Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/P9GGUxVKNDcxZ9JlNwsOulqR9ao.roa
File: P9GGUxVKNDcxZ9JlNwsOulqR9ao.roa (raw, json)
Hash identifier: 8R1vwCjN29NA4Jtz0JYgl1S+P+rwbfwgBrGQ5GdqSrk=
Subject key identifier: 3F:D1:86:53:15:4A:34:37:31:67:D2:65:37:0B:0E:BA:5A:91:F5:AA
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018C3A20C4154BED41A6EF1F671BCC7D2FF0
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/P9GGUxVKNDcxZ9JlNwsOulqR9ao.roa
Signing time: Tue 05 Dec 2023 13:17:54 +0000
ROA not before: Tue 05 Dec 2023 13:17:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49392
IP address blocks: 193.233.86.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3a:20:c4:15:4b:ed:41:a6:ef:1f:67:1b:cc:7d:2f:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Dec 5 13:17:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3fd18653154a34373167d265370b0eba5a91f5aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:af:d1:e3:7b:8d:7b:61:4e:34:4b:40:47:1e:
09:73:36:2b:26:5b:9e:d1:41:a4:b4:a4:c8:1c:8b:
e4:a0:3e:e3:f8:e2:e7:e8:8c:3f:24:4a:fd:bd:ff:
08:3e:9a:9e:b1:2e:57:27:48:3a:ba:11:a2:64:72:
f9:ae:85:da:4e:f5:f7:17:39:e5:9d:67:45:4e:49:
20:4d:71:7f:5d:1a:11:bb:0e:9b:a9:9b:9e:69:2e:
ab:b7:82:07:5a:d3:c0:02:b9:ef:ea:12:33:77:89:
80:84:6a:85:42:0f:01:f7:e2:59:55:17:ab:db:2d:
a3:9e:36:88:03:66:d8:b8:66:70:1a:c6:f6:40:a3:
e1:60:fc:69:c4:44:1f:b7:58:b5:62:a1:f2:6b:fd:
83:30:ab:6f:01:9d:01:9f:41:26:ac:96:8e:6a:bb:
a9:46:0f:50:83:ca:fe:fa:1e:b1:e6:62:6c:c9:a2:
7d:93:61:98:da:37:4f:fb:9c:b5:65:89:80:00:8c:
a2:a2:2c:eb:ba:99:d4:cd:58:55:bb:d4:d9:ad:b7:
27:59:62:64:e0:28:5c:9c:b9:2d:d9:57:44:3e:9e:
20:4f:03:57:39:1e:90:93:0c:58:b6:a3:3b:39:ad:
86:f1:07:9a:c6:1b:99:88:d8:14:df:db:08:88:e6:
52:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:D1:86:53:15:4A:34:37:31:67:D2:65:37:0B:0E:BA:5A:91:F5:AA
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/P9GGUxVKNDcxZ9JlNwsOulqR9ao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.86.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:1d:f0:c7:64:78:64:a1:e5:16:e1:8c:f7:36:b7:1b:2f:84:
58:f5:96:04:c1:cf:b4:20:26:ea:73:88:19:b7:dc:dc:6a:6b:
f7:2a:c9:a5:6d:8f:b5:e1:19:48:b7:3d:ad:12:4a:04:d4:ba:
6e:8b:21:bd:3f:92:8c:f0:28:7a:0d:10:e9:6c:da:07:24:10:
6b:fa:bc:1a:e2:3b:cc:64:68:e5:2d:3c:54:bd:81:4c:9f:86:
4d:2f:92:87:6c:02:2d:83:6e:7b:af:5a:d5:29:14:89:8c:dd:
c7:66:75:f1:22:62:f0:66:7a:37:f4:09:21:9d:f0:77:b5:f1:
b5:34:b6:36:6b:61:ae:33:20:93:1b:e4:d5:9d:ba:ed:af:ed:
fc:02:7c:51:5e:68:cb:ed:cf:e6:97:a3:dd:df:46:5e:08:2b:
64:ff:cb:72:05:77:fb:15:b2:e7:f4:e5:4e:a8:5a:b9:f8:64:
4c:53:84:06:e2:1c:9a:6c:cd:04:9d:84:9b:57:52:87:d4:55:
3a:10:f9:d1:2a:b4:c1:de:e1:9a:e1:b0:12:7a:3d:76:41:01:
68:a4:0c:0d:68:5d:f0:96:4c:90:ef:56:fd:68:fc:3c:8a:5f:
ae:fb:77:bc:ee:5f:c9:a0:99:39:49:67:22:50:b8:e2:d9:82:
a0:28:ec:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYw6IMQVS+1Bpu8fZxvMfS/wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMxMjA1MTMxNzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmQxODY1MzE1NGEzNDM3MzE2N2QyNjUzNzBiMGViYTVhOTFmNWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoa/R43uNe2FONEtARx4JczYrJlue
0UGktKTIHIvkoD7j+OLn6Iw/JEr9vf8IPpqesS5XJ0g6uhGiZHL5roXaTvX3Fznl
nWdFTkkgTXF/XRoRuw6bqZueaS6rt4IHWtPAArnv6hIzd4mAhGqFQg8B9+JZVRer
2y2jnjaIA2bYuGZwGsb2QKPhYPxpxEQft1i1YqHya/2DMKtvAZ0Bn0EmrJaOarup
Rg9Qg8r++h6x5mJsyaJ9k2GY2jdP+5y1ZYmAAIyioizrupnUzVhVu9TZrbcnWWJk
4ChcnLkt2VdEPp4gTwNXOR6QkwxYtqM7Oa2G8QeaxhuZiNgU39sIiOZSGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD/RhlMVSjQ3MWfSZTcLDrpakfWqMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvUDlHR1V4VktORGN4WjlKbE53c091bHFSOWFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwelWMA0G
CSqGSIb3DQEBCwUAA4IBAQAbHfDHZHhkoeUW4Yz3NrcbL4RY9ZYEwc+0ICbqc4gZ
t9zcamv3KsmlbY+14RlItz2tEkoE1LpuiyG9P5KM8Ch6DRDpbNoHJBBr+rwa4jvM
ZGjlLTxUvYFMn4ZNL5KHbAItg257r1rVKRSJjN3HZnXxImLwZno39AkhnfB3tfG1
NLY2a2GuMyCTG+TVnbrtr+38AnxRXmjL7c/ml6Pd30ZeCCtk/8tyBXf7FbLn9OVO
qFq5+GRMU4QG4hyabM0EnYSbV1KH1FU6EPnRKrTB3uGa4bASej12QQFopAwNaF3w
lkyQ71b9aPw8il+u+3e87l/JoJk5SWciULji2YKgKOy2
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:05 2024 by rpki-client on console-fra.rpki-client.org