Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/RUcTISSReDxF9IGOlQ4uVQ0eV6g.roa
File: RUcTISSReDxF9IGOlQ4uVQ0eV6g.roa (raw, json)
Hash identifier: bcH+CcDNj7rMa2LMJrRGDyBs+RCDtwfo1ogHdjDpogI=
Subject key identifier: 45:47:13:21:24:91:78:3C:45:F4:81:8E:95:0E:2E:55:0D:1E:57:A8
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018A5FBFDF3CA91FABABC5FE53FBFF0FB960
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/RUcTISSReDxF9IGOlQ4uVQ0eV6g.roa
Signing time: Mon 04 Sep 2023 10:32:04 +0000
ROA not before: Mon 04 Sep 2023 10:32:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8342
IP address blocks: 193.233.170.0/24 maxlen: 24
193.233.60.0/24 maxlen: 24
193.233.62.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5f:bf:df:3c:a9:1f:ab:ab:c5:fe:53:fb:ff:0f:b9:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Sep 4 10:32:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=454713212491783c45f4818e950e2e550d1e57a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:4e:47:15:07:db:26:50:4b:c6:e6:96:fb:ad:
9e:eb:9a:c2:db:f9:e4:6e:ad:8b:11:74:a4:7b:48:
1e:a6:9f:e5:0e:92:ce:04:8a:29:68:3e:82:77:6f:
c8:ad:de:56:ec:f2:41:91:4d:db:65:9e:06:c0:a0:
97:87:91:1c:54:71:33:af:49:06:3e:6c:25:7d:6c:
f2:e5:50:c5:48:ac:0a:46:49:5f:06:d8:70:22:a3:
4e:81:85:b1:a9:69:ff:83:b4:ee:7c:e2:9f:6d:77:
cd:34:aa:a5:f7:80:07:6e:b1:f3:02:b1:e8:9c:42:
2d:e0:8b:bd:3a:94:ec:f0:c3:53:20:90:9b:cc:52:
8c:82:4b:b2:c9:c2:79:36:b5:55:1f:bb:80:c9:3f:
d0:c7:10:ab:d9:4d:53:f0:b3:fc:41:c5:d9:01:41:
db:27:b6:ee:03:95:c0:9a:49:09:86:d0:39:09:09:
91:25:16:b8:d0:a5:14:36:6b:85:f0:bb:41:c9:c6:
db:3f:20:20:1d:d6:5d:05:42:a8:48:01:59:22:58:
5e:52:c7:fe:46:f5:05:4a:85:99:3d:e9:7e:b6:35:
a1:74:18:8d:54:00:fe:83:d9:45:9e:08:84:6c:6f:
76:f2:ba:b7:fa:9f:61:6b:df:a5:3b:55:c5:52:17:
59:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:47:13:21:24:91:78:3C:45:F4:81:8E:95:0E:2E:55:0D:1E:57:A8
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/RUcTISSReDxF9IGOlQ4uVQ0eV6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.60.0/24
193.233.62.0/24
193.233.170.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:c6:93:85:45:f2:bd:3a:d0:d2:ec:d2:a5:a5:30:33:80:a5:
34:3d:77:7d:c8:8a:ec:fc:97:05:2b:d9:a6:f1:eb:b0:56:5b:
db:5e:cd:64:21:59:7d:6a:01:4b:1d:a1:70:a4:36:59:6e:7a:
9e:a1:e6:c2:e2:fd:4d:7d:b1:6e:a0:04:d8:40:4c:49:d4:11:
26:d4:a3:6c:d6:a5:e6:a2:e0:c1:a6:6d:51:6d:f7:c8:b3:84:
bf:a6:91:e9:0b:24:4d:58:11:c3:05:24:9e:1c:6c:6e:f8:be:
7c:14:a4:bf:e9:62:28:13:3d:8e:76:a9:80:3a:47:0d:bc:a7:
30:d1:ee:2d:5d:d4:10:3c:61:95:48:7f:8d:00:6d:fa:66:be:
d4:b0:25:08:6c:ec:75:ea:c6:c2:4f:cb:6b:6d:5e:15:ed:04:
5a:42:27:e9:57:85:48:62:f0:d8:fc:e0:6d:1d:4f:b0:74:e0:
48:a9:d3:d2:cd:13:61:b9:5a:47:1f:e1:d5:52:59:4b:0d:2b:
4b:d4:17:00:db:3b:94:79:c6:58:d4:ac:95:ee:e3:e8:8f:ee:
6d:56:37:2b:c5:0e:43:04:dc:86:62:8b:7c:6c:c5:e0:64:09:
b8:fc:e0:c6:b1:2e:9d:c6:50:63:8a:fb:63:3f:f7:74:06:cd:
0b:d3:b3:74
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYpfv988qR+rq8X+U/v/D7lgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwOTA0MTAzMjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTQ3MTMyMTI0OTE3ODNjNDVmNDgxOGU5NTBlMmU1NTBkMWU1N2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApU5HFQfbJlBLxuaW+62e65rC2/nk
bq2LEXSke0gepp/lDpLOBIopaD6Cd2/Ird5W7PJBkU3bZZ4GwKCXh5EcVHEzr0kG
PmwlfWzy5VDFSKwKRklfBthwIqNOgYWxqWn/g7TufOKfbXfNNKql94AHbrHzArHo
nEIt4Iu9OpTs8MNTIJCbzFKMgkuyycJ5NrVVH7uAyT/QxxCr2U1T8LP8QcXZAUHb
J7buA5XAmkkJhtA5CQmRJRa40KUUNmuF8LtBycbbPyAgHdZdBUKoSAFZIlheUsf+
RvUFSoWZPel+tjWhdBiNVAD+g9lFngiEbG928rq3+p9ha9+lO1XFUhdZTwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEVHEyEkkXg8RfSBjpUOLlUNHleoMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvUlVjVElTU1JlRHhGOUlHT2xRNHVWUTBlVjZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwek8AwQA
wek+AwQAwemqMA0GCSqGSIb3DQEBCwUAA4IBAQCdxpOFRfK9OtDS7NKlpTAzgKU0
PXd9yIrs/JcFK9mm8euwVlvbXs1kIVl9agFLHaFwpDZZbnqeoebC4v1NfbFuoATY
QExJ1BEm1KNs1qXmouDBpm1RbffIs4S/ppHpCyRNWBHDBSSeHGxu+L58FKS/6WIo
Ez2OdqmAOkcNvKcw0e4tXdQQPGGVSH+NAG36Zr7UsCUIbOx16sbCT8trbV4V7QRa
QifpV4VIYvDY/OBtHU+wdOBIqdPSzRNhuVpHH+HVUllLDStL1BcA2zuUecZY1KyV
7uPoj+5tVjcrxQ5DBNyGYot8bMXgZAm4/ODGsS6dxlBjivtjP/d0Bs0L07N0
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:21 2024 by rpki-client on console-ams.rpki-client.org