Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/TeLXk7ur3twx-BslWCsOYLimGmg.roa
File: TeLXk7ur3twx-BslWCsOYLimGmg.roa (raw, json)
Hash identifier: p9r1eygRyz1wppHxgxZzOGbjRl9qUR6/H73wUrqddO0=
Subject key identifier: 4D:E2:D7:93:BB:AB:DE:DC:31:F8:1B:25:58:2B:0E:60:B8:A6:1A:68
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018DD0666701544BCB04826101E68B61918B
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/TeLXk7ur3twx-BslWCsOYLimGmg.roa
Signing time: Thu 22 Feb 2024 10:39:48 +0000
ROA not before: Thu 22 Feb 2024 10:39:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207713
IP address blocks: 147.45.48.0/24 maxlen: 24
193.233.18.0/24 maxlen: 24
193.233.48.0/24 maxlen: 24
193.233.49.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jul 2024 12:34:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d0:66:67:01:54:4b:cb:04:82:61:01:e6:8b:61:91:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Feb 22 10:39:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4de2d793bbabdedc31f81b25582b0e60b8a61a68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:62:4d:92:02:08:13:3c:2d:37:fb:b1:ff:2a:
bd:86:45:a8:f5:1f:a7:45:f2:74:e8:48:d3:c0:b3:
22:e0:80:4d:bc:ee:95:0a:1f:f5:f2:62:6e:54:4b:
ea:34:c5:0c:81:65:c3:af:a9:e7:d6:6a:9f:a4:6a:
bc:f0:db:2a:0c:4a:90:22:ef:d9:3e:7c:a3:a9:63:
25:bc:a6:c3:ed:7a:91:52:90:2b:38:f0:4b:6a:72:
66:80:4a:a4:00:8b:f4:a1:bc:f2:ea:50:3a:cb:e1:
99:92:0a:47:9b:f1:e2:5a:15:65:75:b4:c1:97:d8:
b0:c6:e5:ae:98:bf:0b:de:66:cb:46:ae:e8:ef:b4:
8f:85:70:53:66:bd:3a:ea:a9:2f:38:78:36:b4:e4:
82:c8:62:b3:5e:12:b5:13:39:9b:fb:ac:59:1f:8c:
7b:e8:bb:cc:5f:58:c8:79:51:e9:d0:db:60:eb:2a:
7f:cb:c0:bb:06:07:7f:86:0a:aa:42:4e:8f:d2:87:
ac:c7:9f:8d:04:d2:c3:55:ee:d7:6f:77:b6:23:79:
0e:fc:e8:7b:8f:2f:b3:e1:dd:7c:25:02:a3:c3:63:
2e:f2:ca:c5:08:66:4a:87:a6:cb:99:b1:31:b5:23:
4e:6b:e6:f9:57:52:1e:6f:56:b6:1f:96:7c:ac:2a:
f7:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:E2:D7:93:BB:AB:DE:DC:31:F8:1B:25:58:2B:0E:60:B8:A6:1A:68
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/TeLXk7ur3twx-BslWCsOYLimGmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.48.0/24
193.233.18.0/24
193.233.48.0/23
Signature Algorithm: sha256WithRSAEncryption
07:bc:85:7e:ec:fa:fb:52:9c:28:4a:7d:f3:6c:c2:b2:48:68:
76:06:e4:a5:15:78:55:6a:17:f7:04:26:8a:02:44:26:8a:80:
53:6a:da:7d:d0:24:ad:be:89:aa:f7:bb:b3:82:2f:f6:31:2c:
19:ab:43:04:61:00:b3:d0:c2:18:e2:25:c2:1e:96:4a:7c:4d:
61:de:f0:d7:8e:11:23:7f:a6:cb:b6:3b:57:3b:ac:b0:bb:46:
cc:35:f8:50:25:a7:a4:4f:6d:a9:6c:cf:d0:46:ac:f1:a2:48:
50:1f:c3:46:1c:e8:70:69:74:08:9b:09:1f:52:34:06:e3:9b:
c3:d4:b6:55:f3:24:2e:ff:a7:3c:2a:af:a0:f8:61:df:77:45:
73:a1:2a:7b:71:8f:fd:f6:d3:83:d8:16:f4:d2:ca:01:e6:8d:
0b:2d:6d:87:78:da:54:9c:65:5e:a1:95:c0:55:8e:7c:00:8f:
fa:07:28:2e:3f:19:9d:86:0c:41:15:ca:43:01:b0:df:ab:aa:
ee:4e:f3:b6:de:b9:c8:09:a7:3a:e2:5b:4b:2f:1f:e6:ae:3b:
a6:dc:e8:88:43:6b:4f:4b:fc:b9:03:4a:30:3e:ed:5e:ab:20:
40:52:23:35:89:e9:f6:a9:8b:9c:2f:d4:94:20:55:90:9b:6c:
b1:7e:9f:1a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY3QZmcBVEvLBIJhAeaLYZGLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMjIyMTAzOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGUyZDc5M2JiYWJkZWRjMzFmODFiMjU1ODJiMGU2MGI4YTYxYTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmJNkgIIEzwtN/ux/yq9hkWo9R+n
RfJ06EjTwLMi4IBNvO6VCh/18mJuVEvqNMUMgWXDr6nn1mqfpGq88NsqDEqQIu/Z
PnyjqWMlvKbD7XqRUpArOPBLanJmgEqkAIv0obzy6lA6y+GZkgpHm/HiWhVldbTB
l9iwxuWumL8L3mbLRq7o77SPhXBTZr066qkvOHg2tOSCyGKzXhK1Ezmb+6xZH4x7
6LvMX1jIeVHp0Ntg6yp/y8C7Bgd/hgqqQk6P0oesx5+NBNLDVe7Xb3e2I3kO/Oh7
jy+z4d18JQKjw2Mu8srFCGZKh6bLmbExtSNOa+b5V1Ieb1a2H5Z8rCr3uwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE3i15O7q97cMfgbJVgrDmC4phpoMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvVGVMWGs3dXIzdHd4LUJzbFdDc09ZTGltR21nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAky0wAwQA
wekSAwQBwekwMA0GCSqGSIb3DQEBCwUAA4IBAQAHvIV+7Pr7UpwoSn3zbMKySGh2
BuSlFXhVahf3BCaKAkQmioBTatp90CStvomq97uzgi/2MSwZq0MEYQCz0MIY4iXC
HpZKfE1h3vDXjhEjf6bLtjtXO6ywu0bMNfhQJaekT22pbM/QRqzxokhQH8NGHOhw
aXQImwkfUjQG45vD1LZV8yQu/6c8Kq+g+GHfd0VzoSp7cY/99tOD2Bb00soB5o0L
LW2HeNpUnGVeoZXAVY58AI/6ByguPxmdhgxBFcpDAbDfq6ruTvO23rnICac64ltL
Lx/mrjum3OiIQ2tPS/y5A0owPu1eqyBAUiM1ien2qYucL9SUIFWQm2yxfp8a
-----END CERTIFICATE-----
Generated at Thu Jul 11 14:48:01 2024 by rpki-client on console-fra.rpki-client.org