Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/4OSdgz2pcoE2gcWXyPbHEcJdRHA.roa
File: 4OSdgz2pcoE2gcWXyPbHEcJdRHA.roa (raw, json)
Hash identifier: Va6RrR4NNj8gDDcoOvYD3oSQLVvlPcpoaBW3NcQlUeE=
Subject key identifier: E0:E4:9D:83:3D:A9:72:81:36:81:C5:97:C8:F6:C7:11:C2:5D:44:70
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018BBFBB4259F4817EE74F8BBFE52D83C5C0
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/4OSdgz2pcoE2gcWXyPbHEcJdRHA.roa
Signing time: Sat 11 Nov 2023 18:53:22 +0000
ROA not before: Sat 11 Nov 2023 18:53:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199868
IP address blocks: 185.103.103.0/24 maxlen: 24
193.233.164.0/24 maxlen: 24
193.233.80.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:bf:bb:42:59:f4:81:7e:e7:4f:8b:bf:e5:2d:83:c5:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Nov 11 18:53:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0e49d833da972813681c597c8f6c711c25d4470
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:32:56:37:2d:16:90:8f:d3:33:4e:6d:ca:c8:
bb:2a:47:17:0a:da:89:df:b8:3f:4e:28:5f:2b:4d:
e8:50:5d:bb:ed:7e:25:bf:8b:13:ca:ab:77:6f:ff:
60:3a:8d:37:68:67:f8:da:25:a8:5a:9d:5c:27:5c:
61:8b:dd:00:ae:47:cd:8f:06:1d:31:69:94:57:99:
78:ac:bf:8f:37:68:1e:fe:7c:d6:c8:3a:29:18:37:
bb:ae:92:72:28:39:c7:e2:a7:8d:24:b1:1b:fd:6c:
16:e5:87:be:30:d2:12:c4:e6:2f:c3:42:b9:b8:66:
65:d0:84:59:00:4b:57:75:85:6b:d4:09:c4:26:c7:
e7:95:72:f5:9c:8a:9b:d7:bb:43:33:d9:5f:2c:29:
e8:c1:3c:f6:7e:2f:c3:de:5e:8a:15:95:82:06:b3:
61:8b:63:19:e4:ef:e9:cf:ae:87:ba:04:dc:69:8b:
27:fa:4c:b6:e7:c9:a4:a3:78:2a:e7:97:ab:8e:ac:
75:45:ca:70:96:9b:a2:f0:a7:59:e9:a8:e7:ed:f3:
a3:ce:f3:3e:14:82:ba:01:bd:59:06:c6:2e:7b:2a:
87:98:f4:0e:ea:f2:56:e4:ba:f7:a7:4f:12:e2:5c:
28:57:12:3b:51:e3:c6:29:59:fe:df:c5:88:0d:47:
d6:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:E4:9D:83:3D:A9:72:81:36:81:C5:97:C8:F6:C7:11:C2:5D:44:70
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/4OSdgz2pcoE2gcWXyPbHEcJdRHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.103.103.0/24
193.233.80.0/24
193.233.164.0/24
Signature Algorithm: sha256WithRSAEncryption
53:7c:6a:d3:4e:96:54:e2:4a:90:6f:7c:69:92:dd:54:9e:d6:
f8:de:d1:73:f6:18:bc:a1:10:67:59:36:58:2d:90:4a:30:75:
d6:d0:eb:9e:c3:29:63:34:76:fb:37:2b:db:c6:9b:71:70:7e:
c7:73:10:2f:f4:40:97:9b:11:2f:4f:a0:2b:93:d9:d0:ed:ed:
ee:87:eb:28:13:9d:d0:5f:ad:87:4a:9d:21:c3:d5:87:53:fb:
bc:c0:7d:9d:e1:6e:ab:77:1c:de:52:b8:d0:90:13:6c:d2:7d:
08:76:72:5a:c2:6f:ec:f7:d4:c4:5c:b8:b0:b4:bb:1a:4c:d8:
57:e2:b2:3c:23:88:b7:df:fe:d3:3d:c0:00:f7:a9:84:36:4a:
86:ba:f4:a1:12:98:b7:66:0e:d0:bb:aa:4d:ae:d9:b4:29:f5:
62:59:3b:fe:92:98:62:41:96:8b:53:c5:ee:4a:3e:b0:29:f8:
0f:e3:c1:4e:97:57:3d:47:f3:32:f3:91:2d:88:af:02:92:c3:
86:59:02:32:f0:19:59:94:df:70:66:c1:bc:a0:f5:60:f1:a6:
73:32:5d:65:bb:b9:7b:de:69:c2:b7:6c:30:3f:ac:32:a2:b1:
0a:b5:74:c7:c6:59:80:4f:96:12:d3:f4:51:c9:49:b7:73:fd:
dd:69:20:de
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYu/u0JZ9IF+50+Lv+Utg8XAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMxMTExMTg1MzIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGU0OWQ4MzNkYTk3MjgxMzY4MWM1OTdjOGY2YzcxMWMyNWQ0NDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjJWNy0WkI/TM05tysi7KkcXCtqJ
37g/TihfK03oUF277X4lv4sTyqt3b/9gOo03aGf42iWoWp1cJ1xhi90ArkfNjwYd
MWmUV5l4rL+PN2ge/nzWyDopGDe7rpJyKDnH4qeNJLEb/WwW5Ye+MNISxOYvw0K5
uGZl0IRZAEtXdYVr1AnEJsfnlXL1nIqb17tDM9lfLCnowTz2fi/D3l6KFZWCBrNh
i2MZ5O/pz66HugTcaYsn+ky258mko3gq55erjqx1Rcpwlpui8KdZ6ajn7fOjzvM+
FIK6Ab1ZBsYueyqHmPQO6vJW5Lr3p08S4lwoVxI7UePGKVn+38WIDUfWJQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFODknYM9qXKBNoHFl8j2xxHCXURwMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvNE9TZGd6MnBjb0UyZ2NXWHlQYkhFY0pkUkhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuWdnAwQA
welQAwQAwemkMA0GCSqGSIb3DQEBCwUAA4IBAQBTfGrTTpZU4kqQb3xpkt1Untb4
3tFz9hi8oRBnWTZYLZBKMHXW0OuewyljNHb7NyvbxptxcH7HcxAv9ECXmxEvT6Ar
k9nQ7e3uh+soE53QX62HSp0hw9WHU/u8wH2d4W6rdxzeUrjQkBNs0n0IdnJawm/s
99TEXLiwtLsaTNhX4rI8I4i33/7TPcAA96mENkqGuvShEpi3Zg7Qu6pNrtm0KfVi
WTv+kphiQZaLU8XuSj6wKfgP48FOl1c9R/My85EtiK8CksOGWQIy8BlZlN9wZsG8
oPVg8aZzMl1lu7l73mnCt2wwP6wyorEKtXTHxlmAT5YS0/RRyUm3c/3daSDe
-----END CERTIFICATE-----
Generated at Wed Nov 15 18:55:46 2023 by rpki-client on console-ams.rpki-client.org