Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/EqWP2JzhbmzL3QX__cZe_4ossKI.roa
File: EqWP2JzhbmzL3QX__cZe_4ossKI.roa (raw, json)
Hash identifier: 2DHcyt8FokBsRMeS8C4VLzBV/IH/XWOr9e6R70Y2SqE=
Subject key identifier: 12:A5:8F:D8:9C:E1:6E:6C:CB:DD:05:FF:FD:C6:5E:FF:8A:2C:B0:A2
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 01856F26F79BC8E0BE9AB5A2777A126642B2
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/EqWP2JzhbmzL3QX__cZe_4ossKI.roa
Signing time: Sun 01 Jan 2023 21:05:02 +0000
ROA not before: Sun 01 Jan 2023 21:05:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400377
IP address blocks: 193.233.178.0/24 maxlen: 24
193.233.182.0/24 maxlen: 24
193.233.183.0/24 maxlen: 24
193.233.180.0/24 maxlen: 24
193.233.181.0/24 maxlen: 24
193.233.186.0/24 maxlen: 24
193.233.184.0/24 maxlen: 24
193.233.185.0/24 maxlen: 24
193.233.189.0/24 maxlen: 24
193.233.190.0/24 maxlen: 24
193.233.191.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:f7:9b:c8:e0:be:9a:b5:a2:77:7a:12:66:42:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 21:05:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=12a58fd89ce16e6ccbdd05fffdc65eff8a2cb0a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:07:23:0f:d6:1d:cc:bd:a3:76:19:b6:16:14:
50:e1:df:94:67:a5:0c:e4:dd:e5:f9:15:9b:32:8a:
8d:74:0c:0e:bd:d3:cc:0e:5e:c6:cd:11:15:6b:2d:
44:93:db:85:a6:37:a4:51:27:fc:e0:55:ba:17:11:
ab:8b:90:51:dd:39:54:e9:ef:be:9b:49:79:8e:19:
6a:18:10:64:9b:84:20:41:a7:90:8a:b9:83:f3:4e:
34:49:be:b2:bc:78:c3:20:bf:c3:da:01:84:04:71:
25:0c:02:80:33:1c:aa:ba:01:d1:0b:ef:96:a2:63:
f9:69:8c:e4:2c:14:1c:70:51:67:7e:0e:af:a1:8a:
79:93:d9:f7:01:3a:b4:11:05:e1:e9:88:c9:e0:87:
1e:71:f3:bb:59:15:0a:ae:85:59:69:93:37:ca:e2:
2d:11:5d:76:b6:34:3f:d1:36:34:ea:16:44:6b:22:
f3:5d:07:38:2b:28:25:ef:11:c8:84:0d:50:47:c8:
9c:17:80:53:e7:b3:c5:d9:bc:ad:07:e1:dc:5e:b8:
35:e8:e1:f2:de:6c:95:c2:08:ba:1d:26:27:90:83:
51:43:b3:75:04:cd:8d:9b:08:f0:ae:3d:8d:44:5a:
18:07:23:78:38:ed:48:8a:39:be:f8:dd:b9:87:9d:
76:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:A5:8F:D8:9C:E1:6E:6C:CB:DD:05:FF:FD:C6:5E:FF:8A:2C:B0:A2
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/EqWP2JzhbmzL3QX__cZe_4ossKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.178.0/24
193.233.180.0-193.233.186.255
193.233.189.0-193.233.191.255
Signature Algorithm: sha256WithRSAEncryption
86:8f:56:be:42:c2:46:8e:38:9b:65:99:62:f1:84:1b:49:4f:
09:64:c0:f4:7b:aa:23:ba:4c:75:cd:3e:d0:9c:d8:ad:c0:c3:
d2:68:af:3d:bc:0f:18:6b:a5:21:0b:d5:e6:7e:99:69:44:15:
e6:f6:b7:d1:bf:84:cd:5c:a9:eb:b0:92:df:1f:c3:30:37:5c:
ea:20:8d:fa:3f:23:f7:09:9e:15:7d:e8:76:fc:ea:0b:14:70:
13:77:84:83:88:dc:cb:a0:68:5d:69:3a:4a:50:8c:e7:9a:eb:
9e:92:e3:73:f7:43:08:e2:8b:6e:38:d5:8d:03:a1:51:65:4b:
8c:64:b5:dd:5b:a9:65:33:84:d6:bf:02:d5:b5:34:d7:de:4a:
34:68:53:5e:71:d7:94:72:cc:f8:3d:9f:6b:0d:47:bf:e4:3e:
60:5b:c6:e9:62:61:cc:12:b1:3a:f4:dd:9d:cc:13:0e:cb:7a:
45:3a:55:83:7e:ce:46:2a:df:28:28:b8:b2:2b:3d:11:28:1f:
d2:0c:91:36:bc:4d:24:b5:2e:ae:3f:7c:ba:0f:af:36:95:ed:
71:60:ec:56:55:25:68:4a:e2:89:26:46:6e:b2:fb:74:6c:ec:
c2:a4:aa:62:f3:49:4a:d0:09:38:35:82:49:d7:48:1f:a2:22:
a8:03:58:c3
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVvJvebyOC+mrWid3oSZkKyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwMTAxMjEwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmE1OGZkODljZTE2ZTZjY2JkZDA1ZmZmZGM2NWVmZjhhMmNiMGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQcjD9YdzL2jdhm2FhRQ4d+UZ6UM
5N3l+RWbMoqNdAwOvdPMDl7GzREVay1Ek9uFpjekUSf84FW6FxGri5BR3TlU6e++
m0l5jhlqGBBkm4QgQaeQirmD8040Sb6yvHjDIL/D2gGEBHElDAKAMxyqugHRC++W
omP5aYzkLBQccFFnfg6voYp5k9n3ATq0EQXh6YjJ4IcecfO7WRUKroVZaZM3yuIt
EV12tjQ/0TY06hZEayLzXQc4Kygl7xHIhA1QR8icF4BT57PF2bytB+HcXrg16OHy
3myVwgi6HSYnkINRQ7N1BM2Nmwjwrj2NRFoYByN4OO1Iijm++N25h512PQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFBKlj9ic4W5sy90F//3GXv+KLLCiMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvRXFXUDJKemhibXpMM1FYX19jWmVfNG9zc0tJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQAwemyMAwD
BALB6bQDBADB6bowDAMEAMHpvQMEBsHpgDANBgkqhkiG9w0BAQsFAAOCAQEAho9W
vkLCRo44m2WZYvGEG0lPCWTA9HuqI7pMdc0+0JzYrcDD0mivPbwPGGulIQvV5n6Z
aUQV5va30b+EzVyp67CS3x/DMDdc6iCN+j8j9wmeFX3odvzqCxRwE3eEg4jcy6Bo
XWk6SlCM55rrnpLjc/dDCOKLbjjVjQOhUWVLjGS13VupZTOE1r8C1bU0195KNGhT
XnHXlHLM+D2faw1Hv+Q+YFvG6WJhzBKxOvTdncwTDst6RTpVg37ORirfKCi4sis9
ESgf0gyRNrxNJLUurj98ug+vNpXtcWDsVlUlaEriiSZGbrL7dGzswqSqYvNJStAJ
ODWCSddIH6IiqANYww==
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:21 2024 by rpki-client on console-ams.rpki-client.org