Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Rg2Oum5fhQG1lp0OlkdX7CuWm7A.roa
File: Rg2Oum5fhQG1lp0OlkdX7CuWm7A.roa (raw, json)
Hash identifier: ZZrp5OI/Rt5KeB7RaPH0Dm/+ZvMBG971kZw5WQ7R1C0=
Subject key identifier: 46:0D:8E:BA:6E:5F:85:01:B5:96:9D:0E:96:47:57:EC:2B:96:9B:B0
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 01856F26E383CDBC10A55178F03B29ED6494
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Rg2Oum5fhQG1lp0OlkdX7CuWm7A.roa
Signing time: Sun 01 Jan 2023 21:04:57 +0000
ROA not before: Sun 01 Jan 2023 21:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 45027
IP address blocks: 193.233.62.0/24 maxlen: 24
193.233.170.0/24 maxlen: 24
193.233.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:e3:83:cd:bc:10:a5:51:78:f0:3b:29:ed:64:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 21:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=460d8eba6e5f8501b5969d0e964757ec2b969bb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a6:54:d1:0e:79:ec:03:60:b6:c7:03:cc:5e:
63:35:3a:95:cf:58:29:61:e7:e5:8a:c9:85:81:90:
c8:77:0c:5d:58:ca:14:77:10:6e:98:a7:14:22:20:
1a:39:63:6a:b3:d1:c9:d3:83:fb:fe:70:87:96:38:
7f:16:8f:75:47:7c:23:fa:4e:da:bf:c1:55:18:0e:
9c:d6:b3:2f:d6:82:d0:b8:4e:0d:da:b2:ce:3b:fb:
d3:0a:32:17:74:2b:32:e8:68:32:52:db:cc:24:28:
01:d8:80:09:28:1a:21:cb:13:4a:83:b4:ef:01:74:
ff:a6:60:f8:45:f9:25:bf:2e:e0:73:cf:f3:3d:44:
e8:ca:13:5e:a7:9b:fe:bf:34:cb:8a:19:e3:5c:00:
dd:dc:f7:0e:e4:4d:99:6d:b0:29:4a:9c:db:ea:7a:
b9:72:c2:cc:ab:e1:19:65:09:67:8f:5d:e2:ba:ad:
7c:6d:de:f3:99:cf:ca:72:d1:99:98:59:76:35:50:
18:75:25:99:fd:12:cc:f7:33:fa:cc:c8:da:12:c1:
27:50:cd:52:ea:6a:90:d6:20:dd:c9:10:f1:84:e5:
73:2e:cb:11:99:10:1e:ea:8b:be:01:c4:08:a7:5a:
f7:f6:60:b2:d1:f7:1e:a2:d6:fd:f2:b9:6c:0c:10:
c1:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:0D:8E:BA:6E:5F:85:01:B5:96:9D:0E:96:47:57:EC:2B:96:9B:B0
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Rg2Oum5fhQG1lp0OlkdX7CuWm7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.60.0/24
193.233.62.0/24
193.233.170.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:ff:5b:e2:2a:15:da:d1:7c:0e:a9:e1:59:93:63:b2:1e:39:
f8:f8:0f:92:3d:c5:4a:f0:9c:e0:7d:55:f1:eb:dc:f2:fc:8a:
74:41:1f:b9:79:07:c2:6b:69:ef:71:06:a2:31:5e:57:3b:49:
c4:dc:fe:3d:af:26:0b:15:b7:68:19:4d:6a:02:1d:00:59:3a:
f4:8d:bd:3e:69:f8:79:e3:56:98:d9:af:03:9b:23:67:d3:a5:
ec:69:b1:b7:a5:1b:63:a1:4d:e5:04:bc:f3:8f:85:6e:f2:c7:
49:3d:01:4d:4c:e2:78:01:13:d7:bb:df:04:3e:b3:f6:3e:1b:
72:75:de:68:16:2c:e0:2a:c1:2f:6a:26:da:7e:e0:36:df:24:
28:2c:a4:b8:6b:09:31:6b:13:1f:50:c1:eb:a9:d5:c0:b9:0a:
17:0b:2b:56:64:28:64:82:ad:d0:41:71:26:34:1b:bc:2f:2c:
43:98:a9:ad:c0:8f:98:5a:db:80:ea:99:35:57:21:fe:6c:3d:
78:10:47:3e:09:42:c7:39:7d:6c:2d:ba:9c:c5:7b:4a:28:a0:
5f:14:1d:d7:ca:cd:6b:10:4b:51:9e:66:0a:1b:5b:da:24:7b:
31:d4:cb:df:ef:ba:14:62:7a:44:fa:0c:e5:89:69:27:f2:4c:
0d:00:57:7f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvJuODzbwQpVF48Dsp7WSUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwMTAxMjEwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjBkOGViYTZlNWY4NTAxYjU5NjlkMGU5NjQ3NTdlYzJiOTY5YmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6ZU0Q557ANgtscDzF5jNTqVz1gp
YeflismFgZDIdwxdWMoUdxBumKcUIiAaOWNqs9HJ04P7/nCHljh/Fo91R3wj+k7a
v8FVGA6c1rMv1oLQuE4N2rLOO/vTCjIXdCsy6GgyUtvMJCgB2IAJKBohyxNKg7Tv
AXT/pmD4Rfklvy7gc8/zPUToyhNep5v+vzTLihnjXADd3PcO5E2ZbbApSpzb6nq5
csLMq+EZZQlnj13iuq18bd7zmc/KctGZmFl2NVAYdSWZ/RLM9zP6zMjaEsEnUM1S
6mqQ1iDdyRDxhOVzLssRmRAe6ou+AcQIp1r39mCy0fceotb98rlsDBDBaQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEYNjrpuX4UBtZadDpZHV+wrlpuwMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvUmcyT3VtNWZoUUcxbHAwT2xrZFg3Q3VXbTdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwek8AwQA
wek+AwQAwemqMA0GCSqGSIb3DQEBCwUAA4IBAQA7/1viKhXa0XwOqeFZk2OyHjn4
+A+SPcVK8JzgfVXx69zy/Ip0QR+5eQfCa2nvcQaiMV5XO0nE3P49ryYLFbdoGU1q
Ah0AWTr0jb0+afh541aY2a8DmyNn06XsabG3pRtjoU3lBLzzj4Vu8sdJPQFNTOJ4
ARPXu98EPrP2Phtydd5oFizgKsEvaibafuA23yQoLKS4awkxaxMfUMHrqdXAuQoX
CytWZChkgq3QQXEmNBu8LyxDmKmtwI+YWtuA6pk1VyH+bD14EEc+CULHOX1sLbqc
xXtKKKBfFB3Xys1rEEtRnmYKG1vaJHsx1Mvf77oUYnpE+gzliWkn8kwNAFd/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:39 2024 by rpki-client on console-fra.rpki-client.org