Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/J2eVz4sEfw0lGPK4Sp7nF0p4pmQ.roa
File: J2eVz4sEfw0lGPK4Sp7nF0p4pmQ.roa (raw, json)
Hash identifier: vVGis3g4v00GPLJJUGWDMghMvHpLopG5GFhslQQnZJM=
Subject key identifier: 27:67:95:CF:8B:04:7F:0D:25:18:F2:B8:4A:9E:E7:17:4A:78:A6:64
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 01856F26EF87DC657E4B1707B5EA43F93330
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/J2eVz4sEfw0lGPK4Sp7nF0p4pmQ.roa
Signing time: Sun 01 Jan 2023 21:05:00 +0000
ROA not before: Sun 01 Jan 2023 21:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204898
IP address blocks: 193.233.151.0/24 maxlen: 24
193.233.7.0/24 maxlen: 24
193.233.5.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:ef:87:dc:65:7e:4b:17:07:b5:ea:43:f9:33:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 21:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=276795cf8b047f0d2518f2b84a9ee7174a78a664
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:90:8a:a3:52:23:03:fb:ae:35:a2:ec:b2:31:
c0:89:ea:d9:bb:38:a3:78:05:a8:c8:ea:26:98:1a:
0e:ab:6a:ae:af:3c:cf:77:c9:25:08:72:69:18:73:
48:42:19:95:51:00:df:f9:41:44:c9:9d:9e:be:5b:
2d:f8:f4:52:4a:e2:73:1f:ed:d5:d8:2c:80:8b:ed:
b2:fb:bd:00:d8:ad:52:3a:29:9b:72:a0:c8:e0:a2:
5b:bc:5b:b1:a4:36:3e:ed:66:4f:61:7b:18:73:d1:
8a:ea:a7:9e:18:ec:16:5f:bf:5e:c5:79:bc:a1:2a:
7a:1c:0e:f8:fc:56:cf:2a:93:df:36:6e:52:e5:af:
f8:96:12:fc:9c:d6:62:73:bd:1c:42:74:b8:9c:7a:
31:5f:01:44:14:9a:94:eb:6a:51:52:15:41:cb:8a:
7b:82:7c:2c:7b:3c:b1:54:54:fc:fe:4f:db:9f:cc:
84:fd:b3:aa:c2:28:24:a0:db:d4:68:77:ed:c7:5a:
f6:35:b5:7f:c3:88:02:64:ce:b7:b1:ac:51:88:2f:
e2:40:8a:c9:87:30:34:0a:2e:88:4b:02:79:31:25:
ea:e2:27:b0:dc:a5:56:c6:03:a8:72:52:db:f8:3e:
53:5b:9e:73:fe:5c:89:9d:03:b2:ac:7f:ee:c7:58:
eb:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:67:95:CF:8B:04:7F:0D:25:18:F2:B8:4A:9E:E7:17:4A:78:A6:64
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/J2eVz4sEfw0lGPK4Sp7nF0p4pmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.5.0/24
193.233.7.0/24
193.233.151.0/24
Signature Algorithm: sha256WithRSAEncryption
68:18:6b:3b:fb:59:05:7a:78:88:83:12:49:3d:be:96:b8:db:
4d:3a:e3:04:43:f3:20:93:71:f2:7b:c1:24:fb:6a:07:aa:5b:
be:04:de:4a:3d:fa:02:fd:69:4d:4a:cc:22:cb:de:a7:c4:85:
20:a1:91:c8:90:ba:c6:0c:40:8a:29:82:4e:c4:d9:99:8c:5b:
56:f5:13:1d:65:14:d3:d3:97:1c:84:64:6e:0a:89:e4:40:25:
9e:f7:6c:ec:fb:9d:f9:fe:83:78:b3:e2:72:b6:a4:ca:ec:88:
57:25:fa:bf:c4:8a:22:e5:7b:f3:53:c4:cc:b6:4a:ec:23:7e:
e0:3e:ee:ba:1e:b2:39:7b:21:59:64:de:62:cb:f0:a2:e8:46:
f9:f7:76:4f:b6:c6:bf:e5:f3:41:09:cb:85:d7:f6:ab:a0:be:
f3:79:54:ac:0d:87:11:8b:57:7a:24:3d:ca:39:83:f4:aa:1e:
98:45:85:dc:a3:7f:36:92:fa:85:6a:9d:f2:ee:0e:5b:ee:68:
9b:cf:b5:1d:42:d4:f1:e5:4d:7f:e4:64:ba:9a:9f:df:de:3e:
bd:38:d4:bd:b4:5c:94:41:28:b2:91:f8:67:d8:52:db:de:04:
4d:36:b8:a6:35:73:fb:d3:0e:88:c9:e7:14:6e:e6:fe:42:a5:
14:31:6e:79
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvJu+H3GV+SxcHtepD+TMwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwMTAxMjEwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzY3OTVjZjhiMDQ3ZjBkMjUxOGYyYjg0YTllZTcxNzRhNzhhNjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZCKo1IjA/uuNaLssjHAierZuzij
eAWoyOommBoOq2qurzzPd8klCHJpGHNIQhmVUQDf+UFEyZ2evlst+PRSSuJzH+3V
2CyAi+2y+70A2K1SOimbcqDI4KJbvFuxpDY+7WZPYXsYc9GK6qeeGOwWX79exXm8
oSp6HA74/FbPKpPfNm5S5a/4lhL8nNZic70cQnS4nHoxXwFEFJqU62pRUhVBy4p7
gnwsezyxVFT8/k/bn8yE/bOqwigkoNvUaHftx1r2NbV/w4gCZM63saxRiC/iQIrJ
hzA0Ci6ISwJ5MSXq4iew3KVWxgOoclLb+D5TW55z/lyJnQOyrH/ux1jrSQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCdnlc+LBH8NJRjyuEqe5xdKeKZkMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvSjJlVno0c0VmdzBsR1BLNFNwN25GMHA0cG1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwekFAwQA
wekHAwQAwemXMA0GCSqGSIb3DQEBCwUAA4IBAQBoGGs7+1kFeniIgxJJPb6WuNtN
OuMEQ/Mgk3Hye8Ek+2oHqlu+BN5KPfoC/WlNSswiy96nxIUgoZHIkLrGDECKKYJO
xNmZjFtW9RMdZRTT05cchGRuConkQCWe92zs+535/oN4s+JytqTK7IhXJfq/xIoi
5XvzU8TMtkrsI37gPu66HrI5eyFZZN5iy/Ci6Eb593ZPtsa/5fNBCcuF1/aroL7z
eVSsDYcRi1d6JD3KOYP0qh6YRYXco382kvqFap3y7g5b7mibz7UdQtTx5U1/5GS6
mp/f3j69ONS9tFyUQSiykfhn2FLb3gRNNrimNXP70w6IyecUbub+QqUUMW55
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:21 2024 by rpki-client on console-ams.rpki-client.org