Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/4dYmgiIojMXr8qQaf7HRnh3VXng.roa
File: 4dYmgiIojMXr8qQaf7HRnh3VXng.roa (raw, json)
Hash identifier: Z8kfMnJGA+w28X89hE/DRMlOEc/Fddfrwd5qxXSjxJ0=
Subject key identifier: E1:D6:26:82:22:28:8C:C5:EB:F2:A4:1A:7F:B1:D1:9E:1D:D5:5E:78
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 01883337A5CD0AD4843309B64B8FC17DEAA3
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/4dYmgiIojMXr8qQaf7HRnh3VXng.roa
Signing time: Fri 19 May 2023 08:54:24 +0000
ROA not before: Fri 19 May 2023 08:54:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 46475
IP address blocks: 193.233.249.0/24 maxlen: 24
193.233.250.0/24 maxlen: 24
193.233.248.0/24 maxlen: 24
193.233.251.0/24 maxlen: 24
193.233.89.0/24 maxlen: 24
193.233.90.0/24 maxlen: 24
193.233.88.0/24 maxlen: 24
193.233.91.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:33:37:a5:cd:0a:d4:84:33:09:b6:4b:8f:c1:7d:ea:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: May 19 08:54:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1d6268222288cc5ebf2a41a7fb1d19e1dd55e78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:16:09:fd:c7:4d:46:7f:8a:89:0e:6f:50:4d:
82:2f:9d:8d:0c:66:25:b6:95:d5:f8:77:fa:5f:67:
34:9f:cf:df:74:8c:fc:05:1d:ad:1e:ff:58:f4:b8:
8d:bb:4d:f7:31:94:50:31:47:c1:78:1f:4c:1b:52:
fe:f2:f7:f9:91:c4:08:25:9c:97:36:da:a6:bf:0a:
30:fd:30:fa:ce:69:7e:ca:13:24:7b:d3:ee:bd:db:
88:dd:46:ef:b6:39:b9:5f:11:83:eb:25:ca:f1:fb:
4e:11:45:76:cf:bb:51:d3:bf:36:0d:8e:4d:39:80:
e7:62:3e:31:f9:1e:5c:1b:78:28:af:d8:cc:81:fc:
ab:11:60:b3:36:39:79:eb:aa:77:6c:ce:8d:cc:04:
6e:8f:b1:3d:91:da:26:5c:76:0d:94:f9:27:e4:87:
fd:a4:06:28:3e:58:51:94:6f:43:ed:aa:46:c0:06:
3c:87:4f:49:eb:54:50:19:e5:ca:67:4d:76:13:b5:
52:36:63:79:93:8b:06:2d:d4:06:3d:a3:80:ae:67:
d8:d3:b2:3f:83:36:47:77:d8:10:5d:b4:35:bd:67:
b2:45:90:05:a1:2f:75:e6:79:5b:14:a9:3b:a4:dc:
48:9a:0d:c5:f2:3d:32:82:1f:66:b8:57:e1:8d:53:
c8:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:D6:26:82:22:28:8C:C5:EB:F2:A4:1A:7F:B1:D1:9E:1D:D5:5E:78
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/4dYmgiIojMXr8qQaf7HRnh3VXng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.88.0/22
193.233.248.0/22
Signature Algorithm: sha256WithRSAEncryption
19:0c:d7:d5:11:cd:03:d0:71:b2:ac:3c:aa:c4:b7:fa:b9:e4:
9a:70:6c:8f:94:b4:6e:c8:52:2d:0d:8b:04:73:04:fe:94:b9:
f0:f8:7a:c4:75:16:2c:3c:1c:1c:b7:c8:32:94:30:4b:b7:8f:
7c:74:49:75:64:ba:fe:04:49:b4:f7:5c:84:ed:4c:5c:18:ff:
59:f4:b0:97:68:8a:97:ee:7d:5d:3c:5c:64:4a:b1:31:f2:5e:
7c:f0:6a:1d:41:b1:30:53:de:26:2c:14:f8:50:e0:14:31:da:
71:c7:2f:69:1b:7b:46:ad:05:fc:7f:76:01:05:56:30:5a:9f:
95:34:db:66:1a:30:1a:9c:8b:72:c7:84:82:fe:94:27:70:58:
64:72:b7:10:ae:db:4b:e6:c2:96:cd:0f:0f:6f:fd:a4:16:24:
53:81:30:e3:7c:9c:be:51:a2:41:b8:d2:02:e6:01:8d:46:24:
ed:0f:25:46:63:b1:f2:45:3a:8e:de:93:72:0d:21:44:17:74:
9c:46:1b:02:ed:50:8c:07:11:4f:d7:74:3e:fd:2a:0c:0b:02:
c3:b1:37:32:1f:cf:46:40:bc:18:1a:b9:9a:53:ee:a0:0b:95:
bd:6d:cc:28:cf:31:27:c7:07:61:56:4c:14:e5:72:8f:9d:ac:
28:5c:36:df
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYgzN6XNCtSEMwm2S4/BfeqjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwNTE5MDg1NDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWQ2MjY4MjIyMjg4Y2M1ZWJmMmE0MWE3ZmIxZDE5ZTFkZDU1ZTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRYJ/cdNRn+KiQ5vUE2CL52NDGYl
tpXV+Hf6X2c0n8/fdIz8BR2tHv9Y9LiNu033MZRQMUfBeB9MG1L+8vf5kcQIJZyX
Ntqmvwow/TD6zml+yhMke9PuvduI3Ubvtjm5XxGD6yXK8ftOEUV2z7tR0782DY5N
OYDnYj4x+R5cG3gor9jMgfyrEWCzNjl566p3bM6NzARuj7E9kdomXHYNlPkn5If9
pAYoPlhRlG9D7apGwAY8h09J61RQGeXKZ012E7VSNmN5k4sGLdQGPaOArmfY07I/
gzZHd9gQXbQ1vWeyRZAFoS915nlbFKk7pNxImg3F8j0ygh9muFfhjVPIxwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOHWJoIiKIzF6/KkGn+x0Z4d1V54MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvNGRZbWdpSW9qTVhyOHFRYWY3SFJuaDNWWG5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwelYAwQC
wen4MA0GCSqGSIb3DQEBCwUAA4IBAQAZDNfVEc0D0HGyrDyqxLf6ueSacGyPlLRu
yFItDYsEcwT+lLnw+HrEdRYsPBwct8gylDBLt498dEl1ZLr+BEm091yE7UxcGP9Z
9LCXaIqX7n1dPFxkSrEx8l588GodQbEwU94mLBT4UOAUMdpxxy9pG3tGrQX8f3YB
BVYwWp+VNNtmGjAanItyx4SC/pQncFhkcrcQrttL5sKWzQ8Pb/2kFiRTgTDjfJy+
UaJBuNIC5gGNRiTtDyVGY7HyRTqO3pNyDSFEF3ScRhsC7VCMBxFP13Q+/SoMCwLD
sTcyH89GQLwYGrmaU+6gC5W9bcwozzEnxwdhVkwU5XKPnawoXDbf
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:30 2023 by rpki-client on console-ams.rpki-client.org