Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/I8aM6E9Jx19q738eAe8IAGQQzEY.roa
File: I8aM6E9Jx19q738eAe8IAGQQzEY.roa (raw, json)
Hash identifier: Rl2C6d1P0GpeQedKnLIapY8Zva740pTc+szg9AtnChc=
Subject key identifier: 23:C6:8C:E8:4F:49:C7:5F:6A:EF:7F:1E:01:EF:08:00:64:10:CC:46
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0188796A571A7A039E9D908DB8317EB841A7
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/I8aM6E9Jx19q738eAe8IAGQQzEY.roa
Signing time: Fri 02 Jun 2023 00:03:12 +0000
ROA not before: Fri 02 Jun 2023 00:03:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210644
IP address blocks: 193.233.232.0/24 maxlen: 24
193.233.233.0/24 maxlen: 24
193.233.133.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:79:6a:57:1a:7a:03:9e:9d:90:8d:b8:31:7e:b8:41:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jun 2 00:03:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23c68ce84f49c75f6aef7f1e01ef08006410cc46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:55:52:d5:22:8b:0d:81:b2:4d:3f:90:e1:9a:
b9:54:25:c1:88:92:2a:3e:45:00:7f:f8:e3:74:63:
f4:cc:0c:56:be:e1:7d:0c:16:47:6f:01:bd:97:c7:
80:92:22:4b:b7:50:96:b3:20:2a:aa:5b:2b:f0:58:
26:3d:4a:04:b0:54:1c:4b:20:1b:32:b6:cc:d5:d2:
41:49:99:fd:5b:9c:3c:5b:c8:e2:45:f4:df:23:d1:
49:c7:2f:b5:8d:1b:5a:23:34:99:34:16:c8:eb:15:
91:3c:56:04:12:4e:87:f4:91:82:a7:b3:21:4e:d8:
ac:b7:38:c1:c0:4d:a0:d9:fa:a2:97:8a:d2:05:d5:
41:60:6b:69:b1:67:30:36:98:ef:ea:03:31:6e:24:
b7:75:9a:40:00:7e:57:39:13:14:c7:1f:ca:9b:47:
66:6c:b4:69:56:44:e7:17:19:0b:9d:3b:60:9a:0e:
44:46:65:ea:51:76:c2:7e:d1:e4:60:d0:37:4a:63:
84:b7:b9:09:20:a2:97:35:90:b6:cc:1d:f6:68:b2:
31:e1:63:b9:a2:ac:e5:0d:37:46:9d:94:c7:f6:d3:
64:17:1c:57:a5:cd:30:c1:87:06:48:ca:34:b2:9b:
23:fe:9b:0b:26:f0:4f:25:1e:9a:bd:b4:41:ec:57:
b6:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:C6:8C:E8:4F:49:C7:5F:6A:EF:7F:1E:01:EF:08:00:64:10:CC:46
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/I8aM6E9Jx19q738eAe8IAGQQzEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.133.0/24
193.233.232.0/23
Signature Algorithm: sha256WithRSAEncryption
62:5a:3a:97:78:4f:5b:55:74:26:69:25:b8:21:cf:b6:34:29:
40:6c:65:b2:a1:5e:ed:30:37:9e:78:83:7d:52:62:b4:f4:6e:
f4:0e:6a:98:88:30:83:d2:58:48:1e:65:d8:b1:58:45:26:af:
6f:57:c4:a2:a8:d9:2d:c3:f3:91:85:c1:5e:2c:bf:fc:62:8e:
ae:3e:0c:de:ce:44:b9:1d:d7:10:4f:ef:cb:49:12:eb:a9:75:
61:4a:7b:89:c1:b8:42:b2:d8:9f:33:b0:71:32:c7:08:8e:44:
71:c8:eb:83:e8:0a:ec:1c:42:19:31:66:95:a8:c8:c3:02:b8:
52:63:bf:92:6d:1e:d2:0e:69:de:38:6d:82:af:8b:8e:e4:d5:
e9:7f:a4:a7:c7:17:34:ed:3c:8e:7e:b5:40:39:f6:eb:80:aa:
cd:e0:e2:bc:f8:5c:fa:cc:a6:19:d9:34:0e:44:c4:0d:3a:9d:
ed:59:37:14:ec:29:8c:0f:bc:50:d8:c6:cc:58:fc:1c:18:73:
ca:bb:fb:9a:ea:90:51:45:3d:ee:96:6f:ba:6d:78:61:44:d6:
a7:54:0b:12:d9:4c:79:a7:2e:ae:2d:3f:7c:b8:d0:30:5c:da:
3c:41:4c:24:37:82:3d:8c:49:22:1b:09:97:b4:60:a4:0e:f9:
4e:7e:b9:72
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYh5alcaegOenZCNuDF+uEGnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwNjAyMDAwMzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2M2OGNlODRmNDljNzVmNmFlZjdmMWUwMWVmMDgwMDY0MTBjYzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFVS1SKLDYGyTT+Q4Zq5VCXBiJIq
PkUAf/jjdGP0zAxWvuF9DBZHbwG9l8eAkiJLt1CWsyAqqlsr8FgmPUoEsFQcSyAb
MrbM1dJBSZn9W5w8W8jiRfTfI9FJxy+1jRtaIzSZNBbI6xWRPFYEEk6H9JGCp7Mh
TtistzjBwE2g2fqil4rSBdVBYGtpsWcwNpjv6gMxbiS3dZpAAH5XORMUxx/Km0dm
bLRpVkTnFxkLnTtgmg5ERmXqUXbCftHkYNA3SmOEt7kJIKKXNZC2zB32aLIx4WO5
oqzlDTdGnZTH9tNkFxxXpc0wwYcGSMo0spsj/psLJvBPJR6avbRB7Fe2LQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCPGjOhPScdfau9/HgHvCABkEMxGMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvSThhTTZFOUp4MTlxNzM4ZUFlOElBR1FRekVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwemFAwQB
wenoMA0GCSqGSIb3DQEBCwUAA4IBAQBiWjqXeE9bVXQmaSW4Ic+2NClAbGWyoV7t
MDeeeIN9UmK09G70DmqYiDCD0lhIHmXYsVhFJq9vV8SiqNktw/ORhcFeLL/8Yo6u
PgzezkS5HdcQT+/LSRLrqXVhSnuJwbhCstifM7BxMscIjkRxyOuD6ArsHEIZMWaV
qMjDArhSY7+SbR7SDmneOG2Cr4uO5NXpf6Snxxc07TyOfrVAOfbrgKrN4OK8+Fz6
zKYZ2TQORMQNOp3tWTcU7CmMD7xQ2MbMWPwcGHPKu/ua6pBRRT3ulm+6bXhhRNan
VAsS2Ux5py6uLT98uNAwXNo8QUwkN4I9jEkiGwmXtGCkDvlOfrly
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:21 2024 by rpki-client on console-ams.rpki-client.org