Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/BvtGK_22O10XB8d-r8aQ_EMd9UM.roa
File: BvtGK_22O10XB8d-r8aQ_EMd9UM.roa (raw, json)
Hash identifier: v6onMjrVXKbU7Q2d7X9AXXbXLqWKvVw0eP2I5CKf98M=
Subject key identifier: 06:FB:46:2B:FD:B6:3B:5D:17:07:C7:7E:AF:C6:90:FC:43:1D:F5:43
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018BCE6834DE2BA12A6AFD87F5D70708E78D
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/BvtGK_22O10XB8d-r8aQ_EMd9UM.roa
Signing time: Tue 14 Nov 2023 15:16:57 +0000
ROA not before: Tue 14 Nov 2023 15:16:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49392
IP address blocks: 193.233.252.0/23 maxlen: 23
193.233.86.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ce:68:34:de:2b:a1:2a:6a:fd:87:f5:d7:07:08:e7:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Nov 14 15:16:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06fb462bfdb63b5d1707c77eafc690fc431df543
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:04:b7:30:af:f6:2e:48:b1:64:de:a8:db:f5:
25:00:c2:0c:3c:15:2c:44:16:3b:8a:8c:65:12:47:
b3:a6:f8:4b:62:70:fb:c6:b3:46:71:5e:89:e3:3e:
48:45:52:59:27:a8:95:be:d5:75:cb:c5:4e:6e:c9:
78:00:f7:67:ce:5f:71:18:7a:79:98:2c:ce:c3:75:
57:d9:e1:d1:96:e6:4e:1e:97:a2:27:86:7d:b6:01:
b1:8e:9f:9f:d4:75:43:1b:8d:d0:78:51:45:80:e4:
54:6c:8e:c2:7c:43:3f:36:8a:24:51:40:7d:f9:d5:
6c:63:46:bd:01:a9:eb:5f:5f:af:5e:b2:76:c4:9e:
8a:87:5c:20:2a:ce:65:60:d8:d6:da:f5:3b:7b:2e:
da:0f:b2:c9:f0:18:20:00:8e:39:b8:dc:2d:50:46:
8f:b3:6c:cd:d0:a6:c0:a9:b1:5d:15:69:a9:16:ad:
e0:71:3e:29:68:69:86:b9:23:06:69:bc:18:d2:22:
51:8f:b1:d6:3d:25:57:f0:0d:55:bc:bc:a8:65:cb:
f7:30:0c:5c:c3:57:ba:83:a7:3a:f3:5c:48:97:02:
10:bc:80:76:a7:ca:1a:2a:5d:27:e3:ea:6d:c2:76:
75:9b:1d:8a:bd:43:6b:0d:de:00:9e:23:d1:79:ca:
3d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:FB:46:2B:FD:B6:3B:5D:17:07:C7:7E:AF:C6:90:FC:43:1D:F5:43
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/BvtGK_22O10XB8d-r8aQ_EMd9UM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.86.0/24
193.233.252.0/23
Signature Algorithm: sha256WithRSAEncryption
07:cf:4c:cf:07:01:58:f5:22:2b:68:b2:ef:cd:e9:24:cb:a1:
73:2f:cc:0f:b9:31:cd:d8:2e:18:c3:ce:92:42:17:d7:94:c2:
00:97:71:df:7a:d4:88:0b:06:65:ee:7d:b4:f0:c6:7b:98:6a:
ea:78:7e:af:71:ba:62:a6:99:4c:d1:5c:62:c0:cc:29:9e:c7:
82:72:97:12:c9:5a:92:20:8b:72:45:a7:a7:08:5c:53:e0:f4:
18:9d:66:88:58:b1:10:d8:25:c3:92:d9:f9:ee:d2:40:2c:2c:
c0:9a:f7:7d:34:a8:6e:cf:e3:05:d1:85:33:d1:a7:a4:7a:bc:
69:99:87:3b:b3:c5:f5:fb:a0:2c:0b:5d:7b:43:81:43:1f:0c:
2e:91:74:5b:12:37:18:16:bb:24:eb:88:67:b3:0a:b4:51:93:
3c:71:c0:c7:1b:0f:f9:6e:cd:48:e2:71:cf:d4:3f:05:f1:b9:
ad:fd:2e:83:a1:c0:ca:f5:f0:15:b3:9c:36:2f:32:e8:76:87:
2c:a6:e2:03:7a:d4:6b:ce:05:8d:7c:c7:6b:60:07:de:32:e3:
6e:a9:71:0a:ab:09:9e:10:6b:f0:b6:96:3b:72:f6:cb:b4:82:
6f:fa:56:5e:ab:3b:a3:4e:35:03:6d:38:4c:8d:9b:62:b0:47:
0c:58:84:24
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvOaDTeK6Eqav2H9dcHCOeNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMxMTE0MTUxNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmZiNDYyYmZkYjYzYjVkMTcwN2M3N2VhZmM2OTBmYzQzMWRmNTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQS3MK/2LkixZN6o2/UlAMIMPBUs
RBY7ioxlEkezpvhLYnD7xrNGcV6J4z5IRVJZJ6iVvtV1y8VObsl4APdnzl9xGHp5
mCzOw3VX2eHRluZOHpeiJ4Z9tgGxjp+f1HVDG43QeFFFgORUbI7CfEM/NookUUB9
+dVsY0a9AanrX1+vXrJ2xJ6Kh1wgKs5lYNjW2vU7ey7aD7LJ8BggAI45uNwtUEaP
s2zN0KbAqbFdFWmpFq3gcT4paGmGuSMGabwY0iJRj7HWPSVX8A1VvLyoZcv3MAxc
w1e6g6c681xIlwIQvIB2p8oaKl0n4+ptwnZ1mx2KvUNrDd4AniPReco9UwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAb7Riv9tjtdFwfHfq/GkPxDHfVDMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvQnZ0R0tfMjJPMTBYQjhkLXI4YVFfRU1kOVVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwelWAwQB
wen8MA0GCSqGSIb3DQEBCwUAA4IBAQAHz0zPBwFY9SIraLLvzekky6FzL8wPuTHN
2C4Yw86SQhfXlMIAl3HfetSICwZl7n208MZ7mGrqeH6vcbpipplM0VxiwMwpnseC
cpcSyVqSIItyRaenCFxT4PQYnWaIWLEQ2CXDktn57tJALCzAmvd9NKhuz+MF0YUz
0aekerxpmYc7s8X1+6AsC117Q4FDHwwukXRbEjcYFrsk64hnswq0UZM8ccDHGw/5
bs1I4nHP1D8F8bmt/S6DocDK9fAVs5w2LzLodocspuIDetRrzgWNfMdrYAfeMuNu
qXEKqwmeEGvwtpY7cvbLtIJv+lZeqzujTjUDbThMjZtisEcMWIQk
-----END CERTIFICATE-----
Generated at Tue Dec 5 14:01:36 2023 by rpki-client on console-fra.rpki-client.org