Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Zl-0i3jZF4P0nYHo3c6jW2eg-L0.roa
File: Zl-0i3jZF4P0nYHo3c6jW2eg-L0.roa (raw, json)
Hash identifier: Q1j0+7l3pOHRtEUE8Ec2iTiu2J/9Un9urIMoQJ7VSaY=
Subject key identifier: 66:5F:B4:8B:78:D9:17:83:F4:9D:81:E8:DD:CE:A3:5B:67:A0:F8:BD
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 01876B286698BA78EF68A2F8574AF333E46A
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Zl-0i3jZF4P0nYHo3c6jW2eg-L0.roa
Signing time: Mon 10 Apr 2023 12:33:42 +0000
ROA not before: Mon 10 Apr 2023 12:33:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207967
IP address blocks: 193.233.124.0/23 maxlen: 23
193.233.126.0/23 maxlen: 23
193.233.112.0/22 maxlen: 22
193.233.108.0/22 maxlen: 22
193.233.116.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6b:28:66:98:ba:78:ef:68:a2:f8:57:4a:f3:33:e4:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Apr 10 12:33:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=665fb48b78d91783f49d81e8ddcea35b67a0f8bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:68:c6:c2:81:3c:8c:e0:9c:6a:22:95:2c:97:
9f:bf:22:99:37:af:e6:06:90:a9:8b:d0:c9:c6:13:
39:70:21:4e:a8:9f:42:0e:93:d2:47:4e:46:19:04:
82:02:1b:3a:48:70:51:0f:42:a0:7b:e9:19:43:d1:
ed:8e:3f:0c:bd:1d:81:a9:e6:b4:90:87:45:4b:61:
f7:a9:07:fe:c9:ee:96:6c:b4:7d:f1:6f:4d:48:e4:
f3:0a:91:8d:4d:ec:3d:29:46:fa:4a:96:77:4a:b3:
50:5b:43:c6:dc:d1:98:3e:ec:41:b5:2a:7d:0e:7b:
01:70:e6:df:89:f5:73:2b:66:1a:38:82:73:42:de:
a6:51:9c:47:92:2f:24:d6:ce:f4:cd:fa:64:3a:4c:
c5:70:c7:7f:2e:fc:a5:89:a7:83:60:bd:70:cf:73:
d6:67:08:e9:b9:56:a7:26:a4:c9:bb:88:d6:8f:d1:
68:55:28:17:20:2e:9a:35:b9:33:08:1b:11:f4:68:
65:12:e3:17:47:f4:c5:c4:40:47:d1:13:88:87:b7:
c3:a1:0a:e5:7c:c4:41:a1:1b:28:2d:e2:e4:2f:0e:
6c:3c:6a:e1:81:b1:ef:c8:db:fb:b7:86:d0:59:1e:
af:9b:a0:b1:43:58:69:e1:d7:6d:80:7d:50:ce:57:
4a:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:5F:B4:8B:78:D9:17:83:F4:9D:81:E8:DD:CE:A3:5B:67:A0:F8:BD
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Zl-0i3jZF4P0nYHo3c6jW2eg-L0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.108.0-193.233.119.255
193.233.124.0/22
Signature Algorithm: sha256WithRSAEncryption
31:01:a5:fa:8a:8e:9b:04:69:4c:31:f7:4e:83:b9:15:04:7f:
15:d4:6b:69:a3:70:8f:c9:36:39:9b:2e:9e:3b:11:d5:c8:cf:
f6:93:2d:e0:ff:1b:ed:19:ff:6b:93:ca:bc:c9:eb:ba:47:3c:
b2:ba:f8:65:3e:76:e7:f9:da:0a:60:a9:8b:d1:4a:92:14:fc:
4c:59:42:90:66:b0:a9:56:ab:98:91:6f:d1:a6:83:60:a3:4a:
69:88:9c:0b:7f:67:01:e8:00:f3:d5:ca:aa:18:d9:7c:a3:16:
6c:75:78:35:2e:ee:21:01:9b:24:d1:7f:d2:97:3b:b3:59:8b:
21:ae:48:ba:0e:b4:24:c3:c8:f8:82:ff:e5:99:2e:ee:38:8d:
47:55:8c:56:03:21:74:fd:83:76:8a:27:3f:33:4a:8e:a6:ce:
49:ce:f6:d0:51:6a:95:87:1c:15:99:ff:13:58:ce:43:d0:b9:
8f:ba:f4:5a:8d:49:93:c7:98:70:32:5a:9b:37:3d:4f:05:15:
24:f4:77:8a:6d:7e:75:4e:0a:a2:32:29:5d:8d:16:f6:80:ab:
f6:18:d2:a0:03:7f:86:10:e9:fd:c0:35:74:b9:fc:fe:1b:4d:
c2:f8:8c:f3:2f:e4:2d:c3:c9:97:77:a6:24:03:43:29:e7:cf:
e8:d1:37:cc
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYdrKGaYunjvaKL4V0rzM+RqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwNDEwMTIzMzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjVmYjQ4Yjc4ZDkxNzgzZjQ5ZDgxZThkZGNlYTM1YjY3YTBmOGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4WjGwoE8jOCcaiKVLJefvyKZN6/m
BpCpi9DJxhM5cCFOqJ9CDpPSR05GGQSCAhs6SHBRD0Kge+kZQ9Htjj8MvR2Bqea0
kIdFS2H3qQf+ye6WbLR98W9NSOTzCpGNTew9KUb6SpZ3SrNQW0PG3NGYPuxBtSp9
DnsBcObfifVzK2YaOIJzQt6mUZxHki8k1s70zfpkOkzFcMd/LvyliaeDYL1wz3PW
ZwjpuVanJqTJu4jWj9FoVSgXIC6aNbkzCBsR9GhlEuMXR/TFxEBH0ROIh7fDoQrl
fMRBoRsoLeLkLw5sPGrhgbHvyNv7t4bQWR6vm6CxQ1hp4ddtgH1QzldKoQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGZftIt42ReD9J2B6N3Oo1tnoPi9MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvWmwtMGkzalpGNFAwbllIbzNjNmpXMmVnLUwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBALB6WwD
BAPB6XADBALB6XwwDQYJKoZIhvcNAQELBQADggEBADEBpfqKjpsEaUwx906DuRUE
fxXUa2mjcI/JNjmbLp47EdXIz/aTLeD/G+0Z/2uTyrzJ67pHPLK6+GU+duf52gpg
qYvRSpIU/ExZQpBmsKlWq5iRb9Gmg2CjSmmInAt/ZwHoAPPVyqoY2XyjFmx1eDUu
7iEBmyTRf9KXO7NZiyGuSLoOtCTDyPiC/+WZLu44jUdVjFYDIXT9g3aKJz8zSo6m
zknO9tBRapWHHBWZ/xNYzkPQuY+69FqNSZPHmHAyWps3PU8FFST0d4ptfnVOCqIy
KV2NFvaAq/YY0qADf4YQ6f3ANXS5/P4bTcL4jPMv5C3DyZd3piQDQynnz+jRN8w=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:38 2023 by rpki-client on console-fra.rpki-client.org