Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/b2zeLpLa2CnFs95i-iSVGB6ldYY.roa
File: b2zeLpLa2CnFs95i-iSVGB6ldYY.roa (raw, json)
Hash identifier: cacasCHtilw41mXo7ZKfRCzMpt5HYQBVnkIdcbl4z38=
Subject key identifier: 6F:6C:DE:2E:92:DA:D8:29:C5:B3:DE:62:FA:24:95:18:1E:A5:75:86
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018A8DB7D7F37EFD1174D2E432CAE21D1BBA
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/b2zeLpLa2CnFs95i-iSVGB6ldYY.roa
Signing time: Wed 13 Sep 2023 08:45:50 +0000
ROA not before: Wed 13 Sep 2023 08:45:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203163
IP address blocks: 193.233.155.0/24 maxlen: 24
193.233.156.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8d:b7:d7:f3:7e:fd:11:74:d2:e4:32:ca:e2:1d:1b:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Sep 13 08:45:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f6cde2e92dad829c5b3de62fa2495181ea57586
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:dc:db:1c:6e:46:75:24:16:20:65:3c:86:7e:
68:f1:27:83:d8:15:f6:cd:a1:9e:c5:c4:d7:02:21:
27:e4:c3:86:ab:16:95:ea:54:cb:6d:15:5b:b5:7f:
9e:d9:43:fd:3d:2d:7a:70:a0:f1:77:cf:f8:a7:02:
f0:74:cf:09:43:db:47:a5:71:90:58:03:92:1a:c6:
e3:d6:5a:84:02:a3:c5:52:b9:2c:6b:5e:a6:49:bc:
b4:3e:bb:41:8a:52:23:38:01:eb:54:2b:05:09:13:
63:6d:0e:1d:9f:e5:29:61:93:86:e0:99:a4:39:bd:
d6:2f:e2:6b:f0:4f:2e:55:62:89:6e:5e:56:f7:53:
0d:3c:b6:0c:0a:2a:12:9d:a0:d5:16:cb:96:a9:25:
72:3a:9c:2c:f7:92:32:6f:8f:2f:d5:6b:93:74:e1:
05:63:bf:4d:d9:c6:0a:d8:fc:10:ac:f6:7d:4b:99:
87:b3:58:3a:ed:e0:fe:e0:48:5d:bc:dc:5f:e4:ac:
70:3f:62:f9:bd:4b:73:e7:64:8d:14:08:31:be:38:
c2:35:c3:b5:99:a1:d7:4d:d4:d0:42:25:04:53:86:
69:66:5b:19:b3:c3:cf:e6:bd:79:9b:46:96:2e:a9:
69:42:5d:21:5e:08:38:e5:8f:f5:96:2d:ca:84:9d:
f5:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:6C:DE:2E:92:DA:D8:29:C5:B3:DE:62:FA:24:95:18:1E:A5:75:86
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/b2zeLpLa2CnFs95i-iSVGB6ldYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.155.0-193.233.156.255
Signature Algorithm: sha256WithRSAEncryption
4f:77:38:4e:41:6d:1f:4d:de:f7:0b:82:2e:84:a1:5d:11:a4:
d2:fb:9e:8e:b1:66:62:1e:b9:32:8c:32:5e:64:9a:6c:df:56:
f0:74:76:f5:c1:bf:9f:3a:a7:52:0e:af:d9:09:b8:42:13:51:
72:59:bb:70:0f:2a:15:8c:84:7c:26:af:19:00:9b:31:d0:ab:
ab:51:97:18:95:ae:04:f4:b5:6d:6d:48:a0:22:e9:c1:16:18:
b5:36:f2:07:8a:ba:b9:87:e3:e8:ec:3a:91:07:17:3d:59:de:
16:ee:05:27:7f:9e:9f:80:c2:8d:66:68:fc:0d:f2:36:c7:4c:
9b:f4:bf:50:59:72:c2:e4:4b:3d:ae:2c:39:65:02:7c:2e:90:
72:b6:2b:8f:d4:f0:ae:e5:6d:b3:2b:58:7f:84:9f:67:70:49:
c8:67:7b:08:b8:b0:df:dc:88:53:46:52:c8:b6:d7:77:d1:6a:
94:cc:51:0d:d0:10:37:ef:14:e0:3a:31:42:af:4d:a6:1e:a2:
b0:e0:29:9d:bd:e3:46:ef:bf:c6:46:97:78:cc:51:33:9a:13:
73:5e:3d:8c:60:24:6c:77:b6:20:5c:3b:78:cf:68:62:d9:e0:
51:bd:42:2c:fa:4c:43:8a:f1:16:55:b6:43:62:a2:d3:6e:e4:
8e:d9:6e:34
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYqNt9fzfv0RdNLkMsriHRu6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwOTEzMDg0NTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjZjZGUyZTkyZGFkODI5YzViM2RlNjJmYTI0OTUxODFlYTU3NTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3dzbHG5GdSQWIGU8hn5o8SeD2BX2
zaGexcTXAiEn5MOGqxaV6lTLbRVbtX+e2UP9PS16cKDxd8/4pwLwdM8JQ9tHpXGQ
WAOSGsbj1lqEAqPFUrksa16mSby0PrtBilIjOAHrVCsFCRNjbQ4dn+UpYZOG4Jmk
Ob3WL+Jr8E8uVWKJbl5W91MNPLYMCioSnaDVFsuWqSVyOpws95Iyb48v1WuTdOEF
Y79N2cYK2PwQrPZ9S5mHs1g67eD+4EhdvNxf5KxwP2L5vUtz52SNFAgxvjjCNcO1
maHXTdTQQiUEU4ZpZlsZs8PP5r15m0aWLqlpQl0hXgg45Y/1li3KhJ31kQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFG9s3i6S2tgpxbPeYvoklRgepXWGMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvYjJ6ZUxwTGEyQ25Gczk1aS1pU1ZHQjZsZFlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADB6ZsD
BADB6ZwwDQYJKoZIhvcNAQELBQADggEBAE93OE5BbR9N3vcLgi6EoV0RpNL7no6x
ZmIeuTKMMl5kmmzfVvB0dvXBv586p1IOr9kJuEITUXJZu3APKhWMhHwmrxkAmzHQ
q6tRlxiVrgT0tW1tSKAi6cEWGLU28geKurmH4+jsOpEHFz1Z3hbuBSd/np+Awo1m
aPwN8jbHTJv0v1BZcsLkSz2uLDllAnwukHK2K4/U8K7lbbMrWH+En2dwSchnewi4
sN/ciFNGUsi213fRapTMUQ3QEDfvFOA6MUKvTaYeorDgKZ2940bvv8ZGl3jMUTOa
E3NePYxgJGx3tiBcO3jPaGLZ4FG9Qiz6TEOK8RZVtkNiotNu5I7ZbjQ=
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:21 2024 by rpki-client on console-ams.rpki-client.org