Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/SnGIHRcW0VwqsTZPrZgEhyATNF8.roa
File: SnGIHRcW0VwqsTZPrZgEhyATNF8.roa (raw, json)
Hash identifier: xq1Mo/tk8atKY2xbd7Z8bbeO64KnOWtYx1kxxqXO30Y=
Subject key identifier: 4A:71:88:1D:17:16:D1:5C:2A:B1:36:4F:AD:98:04:87:20:13:34:5F
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 01856F26EB9F4664ECBDF6A3530936CD258B
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/SnGIHRcW0VwqsTZPrZgEhyATNF8.roa
Signing time: Sun 01 Jan 2023 21:04:59 +0000
ROA not before: Sun 01 Jan 2023 21:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202423
IP address blocks: 193.233.30.0/24 maxlen: 24
193.233.31.0/24 maxlen: 24
193.233.149.0/24 maxlen: 24
193.233.174.0/24 maxlen: 24
193.233.72.0/24 maxlen: 24
193.233.75.0/24 maxlen: 24
193.233.74.0/24 maxlen: 24
193.233.78.0/24 maxlen: 24
193.233.80.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:eb:9f:46:64:ec:bd:f6:a3:53:09:36:cd:25:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 21:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a71881d1716d15c2ab1364fad9804872013345f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:da:bb:09:5e:45:74:93:73:58:72:cc:d0:44:
e8:95:f9:46:c9:7b:6f:71:e6:78:27:e6:97:9c:c4:
fa:26:44:b1:21:63:b7:e9:31:c6:11:74:b0:4e:5f:
e3:8e:cf:28:dd:6c:58:dd:f8:f8:99:43:d6:9f:87:
83:63:73:db:bf:cf:82:7a:31:91:7f:4b:cc:a2:d3:
7f:11:fe:b6:3d:a7:62:69:97:11:c9:62:23:e8:d6:
cf:a1:33:c9:77:94:48:51:82:7c:23:57:8a:99:37:
4e:4d:07:5b:09:10:f9:6c:ab:c5:ea:15:38:26:c0:
33:a7:0d:e6:98:18:93:f6:e8:b0:11:1d:b2:93:c2:
3c:81:8b:63:2e:05:10:81:25:84:96:f4:4f:57:7f:
98:46:de:02:20:2a:d6:3d:7a:7b:ee:9a:ef:e0:95:
fa:af:f8:3f:41:e7:8e:42:f1:f3:f8:3a:ad:da:3b:
bc:b3:49:07:6a:3f:30:25:0f:b2:38:32:9a:a5:03:
49:87:c8:15:2d:3d:0e:6e:26:c1:d4:2f:39:e0:28:
a4:3f:e0:ed:27:0f:af:38:d2:70:ee:15:81:79:cc:
1c:95:c5:4a:c3:d7:24:0b:c3:5b:d4:d3:e5:c2:1c:
65:a6:81:68:52:c8:86:92:ef:80:6f:6d:5b:9c:c3:
88:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:71:88:1D:17:16:D1:5C:2A:B1:36:4F:AD:98:04:87:20:13:34:5F
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/SnGIHRcW0VwqsTZPrZgEhyATNF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.30.0/23
193.233.72.0/24
193.233.74.0/23
193.233.78.0/24
193.233.80.0/24
193.233.149.0/24
193.233.174.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:2a:9d:c0:30:f8:ff:54:15:44:c2:97:f4:99:56:35:23:1c:
7f:86:47:b2:21:6c:ab:f9:43:91:09:b0:9d:fb:7c:60:c7:15:
64:80:4d:71:55:49:88:b6:9a:bb:c7:d0:5c:75:e3:5f:34:f1:
f6:59:fa:a6:8a:37:5f:af:d2:04:6f:ce:df:2d:7e:7c:3a:09:
00:c2:99:a5:9f:52:8b:94:34:46:c1:3e:f1:cf:7e:e2:53:33:
af:7b:8b:9e:0d:8d:f7:35:51:5d:29:ee:5a:38:62:32:16:eb:
c3:89:08:27:ce:58:44:b3:91:30:e3:e5:bb:b4:af:2d:0c:e1:
8d:32:b2:19:47:c9:fd:86:8e:42:bd:a9:7a:29:92:6d:dd:b3:
64:43:c0:5e:28:3c:df:90:a5:e5:07:b1:4a:6a:79:14:5f:05:
51:a3:33:0d:89:6a:66:67:c7:ae:af:b2:cc:72:71:8e:04:61:
7d:17:4d:be:62:27:bc:ed:7b:3a:91:b0:0a:d2:c0:e1:32:e3:
ba:d6:bf:30:05:65:23:8f:81:63:9e:81:51:53:ed:b2:30:52:
ad:38:66:d2:a6:02:d4:8c:01:fc:9e:b8:2e:5e:1d:6e:95:4b:
44:c3:2b:e0:f4:5f:0a:95:7a:25:3e:51:c0:0b:40:4f:74:33:
89:40:28:57
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVvJuufRmTsvfajUwk2zSWLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwMTAxMjEwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTcxODgxZDE3MTZkMTVjMmFiMTM2NGZhZDk4MDQ4NzIwMTMzNDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNq7CV5FdJNzWHLM0ETolflGyXtv
ceZ4J+aXnMT6JkSxIWO36THGEXSwTl/jjs8o3WxY3fj4mUPWn4eDY3Pbv8+CejGR
f0vMotN/Ef62PadiaZcRyWIj6NbPoTPJd5RIUYJ8I1eKmTdOTQdbCRD5bKvF6hU4
JsAzpw3mmBiT9uiwER2yk8I8gYtjLgUQgSWElvRPV3+YRt4CICrWPXp77prv4JX6
r/g/QeeOQvHz+Dqt2ju8s0kHaj8wJQ+yODKapQNJh8gVLT0ObibB1C854CikP+Dt
Jw+vONJw7hWBecwclcVKw9ckC8Nb1NPlwhxlpoFoUsiGku+Ab21bnMOIwwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFEpxiB0XFtFcKrE2T62YBIcgEzRfMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvU25HSUhSY1cwVndxc1RaUHJaZ0VoeUFUTkY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBwekeAwQA
welIAwQBwelKAwQAwelOAwQAwelQAwQAwemVAwQAwemuMA0GCSqGSIb3DQEBCwUA
A4IBAQB8Kp3AMPj/VBVEwpf0mVY1Ixx/hkeyIWyr+UORCbCd+3xgxxVkgE1xVUmI
tpq7x9BcdeNfNPH2Wfqmijdfr9IEb87fLX58OgkAwpmln1KLlDRGwT7xz37iUzOv
e4ueDY33NVFdKe5aOGIyFuvDiQgnzlhEs5Ew4+W7tK8tDOGNMrIZR8n9ho5Cval6
KZJt3bNkQ8BeKDzfkKXlB7FKankUXwVRozMNiWpmZ8eur7LMcnGOBGF9F02+Yie8
7Xs6kbAK0sDhMuO61r8wBWUjj4FjnoFRU+2yMFKtOGbSpgLUjAH8nrguXh1ulUtE
wyvg9F8KlXolPlHAC0BPdDOJQChX
-----END CERTIFICATE-----
Generated at Fri Sep 1 19:31:08 2023 by rpki-client on console-fra.rpki-client.org