Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/8suHMXH2GZkvq8JeE1Rq18UbyWY.roa
File: 8suHMXH2GZkvq8JeE1Rq18UbyWY.roa (raw, json)
Hash identifier: eHfCIjEgKQmF0a2UV4UyKJgdNsLHRXiPwNIiHj6guzI=
Subject key identifier: F2:CB:87:31:71:F6:19:99:2F:AB:C2:5E:13:54:6A:D7:C5:1B:C9:66
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018C21A921F1FB32C7548B30C802CEACFB8F
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/8suHMXH2GZkvq8JeE1Rq18UbyWY.roa
Signing time: Thu 30 Nov 2023 19:16:21 +0000
ROA not before: Thu 30 Nov 2023 19:16:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52000
IP address blocks: 193.233.22.0/24 maxlen: 24
193.233.250.0/24 maxlen: 24
193.233.249.0/24 maxlen: 24
193.233.248.0/24 maxlen: 24
193.233.251.0/24 maxlen: 24
193.233.88.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:21:a9:21:f1:fb:32:c7:54:8b:30:c8:02:ce:ac:fb:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Nov 30 19:16:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2cb873171f619992fabc25e13546ad7c51bc966
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c0:3b:0a:29:bf:a0:1b:cf:89:62:72:0e:c8:
4a:21:c9:1c:ab:0e:ff:40:15:2b:3c:fe:aa:bd:f8:
63:d3:43:a4:98:37:79:31:67:04:2f:ac:dc:a0:c6:
19:4c:9b:2f:11:dd:36:bb:7f:68:aa:92:b9:2a:dc:
fd:b8:92:70:d5:33:17:20:a8:41:41:45:46:88:05:
ae:46:2d:30:c4:b3:29:91:4f:00:22:b8:56:32:db:
35:b1:33:6a:66:fb:98:94:b0:23:fa:bd:6e:fb:08:
81:b5:fe:41:42:d0:0b:2e:07:e2:98:c9:b8:65:eb:
95:7c:b2:f8:c2:06:b0:f6:af:12:62:3f:1d:aa:3e:
03:99:2d:e5:b0:de:2a:0c:db:a9:ce:ab:d1:0d:3f:
a4:31:fd:b9:02:5a:0e:68:41:4a:ee:1d:49:53:cc:
2a:bf:6b:d3:ed:5c:a0:46:9a:7c:51:8b:b7:c3:bb:
84:79:7e:18:5e:b1:c4:4e:49:37:20:05:71:13:fa:
7a:a5:74:88:f9:99:5f:a7:29:bb:a7:ff:d3:63:5d:
e6:dd:6c:de:e0:25:6f:3d:c0:b5:19:53:d6:48:1c:
f5:e1:7c:ed:1c:35:a7:36:49:6c:da:34:ec:d1:d1:
90:ba:04:21:8b:16:28:a1:44:ef:cf:aa:bb:c5:17:
0b:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:CB:87:31:71:F6:19:99:2F:AB:C2:5E:13:54:6A:D7:C5:1B:C9:66
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/8suHMXH2GZkvq8JeE1Rq18UbyWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.22.0/24
193.233.88.0/22
193.233.248.0/22
Signature Algorithm: sha256WithRSAEncryption
68:96:8d:af:f8:97:2f:19:41:c8:6e:88:dd:04:c0:96:b7:5e:
0a:a7:73:92:1f:4a:0b:67:a5:cf:d4:8e:1a:32:74:fb:ae:16:
4e:7d:d6:8c:03:da:c0:37:ae:7b:e0:bf:5a:b4:35:ae:b5:47:
70:d7:38:0c:15:ac:e3:e9:56:8b:7a:ea:0b:87:f2:e3:a7:4d:
15:85:8d:b7:92:3a:7c:5e:41:92:b6:f2:5d:69:0e:4d:e9:a2:
53:d6:a4:30:32:7c:94:f2:81:25:46:f6:fb:c7:ad:43:1e:8a:
a2:c2:61:88:98:d7:f1:12:45:4a:20:fc:5e:18:9e:87:9b:72:
2a:e5:84:72:57:17:14:c0:1e:3c:9b:93:46:12:17:54:c3:89:
42:c2:52:fc:8e:cb:d2:d6:c6:86:3d:cb:a7:ba:37:1e:4a:a9:
56:76:3a:34:92:22:bf:d5:8c:36:ff:0d:f4:85:46:93:ad:bb:
a0:ae:e9:2a:14:61:20:54:c3:ce:fc:ba:7d:ba:99:77:a7:13:
64:dd:70:89:6b:e7:7e:09:02:19:ad:d4:22:4b:da:bb:43:d1:
f7:d0:60:3e:26:a8:38:13:0a:73:64:30:75:22:a2:ec:46:2d:
1c:d5:22:7d:ae:0b:56:37:ba:c8:03:d3:76:8c:59:8b:39:f5:
e0:cd:32:09
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYwhqSHx+zLHVIswyALOrPuPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMxMTMwMTkxNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmNiODczMTcxZjYxOTk5MmZhYmMyNWUxMzU0NmFkN2M1MWJjOTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMA7Cim/oBvPiWJyDshKIckcqw7/
QBUrPP6qvfhj00OkmDd5MWcEL6zcoMYZTJsvEd02u39oqpK5Ktz9uJJw1TMXIKhB
QUVGiAWuRi0wxLMpkU8AIrhWMts1sTNqZvuYlLAj+r1u+wiBtf5BQtALLgfimMm4
ZeuVfLL4wgaw9q8SYj8dqj4DmS3lsN4qDNupzqvRDT+kMf25AloOaEFK7h1JU8wq
v2vT7VygRpp8UYu3w7uEeX4YXrHETkk3IAVxE/p6pXSI+Zlfpym7p//TY13m3Wze
4CVvPcC1GVPWSBz14XztHDWnNkls2jTs0dGQugQhixYooUTvz6q7xRcLnQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPLLhzFx9hmZL6vCXhNUatfFG8lmMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvOHN1SE1YSDJHWmt2cThKZUUxUnExOFVieVdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwekWAwQC
welYAwQCwen4MA0GCSqGSIb3DQEBCwUAA4IBAQBolo2v+JcvGUHIbojdBMCWt14K
p3OSH0oLZ6XP1I4aMnT7rhZOfdaMA9rAN6574L9atDWutUdw1zgMFazj6VaLeuoL
h/Ljp00VhY23kjp8XkGStvJdaQ5N6aJT1qQwMnyU8oElRvb7x61DHoqiwmGImNfx
EkVKIPxeGJ6Hm3Iq5YRyVxcUwB48m5NGEhdUw4lCwlL8jsvS1saGPcunujceSqlW
djo0kiK/1Yw2/w30hUaTrbugrukqFGEgVMPO/Lp9upl3pxNk3XCJa+d+CQIZrdQi
S9q7Q9H30GA+Jqg4EwpzZDB1IqLsRi0c1SJ9rgtWN7rIA9N2jFmLOfXgzTIJ
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:21 2024 by rpki-client on console-ams.rpki-client.org