Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/SZmsUrvjAyHukR1y56iH7OqHZ44.roa
File: SZmsUrvjAyHukR1y56iH7OqHZ44.roa (raw, json)
Hash identifier: T9cI11qGgfCH/8K+bGqzhoxHOiq+7xqoqVHTDvgWTLw=
Subject key identifier: 49:99:AC:52:BB:E3:03:21:EE:91:1D:72:E7:A8:87:EC:EA:87:67:8E
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018BD42FB19E346CCE033FD4E450560EF6CC
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/SZmsUrvjAyHukR1y56iH7OqHZ44.roa
Signing time: Wed 15 Nov 2023 18:12:57 +0000
ROA not before: Wed 15 Nov 2023 18:12:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199868
IP address blocks: 185.103.102.0/24 maxlen: 24
185.103.103.0/24 maxlen: 24
193.233.164.0/24 maxlen: 24
193.233.80.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d4:2f:b1:9e:34:6c:ce:03:3f:d4:e4:50:56:0e:f6:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Nov 15 18:12:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4999ac52bbe30321ee911d72e7a887ecea87678e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d2:f9:28:15:73:09:c9:39:f0:dd:ef:fb:ba:
25:b0:1a:1d:c1:16:9d:3a:6d:28:ac:ba:9f:04:66:
de:2b:3f:99:7d:7f:e9:19:b0:50:df:8e:89:54:f9:
b5:d3:4d:14:1d:b2:c3:58:7b:c2:e4:3e:d7:3f:ab:
96:31:9e:2d:dd:1e:6c:e5:d0:98:0c:d7:92:01:80:
ed:23:ea:1e:bc:ff:78:bd:0d:f5:5f:b8:a8:0c:af:
27:fe:b1:19:0f:95:59:28:66:2c:c4:25:3a:25:ec:
6f:b9:51:66:f0:8d:39:01:a6:ca:7d:e7:1b:1b:8c:
17:c0:77:f0:9e:c6:d8:c7:5e:20:6a:12:26:fa:d5:
0e:05:32:bb:8f:33:59:7e:63:14:42:f6:a2:c6:15:
dd:3c:02:c6:48:e3:66:28:de:7a:02:35:e8:4d:b9:
ca:bd:e4:3f:11:ae:0e:d4:e8:8a:e4:e6:23:2b:da:
3a:ac:f9:76:9e:af:bc:b8:8d:c3:e0:b8:80:4e:04:
20:6c:26:df:12:dd:61:80:ce:da:75:c7:e7:ef:6c:
bf:de:be:ed:9c:92:41:93:4d:3d:90:6e:25:6a:c4:
58:a5:4e:ef:77:6b:d9:cf:8d:86:de:5a:c0:19:a9:
60:60:6a:10:40:bb:98:88:c0:76:2a:83:b6:7b:62:
4b:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:99:AC:52:BB:E3:03:21:EE:91:1D:72:E7:A8:87:EC:EA:87:67:8E
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/SZmsUrvjAyHukR1y56iH7OqHZ44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.103.102.0/23
193.233.80.0/24
193.233.164.0/24
Signature Algorithm: sha256WithRSAEncryption
40:3f:b9:03:64:7d:24:b1:93:f5:af:44:5b:38:fd:4d:6e:2d:
89:a7:b7:b6:14:31:f5:cf:e7:f8:2f:44:00:b0:f9:3f:dd:81:
98:ac:98:e3:08:d3:d0:3f:04:28:04:e9:ef:93:db:dd:10:f1:
44:30:22:a6:9a:dc:ca:e1:4d:3d:86:6a:ca:8d:8d:54:60:d6:
b1:62:86:ac:71:96:38:21:36:f8:bc:6e:08:08:aa:1c:b8:46:
62:f2:4d:fa:e7:f1:ab:06:3b:fc:cb:e7:79:35:a8:81:ae:cc:
1a:ad:b1:9e:81:67:27:27:aa:59:a0:05:0e:e6:14:dd:84:fc:
e3:34:86:55:8b:55:4c:cb:3e:b3:24:a5:42:18:c2:fa:22:cd:
7d:43:21:dd:9c:a3:49:31:1b:a0:4a:c7:bc:83:4e:0c:08:f6:
61:ce:6e:32:5e:d2:b5:20:01:d5:68:8d:5e:b7:45:43:54:0e:
c5:c8:ab:b2:a6:ee:b9:4a:d2:26:21:28:0f:36:20:ec:5d:97:
67:a9:d7:ec:7e:78:cc:84:2a:18:36:b5:fb:cd:38:8a:07:66:
2a:20:46:32:66:5f:82:b1:38:0a:ed:e3:7c:5f:c0:30:a1:12:
70:c5:a6:9a:f1:bc:c9:9b:1c:0b:74:70:9d:13:d1:e9:04:f8:
7f:02:5a:78
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYvUL7GeNGzOAz/U5FBWDvbMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMxMTE1MTgxMjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTk5YWM1MmJiZTMwMzIxZWU5MTFkNzJlN2E4ODdlY2VhODc2NzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9L5KBVzCck58N3v+7olsBodwRad
Om0orLqfBGbeKz+ZfX/pGbBQ346JVPm1000UHbLDWHvC5D7XP6uWMZ4t3R5s5dCY
DNeSAYDtI+oevP94vQ31X7ioDK8n/rEZD5VZKGYsxCU6JexvuVFm8I05AabKfecb
G4wXwHfwnsbYx14gahIm+tUOBTK7jzNZfmMUQvaixhXdPALGSONmKN56AjXoTbnK
veQ/Ea4O1OiK5OYjK9o6rPl2nq+8uI3D4LiATgQgbCbfEt1hgM7adcfn72y/3r7t
nJJBk009kG4lasRYpU7vd2vZz42G3lrAGalgYGoQQLuYiMB2KoO2e2JLtQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEmZrFK74wMh7pEdcueoh+zqh2eOMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvU1ptc1VydmpBeUh1a1IxeTU2aUg3T3FIWjQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBuWdmAwQA
welQAwQAwemkMA0GCSqGSIb3DQEBCwUAA4IBAQBAP7kDZH0ksZP1r0RbOP1Nbi2J
p7e2FDH1z+f4L0QAsPk/3YGYrJjjCNPQPwQoBOnvk9vdEPFEMCKmmtzK4U09hmrK
jY1UYNaxYoascZY4ITb4vG4ICKocuEZi8k365/GrBjv8y+d5NaiBrswarbGegWcn
J6pZoAUO5hTdhPzjNIZVi1VMyz6zJKVCGML6Is19QyHdnKNJMRugSse8g04MCPZh
zm4yXtK1IAHVaI1et0VDVA7FyKuypu65StImISgPNiDsXZdnqdfsfnjMhCoYNrX7
zTiKB2YqIEYyZl+CsTgK7eN8X8AwoRJwxaaa8bzJmxwLdHCdE9HpBPh/Alp4
-----END CERTIFICATE-----
Generated at Thu Nov 16 10:15:24 2023 by rpki-client on console-ams.rpki-client.org