Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/O3IzbUNIRwy3E52fSAr1nKN2JII.roa
File: O3IzbUNIRwy3E52fSAr1nKN2JII.roa (raw, json)
Hash identifier: HqWSqnW9PhnxuYHX0szMbgaycNKz04a9ibMLviCyZsg=
Subject key identifier: 3B:72:33:6D:43:48:47:0C:B7:13:9D:9F:48:0A:F5:9C:A3:76:24:82
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0191761351DED5E8B7DC96C781BD3AC48607
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/O3IzbUNIRwy3E52fSAr1nKN2JII.roa
Signing time: Wed 21 Aug 2024 17:54:23 +0000
ROA not before: Wed 21 Aug 2024 17:54:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26548
IP address blocks: 193.233.82.0/23 maxlen: 23
193.233.136.0/22 maxlen: 22
193.233.140.0/22 maxlen: 22
193.233.208.0/23 maxlen: 23
193.233.210.0/23 maxlen: 23
193.233.228.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 23 Aug 2024 06:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:76:13:51:de:d5:e8:b7:dc:96:c7:81:bd:3a:c4:86:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Aug 21 17:54:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b72336d4348470cb7139d9f480af59ca3762482
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:08:c8:ff:25:cd:d3:a7:56:fa:3b:31:f7:15:
04:1a:44:68:17:b2:5b:5e:26:2b:ee:0c:cd:a5:1b:
33:28:1c:0e:83:36:0d:5e:bd:60:60:20:c7:00:e1:
3e:e4:10:bf:13:fb:96:db:f5:43:4d:a8:39:be:d8:
f1:48:74:71:58:08:93:66:2b:19:bc:3f:a9:80:78:
c1:11:86:a7:d3:06:f6:5e:9b:ce:a0:71:f0:7e:72:
4a:90:71:9e:4e:b4:27:4b:41:d1:30:8d:a9:2f:aa:
44:b9:96:d5:90:7e:fc:62:15:b2:fd:39:7a:03:e6:
13:bc:d0:cd:dd:4c:42:8f:c3:3d:8c:4b:dd:2c:df:
d5:c2:e0:48:b0:6c:0f:33:80:c9:4b:fa:88:87:e9:
8f:d4:66:ca:9b:8d:52:21:52:ea:ee:09:bf:a5:ae:
f2:ec:8c:ad:6c:83:a7:62:2f:45:76:83:61:ad:7b:
ca:60:ef:6b:df:60:f6:f0:9e:18:9e:54:49:3d:b7:
96:8e:b2:a9:37:8d:22:b2:cf:1a:3c:ee:88:b5:c2:
87:7a:a8:64:b0:09:b8:2d:8f:cf:6a:14:1c:a3:81:
b8:90:b2:4b:e4:db:f0:87:d4:60:b0:5e:ff:a4:15:
16:61:ae:d6:87:8d:13:17:a2:36:96:c8:b8:7b:51:
83:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:72:33:6D:43:48:47:0C:B7:13:9D:9F:48:0A:F5:9C:A3:76:24:82
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/O3IzbUNIRwy3E52fSAr1nKN2JII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.82.0/23
193.233.136.0/21
193.233.208.0/22
193.233.228.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:23:6a:d4:44:0d:9a:ee:f7:32:e4:a9:7a:22:c1:53:38:17:
ce:30:ba:8e:98:2f:51:6a:05:e8:b4:97:f9:5d:79:2b:3c:19:
12:94:c0:d2:0e:19:cd:0b:ac:e9:4f:29:8e:31:a7:80:31:57:
b6:87:6a:0f:e1:09:b5:11:88:3e:b2:30:89:64:ba:b0:18:dd:
f5:0d:af:b5:e2:90:3a:f3:9e:3a:ba:a5:20:4b:4f:26:c4:f0:
a9:8a:bf:52:77:b9:75:7a:80:a0:af:a6:3e:b5:bd:b4:12:53:
5c:bb:b4:5a:cb:ea:d6:cf:48:eb:cc:03:77:f1:fe:4e:36:e5:
39:23:35:0e:06:4e:1a:37:35:1e:ec:28:14:d5:cf:5a:54:56:
08:72:1b:14:ec:32:c1:0a:4e:3c:5c:1a:e5:e5:27:c8:f6:87:
a0:57:9b:a1:b7:bd:f7:a2:d1:a4:73:0e:cc:da:24:e7:c8:ea:
0f:0f:7e:59:19:78:3d:0c:45:97:0e:b8:36:c8:4a:5b:fb:d5:
01:9f:3e:e6:8e:b2:9b:22:1d:c3:4a:7d:6e:b7:2c:0b:25:00:
e5:16:3b:b9:5b:0e:ec:e3:cb:90:26:41:ef:c2:0f:0d:48:81:
61:17:32:11:fb:8d:f8:d4:3d:db:37:bf:5f:e3:bd:91:e4:d4:
4e:a3:10:3e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZF2E1He1ei33JbHgb06xIYHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwODIxMTc1NDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjcyMzM2ZDQzNDg0NzBjYjcxMzlkOWY0ODBhZjU5Y2EzNzYyNDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAjI/yXN06dW+jsx9xUEGkRoF7Jb
XiYr7gzNpRszKBwOgzYNXr1gYCDHAOE+5BC/E/uW2/VDTag5vtjxSHRxWAiTZisZ
vD+pgHjBEYan0wb2XpvOoHHwfnJKkHGeTrQnS0HRMI2pL6pEuZbVkH78YhWy/Tl6
A+YTvNDN3UxCj8M9jEvdLN/VwuBIsGwPM4DJS/qIh+mP1GbKm41SIVLq7gm/pa7y
7IytbIOnYi9FdoNhrXvKYO9r32D28J4YnlRJPbeWjrKpN40iss8aPO6ItcKHeqhk
sAm4LY/PahQco4G4kLJL5Nvwh9RgsF7/pBUWYa7Wh40TF6I2lsi4e1GDjQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDtyM21DSEcMtxOdn0gK9ZyjdiSCMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvTzNJemJVTklSd3kzRTUyZlNBcjFuS04ySklJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBwelSAwQD
wemIAwQCwenQAwQCwenkMA0GCSqGSIb3DQEBCwUAA4IBAQAdI2rURA2a7vcy5Kl6
IsFTOBfOMLqOmC9RagXotJf5XXkrPBkSlMDSDhnNC6zpTymOMaeAMVe2h2oP4Qm1
EYg+sjCJZLqwGN31Da+14pA68546uqUgS08mxPCpir9Sd7l1eoCgr6Y+tb20ElNc
u7Ray+rWz0jrzAN38f5ONuU5IzUOBk4aNzUe7CgU1c9aVFYIchsU7DLBCk48XBrl
5SfI9oegV5uht733otGkcw7M2iTnyOoPD35ZGXg9DEWXDrg2yEpb+9UBnz7mjrKb
Ih3DSn1utywLJQDlFju5Ww7s48uQJkHvwg8NSIFhFzIR+4341D3bN79f472R5NRO
oxA+
-----END CERTIFICATE-----
Generated at Fri Aug 23 09:29:21 2024 by rpki-client on console-ams.rpki-client.org