Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/PXhLvZes8AskK_meuhmt1f8vE6g.roa
File: PXhLvZes8AskK_meuhmt1f8vE6g.roa (raw, json)
Hash identifier: 3d2zZU8eEQgRKqS9khYz95S/KmEk4ZnFUL9pIScAk0M=
Subject key identifier: 3D:78:4B:BD:97:AC:F0:0B:24:2B:F9:9E:BA:19:AD:D5:FF:2F:13:A8
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 01856F26F4D66B71990727E169292E5CC0EA
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/PXhLvZes8AskK_meuhmt1f8vE6g.roa
Signing time: Sun 01 Jan 2023 21:05:02 +0000
ROA not before: Sun 01 Jan 2023 21:05:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211252
IP address blocks: 193.233.179.0/24 maxlen: 24
193.233.177.0/24 maxlen: 24
193.233.187.0/24 maxlen: 24
193.233.188.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:f4:d6:6b:71:99:07:27:e1:69:29:2e:5c:c0:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 21:05:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d784bbd97acf00b242bf99eba19add5ff2f13a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:b2:51:19:b0:3c:c1:c1:f7:83:b5:ff:63:92:
1a:e5:c6:27:b6:61:48:76:cf:79:1b:06:2b:a6:cf:
9a:5f:92:ea:99:85:c8:23:7e:1c:a2:0c:00:d3:a1:
09:0f:2e:b0:f0:69:26:16:94:bb:a4:f3:a5:9f:93:
f9:de:29:41:aa:e3:d4:cc:dc:52:ee:00:4e:7b:b9:
33:0b:16:bf:32:8e:93:e9:2b:8d:bf:8d:91:91:78:
72:fe:21:32:69:c1:94:34:db:ab:94:33:96:08:d3:
94:33:ff:f1:45:b5:a2:da:a6:e6:96:d2:2b:7d:84:
a1:f8:79:72:c2:88:7a:ba:56:1e:70:1b:50:42:aa:
ff:c6:13:51:10:29:95:8f:98:80:92:d4:c5:8d:3d:
c1:68:c3:80:b4:d9:fa:0a:d6:df:83:59:8c:98:ca:
5c:ff:d1:ac:91:b7:99:48:b5:25:32:32:f3:7d:86:
fb:42:12:c1:0f:c9:cf:26:fd:5e:1e:7a:51:44:40:
05:7f:12:6b:d6:b9:3f:75:04:58:8b:ea:c1:62:62:
34:ae:6a:d5:cd:af:29:cd:63:80:48:f2:0d:a3:ee:
2d:d3:d7:16:bf:cf:6b:35:2a:5e:ed:09:dc:fc:75:
d9:8e:b7:ec:3f:ef:87:3b:09:45:c5:15:ff:f4:c2:
49:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:78:4B:BD:97:AC:F0:0B:24:2B:F9:9E:BA:19:AD:D5:FF:2F:13:A8
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/PXhLvZes8AskK_meuhmt1f8vE6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.177.0/24
193.233.179.0/24
193.233.187.0-193.233.188.255
Signature Algorithm: sha256WithRSAEncryption
71:e1:10:d6:d2:4e:1f:19:59:e3:7b:c2:2d:44:87:a3:6d:c4:
a5:58:ca:66:8f:f8:93:75:9a:d8:67:84:9e:6c:5f:3c:94:b6:
01:31:b3:88:06:77:9e:bb:17:6f:64:1a:f0:4d:6d:38:2a:1b:
dc:56:25:42:a3:46:14:d1:4b:d5:fc:24:c1:57:0e:0a:45:2f:
d1:00:7a:9b:1a:12:82:b7:72:fa:96:14:64:8f:3c:17:55:10:
28:a0:10:f0:5a:91:78:7f:97:3a:d9:9c:02:d0:10:82:ba:b7:
e8:22:c4:25:3f:ee:65:b8:80:e3:ef:75:e7:47:45:2a:ae:97:
33:64:34:00:07:99:8c:71:dd:99:54:09:43:63:6a:29:32:73:
93:8e:f4:a2:18:40:03:62:a0:00:66:51:a1:44:07:7b:d7:1e:
96:ae:53:05:75:37:b8:0b:19:48:ce:c1:21:a5:0b:62:12:e8:
d9:45:97:f4:73:84:d2:51:75:96:e6:5b:50:ea:8e:4e:15:f3:
1a:87:ad:b1:8d:6a:82:c2:08:d0:17:04:47:a9:73:dc:60:7c:
d0:33:30:99:7e:56:8e:32:29:db:14:72:69:da:a0:f5:eb:a1:
8d:1f:ca:10:ff:ab:06:7c:f9:ea:ea:f0:c5:d3:60:ac:cd:3b:
b0:1c:91:c4
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVvJvTWa3GZByfhaSkuXMDqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwMTAxMjEwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDc4NGJiZDk3YWNmMDBiMjQyYmY5OWViYTE5YWRkNWZmMmYxM2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7JRGbA8wcH3g7X/Y5Ia5cYntmFI
ds95GwYrps+aX5LqmYXII34cogwA06EJDy6w8GkmFpS7pPOln5P53ilBquPUzNxS
7gBOe7kzCxa/Mo6T6SuNv42RkXhy/iEyacGUNNurlDOWCNOUM//xRbWi2qbmltIr
fYSh+Hlywoh6ulYecBtQQqr/xhNRECmVj5iAktTFjT3BaMOAtNn6Ctbfg1mMmMpc
/9GskbeZSLUlMjLzfYb7QhLBD8nPJv1eHnpRREAFfxJr1rk/dQRYi+rBYmI0rmrV
za8pzWOASPINo+4t09cWv89rNSpe7Qnc/HXZjrfsP++HOwlFxRX/9MJJVwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFD14S72XrPALJCv5nroZrdX/LxOoMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvUFhoTHZaZXM4QXNrS19tZXVobXQxZjh2RTZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAwemxAwQA
wemzMAwDBADB6bsDBADB6bwwDQYJKoZIhvcNAQELBQADggEBAHHhENbSTh8ZWeN7
wi1Eh6NtxKVYymaP+JN1mthnhJ5sXzyUtgExs4gGd567F29kGvBNbTgqG9xWJUKj
RhTRS9X8JMFXDgpFL9EAepsaEoK3cvqWFGSPPBdVECigEPBakXh/lzrZnALQEIK6
t+gixCU/7mW4gOPvdedHRSqulzNkNAAHmYxx3ZlUCUNjaikyc5OO9KIYQANioABm
UaFEB3vXHpauUwV1N7gLGUjOwSGlC2IS6NlFl/RzhNJRdZbmW1Dqjk4V8xqHrbGN
aoLCCNAXBEepc9xgfNAzMJl+Vo4yKdsUcmnaoPXroY0fyhD/qwZ8+erq8MXTYKzN
O7AckcQ=
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:21 2024 by rpki-client on console-ams.rpki-client.org