Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Zv8KH27k1Vozu7VBKhhbm9fMpYk.roa
File: Zv8KH27k1Vozu7VBKhhbm9fMpYk.roa (raw, json)
Hash identifier: q296i5Ve2YrbjSJPvOHDpgz+ohOe1MbE9ZMTsgdahj8=
Subject key identifier: 66:FF:0A:1F:6E:E4:D5:5A:33:BB:B5:41:2A:18:5B:9B:D7:CC:A5:89
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 01856F26EC49978E7ABD384F1FB66FA7DEFD
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Zv8KH27k1Vozu7VBKhhbm9fMpYk.roa
Signing time: Sun 01 Jan 2023 21:04:59 +0000
ROA not before: Sun 01 Jan 2023 21:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202999
IP address blocks: 193.233.56.0/24 maxlen: 24
193.233.57.0/24 maxlen: 24
193.233.58.0/24 maxlen: 24
193.233.59.0/24 maxlen: 24
193.233.9.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:ec:49:97:8e:7a:bd:38:4f:1f:b6:6f:a7:de:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 21:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66ff0a1f6ee4d55a33bbb5412a185b9bd7cca589
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:87:bf:d5:43:80:2c:17:60:e4:b6:21:c3:60:
c8:b1:16:86:0c:34:84:98:30:19:92:07:bb:60:1d:
6b:5d:fb:b5:67:9e:7a:6c:68:0e:92:c5:17:07:fd:
0e:ba:1d:47:87:c8:92:90:b6:4d:3f:49:0c:05:46:
3a:b8:39:5e:ab:ed:d5:8e:57:49:01:cf:d5:0b:92:
92:79:23:df:3c:5a:3c:05:a6:3f:65:79:3a:5e:11:
40:9e:6f:3b:ee:f6:97:80:92:9e:6e:6b:bb:f0:8d:
30:46:56:5d:6a:3e:65:1a:21:79:98:5c:91:44:3d:
6d:e9:a4:18:44:f5:0b:cc:f7:a4:15:1d:0f:ab:69:
13:a1:82:dd:6d:29:4d:59:0f:eb:f0:d9:83:e3:bb:
ac:f1:0f:cc:24:2e:6e:6e:67:a5:97:d6:9b:f6:af:
97:80:d0:03:ac:62:cb:4f:d6:a4:b4:8f:b6:8f:a2:
d7:84:88:d7:cf:0c:9c:1f:82:8a:46:d8:aa:e1:3e:
69:24:e9:48:98:77:f4:ae:03:b9:46:be:ca:b6:4e:
99:4b:4e:ad:7f:76:ab:6d:f7:e0:e5:9a:65:6b:04:
87:05:b6:ab:6f:ae:de:1b:e5:8b:88:99:21:41:6d:
37:fd:ea:89:c0:95:35:53:f4:21:c5:30:01:e4:b2:
f3:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:FF:0A:1F:6E:E4:D5:5A:33:BB:B5:41:2A:18:5B:9B:D7:CC:A5:89
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Zv8KH27k1Vozu7VBKhhbm9fMpYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.9.0/24
193.233.56.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:70:3b:2f:06:32:99:75:62:99:bb:0d:be:31:a6:c8:51:4a:
85:0c:0c:41:99:74:41:a2:0b:e3:46:df:6f:e6:d6:10:29:b4:
3f:a5:72:e3:88:57:c7:37:88:b5:b1:f0:9d:03:dc:e6:3d:f5:
8b:a1:f7:75:75:4b:5e:e6:63:5c:9c:73:61:2a:7c:dd:d6:c5:
f0:5f:f8:72:ed:98:98:15:e4:e5:db:84:cf:59:76:c7:b4:95:
ce:a4:c3:3f:cc:86:58:0e:24:62:9d:a8:dc:e9:25:4f:ba:01:
44:a8:c4:2f:2f:4c:12:4c:4b:e0:eb:5f:17:54:16:38:4b:5d:
e7:24:54:5b:a0:3b:56:cc:07:64:3b:f9:15:96:29:31:ba:dd:
7b:db:8c:38:20:d8:ff:e7:b1:c8:bf:55:b7:65:45:24:fd:1e:
cf:88:ca:db:80:c8:5a:f1:ec:b1:8a:2b:65:1c:b6:d6:5b:62:
22:2c:7f:06:94:89:7a:f9:ba:85:9b:e8:ae:cf:52:2b:02:7c:
58:c3:02:24:7b:97:1f:cc:70:f6:89:7d:a9:1f:97:c1:61:58:
bc:ac:6a:0f:f6:8a:ed:ef:96:43:b3:8d:3c:77:13:27:95:aa:
81:b6:5c:db:d7:bf:9a:e5:bb:0e:56:bb:6f:80:6c:4d:19:2b:
62:15:13:9f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvJuxJl456vThPH7Zvp979MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwMTAxMjEwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmZmMGExZjZlZTRkNTVhMzNiYmI1NDEyYTE4NWI5YmQ3Y2NhNTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Ie/1UOALBdg5LYhw2DIsRaGDDSE
mDAZkge7YB1rXfu1Z556bGgOksUXB/0Ouh1Hh8iSkLZNP0kMBUY6uDleq+3VjldJ
Ac/VC5KSeSPfPFo8BaY/ZXk6XhFAnm877vaXgJKebmu78I0wRlZdaj5lGiF5mFyR
RD1t6aQYRPULzPekFR0Pq2kToYLdbSlNWQ/r8NmD47us8Q/MJC5ubmell9ab9q+X
gNADrGLLT9aktI+2j6LXhIjXzwycH4KKRtiq4T5pJOlImHf0rgO5Rr7Ktk6ZS06t
f3arbffg5ZplawSHBbarb67eG+WLiJkhQW03/eqJwJU1U/QhxTAB5LLz0QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGb/Ch9u5NVaM7u1QSoYW5vXzKWJMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvWnY4S0gyN2sxVm96dTdWQktoaGJtOWZNcFlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwekJAwQC
wek4MA0GCSqGSIb3DQEBCwUAA4IBAQAKcDsvBjKZdWKZuw2+MabIUUqFDAxBmXRB
ogvjRt9v5tYQKbQ/pXLjiFfHN4i1sfCdA9zmPfWLofd1dUte5mNcnHNhKnzd1sXw
X/hy7ZiYFeTl24TPWXbHtJXOpMM/zIZYDiRinajc6SVPugFEqMQvL0wSTEvg618X
VBY4S13nJFRboDtWzAdkO/kVlikxut1724w4INj/57HIv1W3ZUUk/R7PiMrbgMha
8eyxiitlHLbWW2IiLH8GlIl6+bqFm+iuz1IrAnxYwwIke5cfzHD2iX2pH5fBYVi8
rGoP9ort75ZDs408dxMnlaqBtlzb17+a5bsOVrtvgGxNGStiFROf
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:21 2024 by rpki-client on console-ams.rpki-client.org