Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/7EhtQzJjaWZktGwBsaYcfpzhbx0.roa
File: 7EhtQzJjaWZktGwBsaYcfpzhbx0.roa (raw, json)
Hash identifier: uEgwMkpokZ0wszWLDbEmUkK1xUOs59z0aE1wx9p+gGU=
Subject key identifier: EC:48:6D:43:32:63:69:66:64:B4:6C:01:B1:A6:1C:7E:9C:E1:6F:1D
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 01874C2262AE0D5C30FB28441CF5C5588F36
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/7EhtQzJjaWZktGwBsaYcfpzhbx0.roa
Signing time: Tue 04 Apr 2023 11:58:54 +0000
ROA not before: Tue 04 Apr 2023 11:58:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 193.233.87.0/24 maxlen: 24
193.233.100.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Apr 2023 12:33:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4c:22:62:ae:0d:5c:30:fb:28:44:1c:f5:c5:58:8f:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Apr 4 11:58:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec486d433263696664b46c01b1a61c7e9ce16f1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b9:e8:aa:2f:cf:07:41:52:79:cc:e2:1f:ae:
5e:5d:f5:2a:0c:35:39:6b:e6:cd:21:4b:05:11:cb:
73:81:33:f1:0b:e7:9f:a4:3c:d4:5b:b2:d6:6b:26:
7b:a6:b2:c2:11:38:94:21:8f:d8:e6:16:21:58:25:
85:4d:d3:35:38:e8:43:7e:2a:3e:2d:38:93:4e:64:
80:01:c0:ff:df:ff:1a:99:81:4d:8e:fc:59:fe:96:
c2:89:3a:8e:c7:23:fa:30:fe:14:9d:a8:d9:ab:68:
1c:56:21:b4:38:fc:7f:90:45:59:54:51:96:44:e0:
0c:6f:8b:48:55:cf:1a:08:13:81:17:d6:a6:59:c0:
eb:4e:da:9b:f7:43:a9:8c:8d:37:dc:fe:f9:8f:04:
a4:b6:a5:9d:73:e2:9a:65:3d:13:99:4a:4a:ad:f6:
9b:3f:49:be:e9:ca:45:11:de:cc:90:a4:46:06:53:
f7:49:99:2a:95:f9:3c:db:a9:b9:5e:9c:b7:2b:aa:
9f:ce:f0:70:55:07:24:ad:8b:0d:86:35:3d:22:cd:
65:ff:02:0c:35:44:9d:4c:c3:60:71:fe:25:56:1e:
40:eb:8a:1c:26:e5:04:ea:d3:55:f6:90:96:e1:43:
d2:14:2a:d0:55:f5:ee:0d:e6:de:4b:26:72:5e:6f:
08:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:48:6D:43:32:63:69:66:64:B4:6C:01:B1:A6:1C:7E:9C:E1:6F:1D
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/7EhtQzJjaWZktGwBsaYcfpzhbx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.87.0/24
193.233.100.0/22
Signature Algorithm: sha256WithRSAEncryption
31:56:ff:b3:ab:7f:81:e2:b6:8c:b3:68:ff:23:2b:be:4f:41:
b0:f7:b8:4a:96:c5:29:4e:0f:30:6a:76:94:35:d9:78:df:f0:
e1:46:c9:03:2a:93:d9:70:73:78:f5:7d:d4:48:3b:ae:69:f7:
81:a7:05:83:f1:3e:aa:05:09:60:db:c0:fc:4f:77:19:3b:2c:
43:a0:83:f7:8c:d7:4b:a3:6b:7c:85:4f:09:3c:cf:f9:89:0e:
2a:03:da:bc:62:63:3c:23:de:26:a4:dc:e3:96:f8:d1:0a:a5:
01:22:4f:7e:14:b1:97:0d:00:0b:41:c5:cd:8e:f9:38:e4:93:
45:9b:e1:17:d4:e6:0c:97:ac:bd:b4:ec:52:c8:dc:7b:0a:ff:
e0:58:2f:94:f5:cd:b8:4d:0c:1c:bd:7f:3e:5a:0b:83:2e:95:
a0:3f:07:21:f8:4f:98:1a:8a:2d:0e:55:f0:19:4a:f8:7c:14:
de:47:7c:d6:95:fa:62:69:12:ec:4f:8f:2e:97:b8:db:69:0f:
f1:97:d6:a5:d1:a9:50:42:3b:21:a0:68:cb:01:14:dd:ff:32:
15:a7:91:f8:cd:3f:16:e0:01:ee:79:07:23:8a:50:bc:ea:60:
74:6b:2d:94:00:ea:5a:54:73:16:e8:4e:41:32:bf:0a:6b:5e:
36:97:7b:70
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdMImKuDVww+yhEHPXFWI82MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwNDA0MTE1ODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzQ4NmQ0MzMyNjM2OTY2NjRiNDZjMDFiMWE2MWM3ZTljZTE2ZjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbnoqi/PB0FSecziH65eXfUqDDU5
a+bNIUsFEctzgTPxC+efpDzUW7LWayZ7prLCETiUIY/Y5hYhWCWFTdM1OOhDfio+
LTiTTmSAAcD/3/8amYFNjvxZ/pbCiTqOxyP6MP4UnajZq2gcViG0OPx/kEVZVFGW
ROAMb4tIVc8aCBOBF9amWcDrTtqb90OpjI033P75jwSktqWdc+KaZT0TmUpKrfab
P0m+6cpFEd7MkKRGBlP3SZkqlfk826m5Xpy3K6qfzvBwVQckrYsNhjU9Is1l/wIM
NUSdTMNgcf4lVh5A64ocJuUE6tNV9pCW4UPSFCrQVfXuDebeSyZyXm8IpQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOxIbUMyY2lmZLRsAbGmHH6c4W8dMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvN0VodFF6SmphV1prdEd3QnNhWWNmcHpoYngwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwelXAwQC
welkMA0GCSqGSIb3DQEBCwUAA4IBAQAxVv+zq3+B4raMs2j/Iyu+T0Gw97hKlsUp
Tg8wanaUNdl43/DhRskDKpPZcHN49X3USDuuafeBpwWD8T6qBQlg28D8T3cZOyxD
oIP3jNdLo2t8hU8JPM/5iQ4qA9q8YmM8I94mpNzjlvjRCqUBIk9+FLGXDQALQcXN
jvk45JNFm+EX1OYMl6y9tOxSyNx7Cv/gWC+U9c24TQwcvX8+WguDLpWgPwch+E+Y
GootDlXwGUr4fBTeR3zWlfpiaRLsT48ul7jbaQ/xl9al0alQQjshoGjLARTd/zIV
p5H4zT8W4AHueQcjilC86mB0ay2UAOpaVHMW6E5BMr8Ka142l3tw
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:32 2024 by rpki-client on console-ams.rpki-client.org