Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/P-EfPYOM-Hu-MkWZEY0FdqKriWw.roa
File: P-EfPYOM-Hu-MkWZEY0FdqKriWw.roa (raw, json)
Hash identifier: zQXEJc8Mrp/FuWhcuI6aGKsOfN91rbtjDNPnF3gzS+8=
Subject key identifier: 3F:E1:1F:3D:83:8C:F8:7B:BE:32:45:99:11:8D:05:76:A2:AB:89:6C
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 01879996ADD922E1D36852045017E42B68B2
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/P-EfPYOM-Hu-MkWZEY0FdqKriWw.roa
Signing time: Wed 19 Apr 2023 12:56:41 +0000
ROA not before: Wed 19 Apr 2023 12:56:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61121
IP address blocks: 193.233.236.0/23 maxlen: 24
193.233.238.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:99:96:ad:d9:22:e1:d3:68:52:04:50:17:e4:2b:68:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Apr 19 12:56:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3fe11f3d838cf87bbe324599118d0576a2ab896c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:79:54:a2:67:53:a0:32:8d:35:f1:5a:1a:9a:
11:61:fa:d7:86:d6:4f:09:c9:aa:e0:a0:0a:ac:89:
68:f0:65:31:31:ac:7a:cb:26:a5:e4:7c:3e:0e:2c:
09:9f:bd:f9:5e:fd:d0:25:26:a2:37:e9:c2:77:e9:
db:43:fb:4b:d0:6a:3d:a1:8f:53:0a:a4:88:c6:aa:
a7:ef:97:98:78:4a:f5:2e:e3:db:c5:38:fd:e5:9e:
f7:d1:dc:66:5f:d9:3a:ad:1e:1e:2c:2a:ba:d9:4a:
f6:66:11:e7:e7:81:04:ca:bf:74:4b:e5:73:79:a7:
2a:60:24:75:65:ca:a0:e1:91:36:32:34:b0:8e:a7:
12:f4:73:d6:e9:b3:b6:34:d6:b7:2c:60:67:2f:2a:
5d:b3:e9:29:64:5b:f0:4e:b8:2a:46:ac:8d:e4:16:
c9:9b:7e:5f:50:28:d1:12:4d:7e:19:e1:63:11:b5:
8d:91:44:83:d0:3b:7c:10:14:03:a6:de:38:f0:3c:
8b:30:67:65:6f:5f:5f:ab:df:df:b7:ed:c8:ba:05:
03:b7:77:d8:27:31:cd:23:3a:a6:70:f9:17:f2:89:
39:21:05:4b:78:6e:57:c3:3f:27:85:be:cf:2b:30:
e5:4a:f5:a9:37:0d:31:4d:4c:bb:8b:67:c7:1d:c2:
7b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:E1:1F:3D:83:8C:F8:7B:BE:32:45:99:11:8D:05:76:A2:AB:89:6C
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/P-EfPYOM-Hu-MkWZEY0FdqKriWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.236.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:4d:16:86:4d:e1:b0:d2:da:03:19:03:4a:c2:32:1b:06:1a:
3e:43:1d:0f:d3:ea:b3:f8:8b:01:24:ec:11:20:e4:72:4f:2b:
e5:ef:28:d1:f5:c6:f1:a2:94:11:37:5d:67:b9:7f:ad:28:e3:
e8:34:a1:73:7f:d5:c5:f6:22:81:a9:36:b0:f1:95:92:ee:17:
d6:61:fa:47:a6:3d:74:2e:a8:cd:23:d8:a4:56:04:be:9a:a8:
6d:78:f0:4b:a4:91:1a:e0:ab:20:60:74:0d:3d:83:d4:c6:9a:
65:64:b5:0b:e7:b1:fc:6a:c3:e8:bf:c6:61:7a:84:e0:94:03:
ab:c9:88:b8:3c:a9:2c:15:9c:45:4a:1d:3e:ee:10:95:2a:1f:
ac:00:12:df:11:50:ce:54:20:67:44:75:e5:b5:cb:94:54:e8:
52:2f:c7:3c:03:19:0b:71:21:2c:76:b1:a6:4d:32:30:01:fb:
07:f8:c7:bd:89:eb:ec:26:61:b9:ab:40:5a:c2:bf:ec:87:68:
a7:9c:b3:ca:51:20:e9:26:55:41:e8:7e:0b:f3:27:d7:2d:fa:
6a:46:6f:b3:e6:e7:f9:ca:84:3d:56:c0:64:cc:fc:68:0a:45:
98:ed:0e:60:3d:8b:98:65:c0:d8:86:c4:0b:a4:88:d8:4d:f1:
23:62:ac:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeZlq3ZIuHTaFIEUBfkK2iyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwNDE5MTI1NjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmUxMWYzZDgzOGNmODdiYmUzMjQ1OTkxMThkMDU3NmEyYWI4OTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXlUomdToDKNNfFaGpoRYfrXhtZP
Ccmq4KAKrIlo8GUxMax6yyal5Hw+DiwJn735Xv3QJSaiN+nCd+nbQ/tL0Go9oY9T
CqSIxqqn75eYeEr1LuPbxTj95Z730dxmX9k6rR4eLCq62Ur2ZhHn54EEyr90S+Vz
eacqYCR1Zcqg4ZE2MjSwjqcS9HPW6bO2NNa3LGBnLypds+kpZFvwTrgqRqyN5BbJ
m35fUCjREk1+GeFjEbWNkUSD0Dt8EBQDpt448DyLMGdlb19fq9/ft+3IugUDt3fY
JzHNIzqmcPkX8ok5IQVLeG5Xwz8nhb7PKzDlSvWpNw0xTUy7i2fHHcJ7mQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD/hHz2DjPh7vjJFmRGNBXaiq4lsMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvUC1FZlBZT00tSHUtTWtXWkVZMEZkcUtyaVd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwensMA0G
CSqGSIb3DQEBCwUAA4IBAQAtTRaGTeGw0toDGQNKwjIbBho+Qx0P0+qz+IsBJOwR
IORyTyvl7yjR9cbxopQRN11nuX+tKOPoNKFzf9XF9iKBqTaw8ZWS7hfWYfpHpj10
LqjNI9ikVgS+mqhtePBLpJEa4KsgYHQNPYPUxpplZLUL57H8asPov8ZheoTglAOr
yYi4PKksFZxFSh0+7hCVKh+sABLfEVDOVCBnRHXltcuUVOhSL8c8AxkLcSEsdrGm
TTIwAfsH+Me9ievsJmG5q0Bawr/sh2innLPKUSDpJlVB6H4L8yfXLfpqRm+z5uf5
yoQ9VsBkzPxoCkWY7Q5gPYuYZcDYhsQLpIjYTfEjYqzI
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:21 2024 by rpki-client on console-ams.rpki-client.org