Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/4gnbPl-xCGj_YHi9MrNR4EZqTuM.roa
File: 4gnbPl-xCGj_YHi9MrNR4EZqTuM.roa (raw, json)
Hash identifier: l//yzk+aI8O8WLYDB4FWWr8f7REiDbxLwK2ASBsotSI=
Subject key identifier: E2:09:DB:3E:5F:B1:08:68:FF:60:78:BD:32:B3:51:E0:46:6A:4E:E3
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018CC79526FCD3047D31D62D38422443B9D4
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/4gnbPl-xCGj_YHi9MrNR4EZqTuM.roa
Signing time: Tue 02 Jan 2024 00:31:29 +0000
ROA not before: Tue 02 Jan 2024 00:31:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 45027
IP address blocks: 193.233.62.0/24 maxlen: 24
193.233.170.0/24 maxlen: 24
193.233.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 31 May 2024 19:35:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:26:fc:d3:04:7d:31:d6:2d:38:42:24:43:b9:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 2 00:31:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e209db3e5fb10868ff6078bd32b351e0466a4ee3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5f:27:25:d5:c1:74:0c:3b:0b:05:08:59:2d:
8c:45:57:0b:86:bf:90:89:bb:01:df:4e:fb:bb:a1:
f6:f6:86:d6:ce:cd:54:e6:f3:25:7c:9f:04:5a:54:
43:c9:8b:f7:f7:a8:39:ad:a7:6c:2c:11:be:2c:4a:
32:be:5e:1c:cc:bd:94:96:a0:a4:d4:97:4c:d7:3e:
19:f4:31:11:29:3d:60:5a:92:5d:26:e8:7a:65:fd:
47:cf:be:a8:31:6f:e5:dc:81:f9:f1:cc:c1:95:07:
c0:f5:4c:b1:3c:fe:3d:82:20:e6:f6:35:2d:36:66:
af:be:a1:20:58:2d:b7:d4:f5:ca:13:c2:21:f7:7d:
82:ea:45:2e:83:3f:ae:33:df:58:81:9c:95:dc:67:
02:85:88:ae:95:5a:17:dd:fd:72:b3:67:bf:f7:92:
3d:4f:14:42:48:ca:6f:8c:f6:da:3d:91:75:a9:f5:
ef:71:4b:c7:6c:0b:be:11:58:10:2e:00:e1:16:1f:
a1:3b:b4:1c:eb:4f:d8:31:18:21:52:32:70:d3:50:
bc:b7:96:94:eb:ba:31:23:98:54:be:dd:66:30:91:
1f:f9:b3:2d:3a:81:2b:ab:91:a8:5d:c4:f5:1d:46:
d0:6f:b7:93:f6:6e:e9:bf:c0:1f:3d:0e:ef:56:71:
23:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:09:DB:3E:5F:B1:08:68:FF:60:78:BD:32:B3:51:E0:46:6A:4E:E3
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/4gnbPl-xCGj_YHi9MrNR4EZqTuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.60.0/24
193.233.62.0/24
193.233.170.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:81:48:96:ea:79:6e:0c:e0:1f:dc:8d:96:95:4e:df:30:35:
ce:74:86:3f:e4:8d:75:8a:f9:59:b5:9d:af:67:91:29:cf:d2:
14:31:21:f6:6d:e8:d3:39:98:3e:2d:19:58:3d:f7:76:78:43:
3f:81:c8:22:6d:ab:22:25:76:25:30:9c:8d:c3:57:98:8e:bf:
d4:6b:a8:00:0c:56:47:37:3e:e8:35:e6:1b:6d:a9:a3:07:63:
0c:d4:97:4b:28:0f:be:3e:62:7a:43:2a:d5:63:13:39:92:52:
ff:2b:75:c6:07:15:19:77:b6:cb:8a:e6:c4:80:11:f6:f8:06:
b2:39:9d:c4:8b:1a:b4:59:9a:fe:49:e5:03:22:32:27:b8:36:
34:96:06:d0:eb:b4:c4:4c:c1:fa:4b:ab:ca:5b:75:94:2e:b2:
20:d7:ea:41:3e:7f:b3:88:43:45:fa:f3:e8:2b:d7:13:01:f2:
51:1a:07:8e:f3:cf:d7:56:31:da:a4:cf:eb:8b:96:ca:b2:fc:
06:c0:a8:08:17:c1:e5:52:c2:9e:88:b9:23:eb:05:03:5b:97:
d7:12:fe:c0:5c:a7:37:4c:e4:93:29:43:4d:77:81:d0:02:1c:
c5:ae:e8:92:e3:cb:e0:bc:1f:b1:2e:75:33:a1:eb:00:95:54:
f9:7e:ff:0d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHlSb80wR9MdYtOEIkQ7nUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMTAyMDAzMTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjA5ZGIzZTVmYjEwODY4ZmY2MDc4YmQzMmIzNTFlMDQ2NmE0ZWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtF8nJdXBdAw7CwUIWS2MRVcLhr+Q
ibsB3077u6H29obWzs1U5vMlfJ8EWlRDyYv396g5radsLBG+LEoyvl4czL2UlqCk
1JdM1z4Z9DERKT1gWpJdJuh6Zf1Hz76oMW/l3IH58czBlQfA9UyxPP49giDm9jUt
NmavvqEgWC231PXKE8Ih932C6kUugz+uM99YgZyV3GcChYiulVoX3f1ys2e/95I9
TxRCSMpvjPbaPZF1qfXvcUvHbAu+EVgQLgDhFh+hO7Qc60/YMRghUjJw01C8t5aU
67oxI5hUvt1mMJEf+bMtOoErq5GoXcT1HUbQb7eT9m7pv8AfPQ7vVnEjFQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOIJ2z5fsQho/2B4vTKzUeBGak7jMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvNGduYlBsLXhDR2pfWUhpOU1yTlI0RVpxVHVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwek8AwQA
wek+AwQAwemqMA0GCSqGSIb3DQEBCwUAA4IBAQCKgUiW6nluDOAf3I2WlU7fMDXO
dIY/5I11ivlZtZ2vZ5Epz9IUMSH2bejTOZg+LRlYPfd2eEM/gcgibasiJXYlMJyN
w1eYjr/Ua6gADFZHNz7oNeYbbamjB2MM1JdLKA++PmJ6QyrVYxM5klL/K3XGBxUZ
d7bLiubEgBH2+AayOZ3Eixq0WZr+SeUDIjInuDY0lgbQ67TETMH6S6vKW3WULrIg
1+pBPn+ziENF+vPoK9cTAfJRGgeO88/XVjHapM/ri5bKsvwGwKgIF8HlUsKeiLkj
6wUDW5fXEv7AXKc3TOSTKUNNd4HQAhzFruiS48vgvB+xLnUzoesAlVT5fv8N
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:39 2024 by rpki-client on console-fra.rpki-client.org