Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Q35AnqJFDxoZcjRxK8cxyRNH-f4.roa
File: Q35AnqJFDxoZcjRxK8cxyRNH-f4.roa (raw, json)
Hash identifier: 3Zw3X++SEuzXo0uiplGVcdcDq4ifi32PPttqFk6Me50=
Subject key identifier: 43:7E:40:9E:A2:45:0F:1A:19:72:34:71:2B:C7:31:C9:13:47:F9:FE
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018CC7952FA0CEA8B9964FF0C979D1D24343
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Q35AnqJFDxoZcjRxK8cxyRNH-f4.roa
Signing time: Tue 02 Jan 2024 00:31:32 +0000
ROA not before: Tue 02 Jan 2024 00:31:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201842
IP address blocks: 193.233.79.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 10 Feb 2024 19:04:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:2f:a0:ce:a8:b9:96:4f:f0:c9:79:d1:d2:43:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 2 00:31:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=437e409ea2450f1a197234712bc731c91347f9fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:93:00:10:9a:d9:49:16:09:8e:b9:fd:86:f2:
8d:60:c9:75:e8:fb:b8:fe:5a:f4:be:59:08:3c:5b:
3f:79:66:2e:b0:3b:dc:6c:60:7c:5d:18:4b:ac:67:
52:c6:d7:47:e1:ac:33:7d:13:45:d8:44:43:0a:a8:
c5:f7:d6:6a:09:26:8b:29:83:3c:85:09:12:c9:89:
58:a4:cf:fc:64:00:b9:5b:11:3c:38:b4:3d:cf:b3:
b1:90:43:ab:d8:d4:c6:73:ca:31:05:dc:88:68:53:
72:55:e9:4f:1b:a6:b7:b9:2c:5e:85:c9:1a:3f:d7:
1d:5d:47:cd:02:1e:80:cf:8f:26:0b:d5:b8:a5:64:
c3:cc:c3:ae:23:52:e2:c5:b2:19:db:e0:15:b5:49:
e8:2c:d3:15:a4:80:0e:88:9d:c1:2b:d3:c6:98:de:
fb:88:15:a8:c5:36:26:54:a3:e1:c4:21:6f:a4:f8:
47:9c:ba:0e:2a:a6:69:21:a7:07:6b:e0:b5:19:d0:
33:07:f6:ae:49:b2:34:44:2e:15:09:27:6c:49:d7:
ef:b1:ca:9e:81:17:17:e8:9d:f4:fb:ea:a2:75:30:
bf:29:12:60:57:84:0b:86:1b:82:7d:60:a3:32:9f:
5d:d4:72:df:80:aa:ad:a8:c8:a9:73:14:18:b8:e0:
4c:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:7E:40:9E:A2:45:0F:1A:19:72:34:71:2B:C7:31:C9:13:47:F9:FE
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Q35AnqJFDxoZcjRxK8cxyRNH-f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.79.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:57:62:9d:15:88:fc:bf:ee:27:72:f1:1b:8e:a3:6c:36:da:
8d:4b:7a:57:0b:dd:9b:03:da:5e:da:6e:0a:53:c0:fe:4f:a4:
29:56:72:d5:61:e1:b8:5e:28:df:9e:59:91:89:f1:07:2f:63:
28:16:56:16:ac:f1:64:37:1c:3f:e4:c9:e6:9f:52:6a:1f:71:
6d:55:f4:3c:f5:5a:51:b6:19:b3:0a:bf:8e:5f:4a:5a:ce:81:
dc:69:82:2a:63:48:f0:20:aa:f2:57:ad:35:8e:30:be:5e:7a:
e9:cf:94:0b:bc:fc:04:b4:f2:10:5d:81:25:fc:37:98:59:d5:
9a:48:9e:6c:25:43:d1:be:49:9c:be:2d:f6:8d:63:80:35:1e:
63:44:74:f8:e3:98:95:05:fb:92:14:5e:a1:e2:ca:ae:59:6f:
e2:05:3d:ca:46:e7:d6:a5:61:fe:7d:fd:13:27:0f:73:fd:be:
ae:eb:23:5a:57:f3:cc:8b:2b:76:fa:db:00:02:5f:66:b8:45:
d1:ea:88:ad:06:25:e3:f3:44:c0:13:85:71:23:17:cb:56:06:
21:76:da:fa:6e:09:d1:f8:9a:22:72:7b:02:a5:6e:c3:78:dc:
27:2e:f6:0e:2d:40:9c:c9:63:32:27:f2:a4:72:ba:e3:97:78:
87:c7:2f:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlS+gzqi5lk/wyXnR0kNDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMTAyMDAzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzdlNDA5ZWEyNDUwZjFhMTk3MjM0NzEyYmM3MzFjOTEzNDdmOWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5MAEJrZSRYJjrn9hvKNYMl16Pu4
/lr0vlkIPFs/eWYusDvcbGB8XRhLrGdSxtdH4awzfRNF2ERDCqjF99ZqCSaLKYM8
hQkSyYlYpM/8ZAC5WxE8OLQ9z7OxkEOr2NTGc8oxBdyIaFNyVelPG6a3uSxehcka
P9cdXUfNAh6Az48mC9W4pWTDzMOuI1LixbIZ2+AVtUnoLNMVpIAOiJ3BK9PGmN77
iBWoxTYmVKPhxCFvpPhHnLoOKqZpIacHa+C1GdAzB/auSbI0RC4VCSdsSdfvscqe
gRcX6J30++qidTC/KRJgV4QLhhuCfWCjMp9d1HLfgKqtqMipcxQYuOBMmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEN+QJ6iRQ8aGXI0cSvHMckTR/n+MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvUTM1QW5xSkZEeG9aY2pSeEs4Y3h5Uk5ILWY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwelPMA0G
CSqGSIb3DQEBCwUAA4IBAQBvV2KdFYj8v+4ncvEbjqNsNtqNS3pXC92bA9pe2m4K
U8D+T6QpVnLVYeG4XijfnlmRifEHL2MoFlYWrPFkNxw/5Mnmn1JqH3FtVfQ89VpR
thmzCr+OX0pazoHcaYIqY0jwIKryV601jjC+Xnrpz5QLvPwEtPIQXYEl/DeYWdWa
SJ5sJUPRvkmcvi32jWOANR5jRHT445iVBfuSFF6h4squWW/iBT3KRufWpWH+ff0T
Jw9z/b6u6yNaV/PMiyt2+tsAAl9muEXR6oitBiXj80TAE4VxIxfLVgYhdtr6bgnR
+JoicnsCpW7DeNwnLvYOLUCcyWMyJ/Kkcrrjl3iHxy/t
-----END CERTIFICATE-----
Generated at Sat Feb 10 20:21:28 2024 by rpki-client on console-ams.rpki-client.org