Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/1-qzGg3rSjnxksAqshEGRVk3C6vs.roa
File: 1-qzGg3rSjnxksAqshEGRVk3C6vs.roa (raw, json)
Hash identifier: MMaF73wEktHct+EviCZM0pmR+P3rSQwng466oSB+xMo=
Subject key identifier: FA:AC:C6:83:7A:D2:8E:7C:64:B0:0A:AC:84:41:91:56:4D:C2:EA:FB
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018D4A907E5E1C5505FC5853FBA681FCE62F
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/1-qzGg3rSjnxksAqshEGRVk3C6vs.roa
Signing time: Sat 27 Jan 2024 10:56:39 +0000
ROA not before: Sat 27 Jan 2024 10:56:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8342
IP address blocks: 147.45.120.0/22 maxlen: 22
193.233.60.0/24 maxlen: 24
193.233.62.0/24 maxlen: 24
193.233.170.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 03 Feb 2024 17:05:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:4a:90:7e:5e:1c:55:05:fc:58:53:fb:a6:81:fc:e6:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 27 10:56:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=faacc6837ad28e7c64b00aac844191564dc2eafb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c8:64:51:b2:b5:82:bf:3f:74:09:1a:69:5f:
3f:0a:e6:8c:17:67:c1:59:dd:63:9d:ca:e9:f5:80:
b2:84:55:61:ad:7e:15:d7:ab:cd:cf:a9:7a:a4:71:
b9:d8:f7:b4:4d:c9:c3:74:ff:b0:67:b7:97:ed:8a:
22:6b:19:d3:0f:b9:2f:71:6e:2c:de:44:5b:a7:75:
8b:af:bf:fb:6c:2d:1a:a4:2d:ef:42:2c:38:62:01:
55:02:d6:23:e0:0a:aa:4b:87:82:20:93:8f:10:91:
14:9d:9e:2c:ae:34:cf:79:79:33:1d:e4:60:aa:f9:
fc:77:4e:db:c3:ce:8e:1e:4d:dd:ba:ce:92:0c:60:
14:85:0e:44:53:17:d5:9d:29:4a:1e:c1:61:1f:b9:
f5:80:e4:1c:9c:cc:f9:ce:bd:05:b5:15:d1:de:f8:
74:75:3a:b3:fa:2f:18:00:98:19:b9:a7:e1:3c:10:
bf:9a:63:05:3e:0a:40:c8:14:83:b3:a6:f2:2d:fd:
0f:8e:7a:dc:e8:1b:62:b0:70:05:ac:5c:9a:5e:5c:
4f:ff:1c:2a:18:e0:9b:31:62:b8:35:a3:3e:2c:4a:
94:cb:3a:7b:a6:70:0c:13:de:52:8c:7b:49:fd:94:
a1:d6:e4:3b:c0:d0:03:f6:31:3c:c4:87:8b:69:15:
d3:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:AC:C6:83:7A:D2:8E:7C:64:B0:0A:AC:84:41:91:56:4D:C2:EA:FB
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/1-qzGg3rSjnxksAqshEGRVk3C6vs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.120.0/22
193.233.60.0/24
193.233.62.0/24
193.233.170.0/24
Signature Algorithm: sha256WithRSAEncryption
74:ad:f0:d5:a2:6e:5a:2b:33:b9:82:25:44:3d:46:0a:fc:d1:
fa:af:5c:ad:ef:b6:77:3d:ed:40:28:00:c5:83:df:c9:89:82:
e2:85:3e:33:a5:fa:7f:a4:18:0d:2e:4a:de:fa:80:68:cf:a1:
4d:a8:be:8b:30:bc:4d:f3:08:31:27:ea:c7:97:c4:fa:3e:cd:
3f:3e:a7:8f:bf:59:bd:0c:e9:c7:a5:ed:65:f1:84:45:86:49:
ca:6e:5c:46:48:e1:0f:9c:65:2d:b8:fa:89:43:14:4a:b4:0e:
96:77:ec:42:5c:50:48:d0:ac:f4:5c:70:6c:cd:db:ea:82:87:
55:65:e4:4e:f3:b0:b8:a0:ad:08:69:da:86:20:f7:c4:d2:52:
38:bf:fd:a6:92:dd:15:01:3c:bb:10:60:c9:0d:6c:62:f3:fe:
2a:dd:f9:22:06:36:c0:5b:d6:cb:8b:ca:0f:bb:7c:88:3b:ca:
b8:05:61:c5:7e:c3:a9:fe:bf:93:e2:ae:53:58:5e:33:7e:52:
23:7a:ca:d1:84:c2:98:01:6b:6e:87:84:b7:ec:d1:bb:d7:a6:
bc:83:33:c3:45:97:85:88:fb:1d:d2:46:ab:5f:ae:b9:c8:12:
c3:de:ab:cb:d8:aa:e7:ec:49:ef:c3:75:83:6d:12:92:c2:35:
15:d4:33:a7
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAY1KkH5eHFUF/FhT+6aB/OYvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMTI3MTA1NjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWFjYzY4MzdhZDI4ZTdjNjRiMDBhYWM4NDQxOTE1NjRkYzJlYWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8hkUbK1gr8/dAkaaV8/CuaMF2fB
Wd1jncrp9YCyhFVhrX4V16vNz6l6pHG52Pe0TcnDdP+wZ7eX7YoiaxnTD7kvcW4s
3kRbp3WLr7/7bC0apC3vQiw4YgFVAtYj4AqqS4eCIJOPEJEUnZ4srjTPeXkzHeRg
qvn8d07bw86OHk3dus6SDGAUhQ5EUxfVnSlKHsFhH7n1gOQcnMz5zr0FtRXR3vh0
dTqz+i8YAJgZuafhPBC/mmMFPgpAyBSDs6byLf0Pjnrc6BtisHAFrFyaXlxP/xwq
GOCbMWK4NaM+LEqUyzp7pnAME95SjHtJ/ZSh1uQ7wNAD9jE8xIeLaRXTQwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPqsxoN60o58ZLAKrIRBkVZNwur7MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvMS1xekdnM3JTam54a3NBcXNoRUdSVmszQzZ2cy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGMvYWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0
OS8xL2h0Wkl2YnFXVkdHeDZNRWJuZFEyeGhPQ2h6dy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEApMteAME
AMHpPAMEAMHpPgMEAMHpqjANBgkqhkiG9w0BAQsFAAOCAQEAdK3w1aJuWiszuYIl
RD1GCvzR+q9cre+2dz3tQCgAxYPfyYmC4oU+M6X6f6QYDS5K3vqAaM+hTai+izC8
TfMIMSfqx5fE+j7NPz6nj79ZvQzpx6XtZfGERYZJym5cRkjhD5xlLbj6iUMUSrQO
lnfsQlxQSNCs9FxwbM3b6oKHVWXkTvOwuKCtCGnahiD3xNJSOL/9ppLdFQE8uxBg
yQ1sYvP+Kt35IgY2wFvWy4vKD7t8iDvKuAVhxX7Dqf6/k+KuU1heM35SI3rK0YTC
mAFrboeEt+zRu9emvIMzw0WXhYj7HdJGq1+uucgSw96ry9iq5+xJ78N1g20SksI1
FdQzpw==
-----END CERTIFICATE-----
Generated at Sat Feb 3 20:35:33 2024 by rpki-client on console-fra.rpki-client.org