Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/3FSbVUsnPMduf9__ls3mEv_eB3w.roa
File: 3FSbVUsnPMduf9__ls3mEv_eB3w.roa (raw, json)
Hash identifier: e3hyMgETT8u+/XKAgCV4jIrqKnm8ewRk6PLGIFUdGgE=
Subject key identifier: DC:54:9B:55:4B:27:3C:C7:6E:7F:DF:FF:96:CD:E6:12:FF:DE:07:7C
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 01856F26F0885A8DD454DA3B5E50EAFBB9BE
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/3FSbVUsnPMduf9__ls3mEv_eB3w.roa
Signing time: Sun 01 Jan 2023 21:05:00 +0000
ROA not before: Sun 01 Jan 2023 21:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206152
IP address blocks: 193.233.164.0/24 maxlen: 24
193.233.163.0/24 maxlen: 24
193.233.162.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:f0:88:5a:8d:d4:54:da:3b:5e:50:ea:fb:b9:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 21:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc549b554b273cc76e7fdfff96cde612ffde077c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:92:3d:85:79:cb:d2:af:b1:0e:6e:2c:f2:28:
61:61:db:63:e0:c8:3e:9f:14:0e:b1:15:f6:d1:a3:
f8:d1:fe:48:61:a8:37:b0:e8:a0:d1:48:a5:3a:3f:
6f:2b:1c:99:86:93:d0:f3:5c:09:c3:d9:cc:12:64:
6d:0c:01:fb:4b:e6:fa:53:dc:22:cb:18:54:e3:92:
dd:9f:3c:55:ca:e9:60:9d:61:06:10:e7:33:65:2c:
ac:0d:43:0c:01:6a:60:7f:a0:3a:b3:c6:86:83:6b:
60:29:9c:e8:a1:b7:97:7f:5e:1b:c3:ec:bf:37:82:
4b:78:95:e1:60:e0:93:d3:7f:7a:8f:b8:15:a3:9f:
ce:69:22:f3:7d:6a:29:b0:e5:2c:88:c4:e9:41:db:
ce:75:b5:1a:65:30:9d:82:6b:88:97:70:35:57:75:
b1:9f:39:11:5c:8f:c9:0f:bf:dc:80:e5:95:29:1c:
9a:09:54:a4:4c:83:e4:81:d9:d2:84:5a:73:a3:db:
94:33:99:7d:f8:26:dd:7c:e3:29:04:25:7a:29:db:
ea:90:63:11:b1:a3:4a:7e:79:2c:ee:85:e5:52:4f:
02:f9:ba:77:bd:e5:e3:ef:69:25:ff:3c:9b:fe:3b:
78:db:b9:08:91:04:27:e1:7d:d7:44:c4:a9:0e:3a:
6f:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:54:9B:55:4B:27:3C:C7:6E:7F:DF:FF:96:CD:E6:12:FF:DE:07:7C
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/3FSbVUsnPMduf9__ls3mEv_eB3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.162.0-193.233.164.255
Signature Algorithm: sha256WithRSAEncryption
8c:ae:01:57:b0:75:19:41:8d:98:08:20:c5:c1:29:ad:93:e0:
41:f7:79:d6:fc:cb:c2:19:75:01:0c:14:b6:0e:f8:38:06:f8:
39:3b:8f:0a:f3:04:09:ff:58:8e:78:60:87:f3:4d:7f:0b:dc:
1b:21:a0:01:26:ba:6e:48:6c:d9:ff:3b:76:fa:d8:96:11:10:
80:8f:bc:5f:ad:1e:df:8e:18:a6:c7:61:b0:49:ee:0a:84:1b:
15:3f:9e:02:05:55:c8:2f:99:44:eb:ac:dc:64:e3:14:4f:cd:
ba:27:54:5e:ad:01:45:c5:96:fc:31:e4:c0:49:67:cf:02:88:
30:5d:8f:c1:87:57:7d:0c:2a:98:ed:62:a7:1e:1b:51:f8:8a:
62:6d:04:27:55:17:8f:29:b8:ae:fa:18:b0:a6:3b:21:f5:9b:
fb:bd:94:43:f7:42:01:1e:ae:1f:2c:f5:1b:1d:33:46:0d:ba:
0c:d9:c1:4d:37:28:22:b1:43:d6:01:e4:0c:57:73:76:b5:e3:
54:19:08:f0:c4:b1:99:3d:28:0a:33:75:c6:00:01:77:cc:e2:
f1:85:4a:92:46:54:39:18:d9:14:39:a1:0a:2e:b8:35:1e:db:
7d:f9:58:49:64:6a:39:7c:d0:0e:a8:9e:b7:f3:e8:e2:61:52:
db:7c:ad:b0
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVvJvCIWo3UVNo7XlDq+7m+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwMTAxMjEwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzU0OWI1NTRiMjczY2M3NmU3ZmRmZmY5NmNkZTYxMmZmZGUwNzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZI9hXnL0q+xDm4s8ihhYdtj4Mg+
nxQOsRX20aP40f5IYag3sOig0UilOj9vKxyZhpPQ81wJw9nMEmRtDAH7S+b6U9wi
yxhU45LdnzxVyulgnWEGEOczZSysDUMMAWpgf6A6s8aGg2tgKZzoobeXf14bw+y/
N4JLeJXhYOCT0396j7gVo5/OaSLzfWopsOUsiMTpQdvOdbUaZTCdgmuIl3A1V3Wx
nzkRXI/JD7/cgOWVKRyaCVSkTIPkgdnShFpzo9uUM5l9+CbdfOMpBCV6KdvqkGMR
saNKfnks7oXlUk8C+bp3veXj72kl/zyb/jt427kIkQQn4X3XRMSpDjpvfwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNxUm1VLJzzHbn/f/5bN5hL/3gd8MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvM0ZTYlZVc25QTWR1ZjlfX2xzM21Fdl9lQjN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAHB6aID
BADB6aQwDQYJKoZIhvcNAQELBQADggEBAIyuAVewdRlBjZgIIMXBKa2T4EH3edb8
y8IZdQEMFLYO+DgG+Dk7jwrzBAn/WI54YIfzTX8L3BshoAEmum5IbNn/O3b62JYR
EICPvF+tHt+OGKbHYbBJ7gqEGxU/ngIFVcgvmUTrrNxk4xRPzbonVF6tAUXFlvwx
5MBJZ88CiDBdj8GHV30MKpjtYqceG1H4imJtBCdVF48puK76GLCmOyH1m/u9lEP3
QgEerh8s9RsdM0YNugzZwU03KCKxQ9YB5AxXc3a141QZCPDEsZk9KAozdcYAAXfM
4vGFSpJGVDkY2RQ5oQouuDUe2335WElkajl80A6onrfz6OJhUtt8rbA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:37 2023 by rpki-client on console-fra.rpki-client.org