Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/6hRlJPrnmDROxOX1mrSi648FP0s.roa
File: 6hRlJPrnmDROxOX1mrSi648FP0s.roa (raw, json)
Hash identifier: 94SLN+zsprkB47RftnOI4PO+zFK8knRs+0UA+SDi53E=
Subject key identifier: EA:14:65:24:FA:E7:98:34:4E:C4:E5:F5:9A:B4:A2:EB:8F:05:3F:4B
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018A521B229496543AAE9C1578012C602A55
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/6hRlJPrnmDROxOX1mrSi648FP0s.roa
Signing time: Fri 01 Sep 2023 18:57:04 +0000
ROA not before: Fri 01 Sep 2023 18:57:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202423
IP address blocks: 193.233.30.0/24 maxlen: 24
193.233.31.0/24 maxlen: 24
193.233.149.0/24 maxlen: 24
193.233.174.0/24 maxlen: 24
193.233.72.0/24 maxlen: 24
193.233.75.0/24 maxlen: 24
193.233.74.0/24 maxlen: 24
193.233.78.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:52:1b:22:94:96:54:3a:ae:9c:15:78:01:2c:60:2a:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Sep 1 18:57:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea146524fae798344ec4e5f59ab4a2eb8f053f4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:17:17:12:82:9f:41:a2:d9:79:0c:94:ec:b6:
4a:85:7b:1c:b0:5e:01:be:8d:14:58:c5:43:8e:cd:
7e:6e:d9:6e:40:ac:be:60:6f:95:ec:50:c1:6e:8e:
a6:8a:34:b3:b0:8a:10:eb:8d:8d:b8:4b:46:b2:14:
8d:f1:47:17:81:77:50:11:69:18:33:73:ad:cb:29:
4c:66:47:26:31:4d:2b:72:14:87:50:6f:69:1e:0d:
28:45:b8:d8:f3:7b:da:99:04:3f:e3:ef:f9:d2:67:
7c:28:00:9b:bc:42:f4:86:9b:7a:a6:8f:43:cf:b8:
c3:36:01:d1:13:d6:eb:4d:9a:2d:19:1f:ef:98:7b:
cb:f5:bb:90:87:95:ca:2d:91:49:21:5a:3b:eb:bb:
a7:aa:72:89:1b:60:d3:83:48:34:84:f0:3b:23:09:
3a:17:28:58:b1:8c:ed:6d:3f:46:6c:3f:dc:e0:84:
bf:41:ef:a4:ff:e6:25:de:71:c8:4a:cd:26:88:16:
85:bf:a9:e3:c6:ab:d6:77:78:70:76:97:ab:3b:e0:
8e:1a:f0:73:e7:f0:4f:d3:83:26:a6:65:f7:73:d3:
fa:d2:dc:57:f3:d6:28:87:55:50:b2:d2:ca:28:4a:
74:b1:ea:9f:98:09:18:13:05:d5:7e:57:f0:3e:1e:
c7:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:14:65:24:FA:E7:98:34:4E:C4:E5:F5:9A:B4:A2:EB:8F:05:3F:4B
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/6hRlJPrnmDROxOX1mrSi648FP0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.30.0/23
193.233.72.0/24
193.233.74.0/23
193.233.78.0/24
193.233.149.0/24
193.233.174.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:39:38:c0:d9:f3:8e:15:43:99:ae:56:b3:8b:6b:08:77:4f:
51:f3:32:17:d8:b5:cd:6e:b0:f6:3b:f7:44:9a:1c:e3:8b:18:
16:3d:58:0d:d4:9f:65:54:35:c5:bb:5c:93:cc:4c:ed:3c:5f:
8e:97:c0:8e:7c:97:b6:c5:c1:33:c8:2a:88:1c:42:bb:c6:b2:
c5:b9:c0:db:24:5f:76:3e:7c:65:3c:d3:d4:ec:7e:64:ee:82:
89:af:01:d9:c5:80:01:1c:a8:84:f8:4f:c4:8b:06:68:8d:c2:
e8:eb:e4:06:89:e7:60:63:b4:fa:4b:45:49:f5:0e:ff:ab:48:
c0:b9:54:34:c8:6f:a1:99:de:a7:fa:0d:bb:82:45:81:e5:a8:
a8:31:54:45:6d:61:8e:19:cf:95:99:f2:a7:9b:5f:7b:8c:23:
04:29:5d:1d:b0:10:60:ec:11:cf:b8:da:1d:52:d7:a4:59:d0:
6d:54:e3:eb:b2:d2:02:11:ee:d2:e8:42:72:4c:53:a5:63:b8:
7e:a9:4e:d1:8c:40:fb:1e:8f:11:05:17:77:29:c3:48:31:e7:
4c:5d:8d:3f:b4:12:7b:76:7e:19:f7:8d:85:01:90:70:7f:fa:
22:02:5e:7d:82:77:8e:89:06:ec:36:41:ca:00:3f:ca:6a:f8:
80:84:62:da
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYpSGyKUllQ6rpwVeAEsYCpVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwOTAxMTg1NzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTE0NjUyNGZhZTc5ODM0NGVjNGU1ZjU5YWI0YTJlYjhmMDUzZjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRcXEoKfQaLZeQyU7LZKhXscsF4B
vo0UWMVDjs1+btluQKy+YG+V7FDBbo6mijSzsIoQ642NuEtGshSN8UcXgXdQEWkY
M3OtyylMZkcmMU0rchSHUG9pHg0oRbjY83vamQQ/4+/50md8KACbvEL0hpt6po9D
z7jDNgHRE9brTZotGR/vmHvL9buQh5XKLZFJIVo767unqnKJG2DTg0g0hPA7Iwk6
FyhYsYztbT9GbD/c4IS/Qe+k/+Yl3nHISs0miBaFv6njxqvWd3hwdperO+COGvBz
5/BP04MmpmX3c9P60txX89Yoh1VQstLKKEp0seqfmAkYEwXVflfwPh7HLQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOoUZST655g0TsTl9Zq0ouuPBT9LMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvNmhSbEpQcm5tRFJPeE9YMW1yU2k2NDhGUDBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBwekeAwQA
welIAwQBwelKAwQAwelOAwQAwemVAwQAwemuMA0GCSqGSIb3DQEBCwUAA4IBAQBe
OTjA2fOOFUOZrlazi2sId09R8zIX2LXNbrD2O/dEmhzjixgWPVgN1J9lVDXFu1yT
zEztPF+Ol8COfJe2xcEzyCqIHEK7xrLFucDbJF92PnxlPNPU7H5k7oKJrwHZxYAB
HKiE+E/EiwZojcLo6+QGiedgY7T6S0VJ9Q7/q0jAuVQ0yG+hmd6n+g27gkWB5aio
MVRFbWGOGc+VmfKnm197jCMEKV0dsBBg7BHPuNodUtekWdBtVOPrstICEe7S6EJy
TFOlY7h+qU7RjED7Ho8RBRd3KcNIMedMXY0/tBJ7dn4Z942FAZBwf/oiAl59gneO
iQbsNkHKAD/KaviAhGLa
-----END CERTIFICATE-----
Generated at Mon Oct 23 09:26:49 2023 by rpki-client on console-fra.rpki-client.org