Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/6y1gABjvBmAfPZjPhhg0BKNkcok.roa
File: 6y1gABjvBmAfPZjPhhg0BKNkcok.roa (raw, json)
Hash identifier: HTYeR78ibR3LVMNvaPNsl6GWkSmJ0TNMihA/dmhJ5Ns=
Subject key identifier: EB:2D:60:00:18:EF:06:60:1F:3D:98:CF:86:18:34:04:A3:64:72:89
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 01856F26D7EEF1DC7C7578F401F0AE3AFC82
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/6y1gABjvBmAfPZjPhhg0BKNkcok.roa
Signing time: Sun 01 Jan 2023 21:04:54 +0000
ROA not before: Sun 01 Jan 2023 21:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 193.233.251.0/24 maxlen: 24
193.233.250.0/24 maxlen: 24
193.233.249.0/24 maxlen: 24
193.233.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:d7:ee:f1:dc:7c:75:78:f4:01:f0:ae:3a:fc:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 21:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eb2d600018ef06601f3d98cf86183404a3647289
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:15:3c:4e:23:40:52:49:91:03:29:1a:87:15:
dd:56:bb:ad:3d:f3:81:0b:d1:ff:63:1e:cf:ea:1c:
8e:98:87:a6:b7:78:2c:17:62:0f:ab:8a:d2:c4:d0:
98:02:bd:15:a9:17:7d:a5:a8:95:f2:a2:1d:2d:dd:
a8:bf:e9:6f:e7:c9:cc:02:82:f0:31:2f:80:b3:2e:
3f:ba:03:68:be:83:51:dc:b3:21:c0:9b:cb:de:f6:
98:ee:c6:a1:df:8a:e2:26:70:8c:b6:a8:83:89:cb:
c9:35:6e:c0:76:0d:f8:a6:17:c8:05:00:98:d2:3b:
c2:43:63:eb:49:e5:84:e4:67:e6:71:c0:7f:b4:1c:
f4:a4:e0:43:18:5d:ec:5c:3d:3f:f5:b6:09:9f:e8:
c9:18:43:80:84:c0:5d:d1:0a:71:fb:32:26:d1:f1:
51:9a:b1:86:28:3f:ba:f4:c0:67:6d:99:40:37:f1:
0e:b9:59:2d:a7:c4:26:45:64:73:12:12:d6:e7:37:
7f:e6:c2:84:27:df:3b:7e:f6:5a:d2:3f:a9:14:fc:
52:50:cf:a9:75:90:df:ab:fc:35:84:af:28:e2:73:
d1:dc:aa:9d:86:c9:eb:c6:a1:61:89:55:1b:dd:d5:
af:b0:d9:bb:8f:fd:e8:fc:b2:c2:e7:09:ee:15:8f:
67:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:2D:60:00:18:EF:06:60:1F:3D:98:CF:86:18:34:04:A3:64:72:89
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/6y1gABjvBmAfPZjPhhg0BKNkcok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.248.0/22
Signature Algorithm: sha256WithRSAEncryption
41:ff:a2:90:8f:45:91:66:0d:05:56:83:50:68:a5:7c:68:98:
16:90:51:75:8b:c3:ce:c5:85:da:bc:80:7d:ee:26:fd:35:3e:
f4:94:a1:f1:f7:9f:63:44:a2:58:52:db:9c:c5:f1:39:b7:64:
b9:3d:55:69:93:b8:63:39:1e:ba:70:6a:23:66:f1:32:93:1b:
48:ed:20:36:ed:29:72:fe:db:df:a4:74:b7:ee:e1:82:56:05:
fa:c4:ed:4d:74:f4:24:84:0d:83:04:f7:c2:c8:cd:23:3c:b1:
3f:4d:82:29:45:de:c9:70:ae:08:16:a3:39:64:2b:7d:9b:76:
71:7b:bc:71:36:1d:50:b7:5e:ed:43:01:4b:0e:2c:21:7d:99:
62:1a:fe:d9:0d:ae:75:73:62:b9:0d:0a:c6:a2:23:6d:d9:83:
8d:e6:1c:69:83:d4:84:c4:d2:5e:cc:a7:ba:1b:91:0c:84:d1:
03:f6:31:5a:e9:e1:82:18:8e:11:a0:3d:f3:cd:51:b3:b4:fa:
5e:33:87:46:1d:a0:41:2f:02:12:69:87:15:b1:91:0c:44:26:
08:f9:72:11:f3:95:72:de:e8:f9:b0:95:c7:17:32:74:03:ff:
d3:a0:37:13:19:5f:b0:2d:c7:39:fa:19:96:90:12:97:8c:94:
59:c4:f4:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvJtfu8dx8dXj0AfCuOvyCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwMTAxMjEwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjJkNjAwMDE4ZWYwNjYwMWYzZDk4Y2Y4NjE4MzQwNGEzNjQ3Mjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBU8TiNAUkmRAykahxXdVrutPfOB
C9H/Yx7P6hyOmIemt3gsF2IPq4rSxNCYAr0VqRd9paiV8qIdLd2ov+lv58nMAoLw
MS+Asy4/ugNovoNR3LMhwJvL3vaY7sah34riJnCMtqiDicvJNW7Adg34phfIBQCY
0jvCQ2PrSeWE5GfmccB/tBz0pOBDGF3sXD0/9bYJn+jJGEOAhMBd0Qpx+zIm0fFR
mrGGKD+69MBnbZlAN/EOuVktp8QmRWRzEhLW5zd/5sKEJ987fvZa0j+pFPxSUM+p
dZDfq/w1hK8o4nPR3KqdhsnrxqFhiVUb3dWvsNm7j/3o/LLC5wnuFY9n1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOstYAAY7wZgHz2Yz4YYNASjZHKJMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvNnkxZ0FCanZCbUFmUFpqUGhoZzBCS05rY29rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwen4MA0G
CSqGSIb3DQEBCwUAA4IBAQBB/6KQj0WRZg0FVoNQaKV8aJgWkFF1i8POxYXavIB9
7ib9NT70lKHx959jRKJYUtucxfE5t2S5PVVpk7hjOR66cGojZvEykxtI7SA27Sly
/tvfpHS37uGCVgX6xO1NdPQkhA2DBPfCyM0jPLE/TYIpRd7JcK4IFqM5ZCt9m3Zx
e7xxNh1Qt17tQwFLDiwhfZliGv7ZDa51c2K5DQrGoiNt2YON5hxpg9SExNJezKe6
G5EMhNED9jFa6eGCGI4RoD3zzVGztPpeM4dGHaBBLwISaYcVsZEMRCYI+XIR85Vy
3uj5sJXHFzJ0A//ToDcTGV+wLcc5+hmWkBKXjJRZxPQn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:39 2024 by rpki-client on console-fra.rpki-client.org