
193.233.175.0/24 maxlen: 24
193.233.197.0/24 maxlen: 24
193.233.88.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:18:fd:7a:40:92:3b:a1:4e:3c:b1:b9:39:23:b1:cf:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Feb 3 20:35:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1c8a904432eca0a8221536228d434a9b6a7d04c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:35:e5:eb:24:39:e0:7f:c4:07:af:84:a0:55:
18:65:54:24:64:02:94:8f:05:ce:51:b8:13:98:04:
66:b2:64:96:36:e3:96:5e:95:b0:f4:9c:1e:d1:a0:
5d:74:f5:ba:52:1e:92:68:e4:6c:ee:11:bb:ea:64:
a7:60:e7:5e:6b:da:bd:28:37:6b:ac:74:a6:17:e5:
b7:c0:e0:50:90:be:98:e8:1b:db:ff:a5:4d:bf:6b:
f1:03:d1:6c:0b:fc:7e:3a:c8:25:f7:86:e1:5c:f6:
67:f9:78:c6:d4:b5:95:37:c7:c6:6d:09:d9:09:f0:
63:93:28:94:52:f2:c5:44:6e:79:f1:80:19:38:04:
f7:2d:ae:c2:7d:aa:a6:3c:01:cc:dd:a4:04:8a:9b:
31:00:14:52:07:53:bc:5c:9f:9d:61:8e:db:89:4d:
10:fe:ea:ca:0b:9e:d1:41:92:b2:91:9b:d8:ad:90:
fb:59:76:36:9f:04:c1:47:45:77:21:df:a8:ab:67:
6a:63:dd:9e:ba:60:20:de:5b:6f:f6:40:9b:86:c8:
27:c7:f7:41:cd:1e:7c:77:3b:6e:9e:a0:69:a3:48:
4b:03:54:bd:17:11:42:77:59:ea:57:2c:9d:91:e1:
4b:15:a9:75:99:f8:a3:27:a9:28:5d:25:10:f2:cf:
6a:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:C8:A9:04:43:2E:CA:0A:82:21:53:62:28:D4:34:A9:B6:A7:D0:4C
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/0cipBEMuygqCIVNiKNQ0qban0Ew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.22.0/24
193.233.88.0/22
193.233.171.0/24
193.233.175.0/24
193.233.197.0/24
193.233.248.0/22
Signature Algorithm: sha256WithRSAEncryption
97:48:21:17:6d:6e:ef:df:a7:cc:9f:20:44:2a:27:3b:e5:6b:
eb:36:2e:0f:5c:fd:2d:70:a0:ed:da:87:c4:05:e0:01:00:58:
ca:60:b3:88:30:ca:1b:8b:34:fc:76:3e:29:82:6c:fc:68:33:
74:f1:12:29:44:cb:b9:ee:69:f5:60:87:27:9f:8e:23:ff:6a:
a5:26:5f:cd:f8:ea:8a:f2:82:e6:46:68:e3:2e:ce:77:61:f8:
c9:f1:30:e7:2b:dc:c4:ee:bf:0c:f8:63:91:9a:93:58:36:94:
16:c1:2b:d9:4f:ae:75:d1:92:ea:ff:0a:9c:31:63:2d:9d:95:
f9:e0:4b:47:e5:f6:98:aa:c1:ac:24:a0:54:b0:ca:c0:f4:8d:
95:a0:2b:30:bd:6a:98:74:ab:49:ca:7a:66:b2:ca:6c:4f:a5:
2e:c3:a1:5a:45:2c:78:31:d9:ea:2f:bc:5d:28:65:1c:f5:5c:
45:87:e9:5a:9d:f3:b7:77:08:ce:63:a8:3e:b7:2a:cf:eb:23:
33:c7:dd:f0:10:e1:88:cf:22:41:9f:16:06:1f:5a:95:e0:c3:
1f:d7:9f:c2:53:1f:09:b6:af:db:0d:9b:28:55:d8:d1:99:60:
22:bc:5a:c1:ef:3d:1e:c0:2d:1c:d8:c4:69:3f:a8:72:71:ac:
5f:c6:58:a2
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYYY/XpAkjuhTjyxuTkjsc+iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwMjAzMjAzNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWM4YTkwNDQzMmVjYTBhODIyMTUzNjIyOGQ0MzRhOWI2YTdkMDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDXl6yQ54H/EB6+EoFUYZVQkZAKU
jwXOUbgTmARmsmSWNuOWXpWw9Jwe0aBddPW6Uh6SaORs7hG76mSnYOdea9q9KDdr
rHSmF+W3wOBQkL6Y6Bvb/6VNv2vxA9FsC/x+Osgl94bhXPZn+XjG1LWVN8fGbQnZ
CfBjkyiUUvLFRG558YAZOAT3La7CfaqmPAHM3aQEipsxABRSB1O8XJ+dYY7biU0Q
/urKC57RQZKykZvYrZD7WXY2nwTBR0V3Id+oq2dqY92eumAg3ltv9kCbhsgnx/dB
zR58dztunqBpo0hLA1S9FxFCd1nqVyydkeFLFal1mfijJ6koXSUQ8s9q0wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNHIqQRDLsoKgiFTYijUNKm2p9BMMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvMGNpcEJFTXV5Z3FDSVZOaUtOUTBxYmFuMEV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwekWAwQC
welYAwQAwemrAwQAwemvAwQAwenFAwQCwen4MA0GCSqGSIb3DQEBCwUAA4IBAQCX
SCEXbW7v36fMnyBEKic75WvrNi4PXP0tcKDt2ofEBeABAFjKYLOIMMobizT8dj4p
gmz8aDN08RIpRMu57mn1YIcnn44j/2qlJl/N+OqK8oLmRmjjLs53YfjJ8TDnK9zE
7r8M+GORmpNYNpQWwSvZT6510ZLq/wqcMWMtnZX54EtH5faYqsGsJKBUsMrA9I2V
oCswvWqYdKtJynpmsspsT6Uuw6FaRSx4MdnqL7xdKGUc9VxFh+lanfO3dwjOY6g+
tyrP6yMzx93wEOGIzyJBnxYGH1qV4MMf15/CUx8Jtq/bDZsoVdjRmWAivFrB7z0e
wC0c2MRpP6hycaxfxlii
-----END CERTIFICATE-----
Generated at Thu Nov 2 18:07:40 2023 by rpki-client on console-ams.rpki-client.org