Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/7uyBZWWggHn4AdmJ7o1PSeISiuE.roa
File: 7uyBZWWggHn4AdmJ7o1PSeISiuE.roa (raw, json)
Hash identifier: yCnRzsyCnnOWjd+N5AwHJPUZKzz8GvXJedw7/ciI9L0=
Subject key identifier: EE:EC:81:65:65:A0:80:79:F8:01:D9:89:EE:8D:4F:49:E2:12:8A:E1
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018CC795306D3BBE641693AEDDF11AF60F58
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/7uyBZWWggHn4AdmJ7o1PSeISiuE.roa
Signing time: Tue 02 Jan 2024 00:31:32 +0000
ROA not before: Tue 02 Jan 2024 00:31:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202999
IP address blocks: 193.233.56.0/24 maxlen: 24
193.233.57.0/24 maxlen: 24
193.233.58.0/24 maxlen: 24
193.233.59.0/24 maxlen: 24
193.233.9.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Feb 2024 14:47:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:30:6d:3b:be:64:16:93:ae:dd:f1:1a:f6:0f:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 2 00:31:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eeec816565a08079f801d989ee8d4f49e2128ae1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:b1:89:73:68:6b:ba:f4:b3:be:da:1c:9d:93:
30:ae:17:21:8e:ae:29:6a:8f:eb:01:76:d1:0d:d1:
c2:3f:27:0d:0e:99:07:3a:06:8b:67:0e:90:4e:54:
47:64:2c:cd:63:91:04:e8:17:28:67:c8:74:51:1e:
52:17:e4:85:08:b5:d7:2c:b6:78:73:a5:3c:10:2a:
fe:9b:8e:fc:43:3e:ab:bc:2d:65:64:7b:d4:b9:7c:
8a:72:be:39:92:b8:ec:5e:36:8a:4b:e6:46:f0:1d:
a9:39:98:95:63:5c:3e:e2:7c:29:3a:a9:20:49:19:
db:ef:af:23:7c:4d:14:1c:2c:f1:95:ed:77:84:cf:
dc:96:58:6f:3f:41:3b:c5:d8:5d:06:00:97:7a:6a:
16:11:bf:01:01:e4:1e:7a:f6:ac:1e:f5:6b:02:84:
38:0b:9d:8d:d7:a0:97:af:67:a4:11:a7:78:0a:60:
3d:de:1b:de:a9:5f:b0:72:27:ce:98:cd:1f:bd:01:
26:f1:7e:4a:7d:57:86:2e:21:55:ad:1b:fd:53:38:
59:76:83:99:8a:54:63:d1:d4:b0:74:06:b9:cd:a5:
c3:2c:e7:50:fd:6e:54:e4:cc:e8:67:0f:f7:2f:ef:
b9:40:da:39:18:bc:b9:b9:da:e8:d4:a3:98:8e:a8:
cb:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:EC:81:65:65:A0:80:79:F8:01:D9:89:EE:8D:4F:49:E2:12:8A:E1
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/7uyBZWWggHn4AdmJ7o1PSeISiuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.9.0/24
193.233.56.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:9b:27:4e:46:93:c8:c1:36:8f:3b:aa:e3:af:2d:76:6d:9d:
68:23:04:2d:b7:ee:98:95:99:90:d6:e6:09:05:16:b2:94:3c:
00:bd:c4:da:1f:48:b0:52:7e:7d:31:d3:45:76:ff:fb:1b:97:
5f:a1:38:ec:da:2a:0b:ce:dc:ba:5b:f5:de:8c:a3:19:5a:9b:
68:9a:91:ad:51:f8:37:b1:77:8a:c8:f3:35:13:e4:4d:86:64:
09:48:82:08:59:65:42:f2:69:37:eb:c0:ea:5b:0c:ee:9c:ed:
a3:83:b2:67:0f:d6:aa:88:70:cb:40:4c:31:11:df:75:d2:46:
34:93:32:a9:54:4e:c1:f7:c9:c3:ff:c9:76:53:53:23:9b:39:
70:e1:ac:6a:0e:bf:95:a7:a4:25:64:1a:da:3e:dc:54:6c:a9:
a1:3d:6d:09:9b:9d:62:7a:81:53:1a:06:b2:7a:31:76:e3:81:
42:c3:e1:de:56:ad:19:9a:04:60:2e:bb:d0:ac:99:f6:90:88:
4d:84:08:40:cc:0c:6c:f6:54:3b:15:ed:be:12:54:77:67:7d:
dd:ca:a7:48:5f:43:b8:e4:22:a2:47:43:dd:f8:d3:b8:f4:33:
d5:2b:65:fb:20:f6:c5:54:03:9c:6c:22:df:db:e4:b3:38:01:
20:c5:9d:d7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHlTBtO75kFpOu3fEa9g9YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMTAyMDAzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWVjODE2NTY1YTA4MDc5ZjgwMWQ5ODllZThkNGY0OWUyMTI4YWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA57GJc2hruvSzvtocnZMwrhchjq4p
ao/rAXbRDdHCPycNDpkHOgaLZw6QTlRHZCzNY5EE6BcoZ8h0UR5SF+SFCLXXLLZ4
c6U8ECr+m478Qz6rvC1lZHvUuXyKcr45krjsXjaKS+ZG8B2pOZiVY1w+4nwpOqkg
SRnb768jfE0UHCzxle13hM/cllhvP0E7xdhdBgCXemoWEb8BAeQeevasHvVrAoQ4
C52N16CXr2ekEad4CmA93hveqV+wcifOmM0fvQEm8X5KfVeGLiFVrRv9UzhZdoOZ
ilRj0dSwdAa5zaXDLOdQ/W5U5MzoZw/3L++5QNo5GLy5udro1KOYjqjLZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO7sgWVloIB5+AHZie6NT0niEorhMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvN3V5QlpXV2dnSG40QWRtSjdvMVBTZUlTaXVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwekJAwQC
wek4MA0GCSqGSIb3DQEBCwUAA4IBAQA7mydORpPIwTaPO6rjry12bZ1oIwQtt+6Y
lZmQ1uYJBRaylDwAvcTaH0iwUn59MdNFdv/7G5dfoTjs2ioLzty6W/XejKMZWpto
mpGtUfg3sXeKyPM1E+RNhmQJSIIIWWVC8mk368DqWwzunO2jg7JnD9aqiHDLQEwx
Ed910kY0kzKpVE7B98nD/8l2U1Mjmzlw4axqDr+Vp6QlZBraPtxUbKmhPW0Jm51i
eoFTGgayejF244FCw+HeVq0ZmgRgLrvQrJn2kIhNhAhAzAxs9lQ7Fe2+ElR3Z33d
yqdIX0O45CKiR0Pd+NO49DPVK2X7IPbFVAOcbCLf2+SzOAEgxZ3X
-----END CERTIFICATE-----
Generated at Tue Feb 13 17:39:35 2024 by rpki-client on console-ams.rpki-client.org