Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/OMh7enUUFTd43I0stDxGnoeBvyY.roa
File: OMh7enUUFTd43I0stDxGnoeBvyY.roa (raw, json)
Hash identifier: idxRBd0YhT3g/yoskvOhf94N6uQP7eyc3pvvRcc8oP8=
Subject key identifier: 38:C8:7B:7A:75:14:15:37:78:DC:8D:2C:B4:3C:46:9E:87:81:BF:26
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 01856F26E58533252A3094CB0CF53E763BC3
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/OMh7enUUFTd43I0stDxGnoeBvyY.roa
Signing time: Sun 01 Jan 2023 21:04:58 +0000
ROA not before: Sun 01 Jan 2023 21:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49392
IP address blocks: 193.233.252.0/23 maxlen: 23
193.233.192.0/24 maxlen: 24
193.233.85.0/24 maxlen: 24
193.233.193.0/24 maxlen: 24
193.233.95.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:e5:85:33:25:2a:30:94:cb:0c:f5:3e:76:3b:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 21:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38c87b7a7514153778dc8d2cb43c469e8781bf26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ff:4e:5f:b8:2d:a1:17:33:81:1c:03:29:8c:
f7:6c:c4:02:42:9e:16:15:52:38:31:71:b1:ae:61:
1b:b8:fe:eb:7e:d4:5a:d7:de:50:97:3e:16:ad:6b:
d2:80:97:c9:58:91:d4:32:f5:39:83:56:cf:4e:d7:
c2:02:40:f3:2a:3d:68:12:5e:f9:ef:e7:0b:65:05:
eb:af:73:d8:31:f3:1b:37:db:a4:f0:38:f8:49:fa:
af:03:96:3f:fa:59:b9:dc:3f:28:8f:c1:8a:e0:39:
ec:c4:d6:8a:0c:f0:47:a2:8e:48:a2:0d:a4:19:92:
e4:5b:ef:41:a2:9d:13:05:f3:55:45:b9:33:0b:bc:
65:e8:d7:0c:da:7b:6f:26:fa:19:6d:fd:bd:79:78:
83:71:c6:e6:21:91:7c:0c:81:a1:ea:ea:2d:1d:2c:
89:13:29:15:6d:f1:bd:2b:1e:62:7b:d9:6c:53:8d:
06:de:c1:67:1c:31:1b:95:c9:fe:40:4e:ec:aa:86:
e2:28:c7:91:9d:0b:ca:49:e2:52:7a:a5:c5:2b:53:
6f:44:ae:cd:ee:9b:f5:51:5c:4f:d9:ed:f3:e0:04:
13:b4:fb:a5:a1:ee:50:70:9e:d8:68:61:62:92:81:
db:6d:df:f4:1d:44:7f:f9:72:81:7e:9f:55:f9:d7:
03:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:C8:7B:7A:75:14:15:37:78:DC:8D:2C:B4:3C:46:9E:87:81:BF:26
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/OMh7enUUFTd43I0stDxGnoeBvyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.85.0/24
193.233.95.0/24
193.233.192.0/23
193.233.252.0/23
Signature Algorithm: sha256WithRSAEncryption
76:14:e1:b5:f0:55:50:0d:ce:3b:78:c4:d5:1a:39:24:3f:69:
03:3b:86:d0:3c:8a:7b:a4:4a:91:c2:c2:47:a8:1b:f2:fd:e5:
00:f0:41:55:e4:b7:c8:89:94:44:28:5d:3e:c2:41:b4:1c:24:
ab:fa:52:af:c7:e2:1d:52:7a:e6:a4:8a:6b:97:64:3e:e5:9b:
90:28:cb:9a:de:23:2c:c6:b3:02:24:4e:04:b1:c5:08:db:a7:
b0:06:11:44:dd:e2:bc:ef:e0:8f:d2:9f:6c:5c:bc:8b:7b:01:
be:bd:9c:4a:f3:8f:ca:09:6f:a2:40:1e:23:71:a5:18:1a:08:
3c:a6:8c:96:d9:9a:7a:a6:10:f6:69:34:64:a4:d1:b4:0b:6f:
40:7d:f6:ec:ae:a9:d0:a2:b1:3e:0f:0d:e2:d5:df:75:51:fd:
4e:19:c1:eb:7c:43:4f:3a:4a:66:03:36:b7:c8:80:55:f7:ce:
83:47:b0:8c:bb:5b:91:af:bc:04:09:0e:88:bf:e4:8e:a6:72:
ec:06:58:4f:35:6a:7f:b6:6e:e0:25:15:88:a8:d1:df:d4:c9:
7c:c7:5e:43:84:e6:eb:eb:9e:d3:be:31:d5:72:c9:5d:0f:0b:
03:ab:e8:24:fc:f7:4b:f8:12:84:9d:f9:5b:fc:17:f7:81:0c:
86:72:b8:a0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVvJuWFMyUqMJTLDPU+djvDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwMTAxMjEwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGM4N2I3YTc1MTQxNTM3NzhkYzhkMmNiNDNjNDY5ZTg3ODFiZjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/9OX7gtoRczgRwDKYz3bMQCQp4W
FVI4MXGxrmEbuP7rftRa195Qlz4WrWvSgJfJWJHUMvU5g1bPTtfCAkDzKj1oEl75
7+cLZQXrr3PYMfMbN9uk8Dj4SfqvA5Y/+lm53D8oj8GK4DnsxNaKDPBHoo5Iog2k
GZLkW+9Bop0TBfNVRbkzC7xl6NcM2ntvJvoZbf29eXiDccbmIZF8DIGh6uotHSyJ
EykVbfG9Kx5ie9lsU40G3sFnHDEblcn+QE7sqobiKMeRnQvKSeJSeqXFK1NvRK7N
7pv1UVxP2e3z4AQTtPuloe5QcJ7YaGFikoHbbd/0HUR/+XKBfp9V+dcDWwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDjIe3p1FBU3eNyNLLQ8Rp6Hgb8mMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvT01oN2VuVVVGVGQ0M0kwc3REeEdub2VCdnlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwelVAwQA
welfAwQBwenAAwQBwen8MA0GCSqGSIb3DQEBCwUAA4IBAQB2FOG18FVQDc47eMTV
GjkkP2kDO4bQPIp7pEqRwsJHqBvy/eUA8EFV5LfIiZREKF0+wkG0HCSr+lKvx+Id
UnrmpIprl2Q+5ZuQKMua3iMsxrMCJE4EscUI26ewBhFE3eK87+CP0p9sXLyLewG+
vZxK84/KCW+iQB4jcaUYGgg8poyW2Zp6phD2aTRkpNG0C29AffbsrqnQorE+Dw3i
1d91Uf1OGcHrfENPOkpmAza3yIBV986DR7CMu1uRr7wECQ6Iv+SOpnLsBlhPNWp/
tm7gJRWIqNHf1Ml8x15DhObr657TvjHVcsldDwsDq+gk/PdL+BKEnflb/Bf3gQyG
crig
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:30 2023 by rpki-client on console-ams.rpki-client.org