Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/bal8Fry-uUTsj9_5ysdXpVmqC9o.roa
File: bal8Fry-uUTsj9_5ysdXpVmqC9o.roa (raw, json)
Hash identifier: FfvJW340IKq2ClSeYlM8FU5QscMK7DixbGg36E01OxA=
Subject key identifier: 6D:A9:7C:16:BC:BE:B9:44:EC:8F:DF:F9:CA:C7:57:A5:59:AA:0B:DA
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018AB94F01A407555404565D1850ED3C3D31
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/bal8Fry-uUTsj9_5ysdXpVmqC9o.roa
Signing time: Thu 21 Sep 2023 19:54:37 +0000
ROA not before: Thu 21 Sep 2023 19:54:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49392
IP address blocks: 193.233.16.0/24 maxlen: 24
193.233.252.0/23 maxlen: 23
193.233.85.0/24 maxlen: 24
193.233.86.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b9:4f:01:a4:07:55:54:04:56:5d:18:50:ed:3c:3d:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Sep 21 19:54:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6da97c16bcbeb944ec8fdff9cac757a559aa0bda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:e6:d7:1d:56:09:f1:61:ec:b6:2b:8b:2c:1f:
37:b4:b5:b9:73:f6:1e:43:27:6a:72:fa:ca:c7:08:
a1:04:1d:ec:72:83:93:9a:8b:9c:cf:47:0b:ff:bc:
9e:f7:d8:79:06:7a:8c:85:66:70:bd:6f:ba:a6:4e:
fe:3a:c5:fe:26:c5:dc:54:99:fd:b3:df:7b:84:c3:
b3:73:a6:5b:2c:e8:21:75:ff:d0:19:ee:c4:a1:41:
18:e4:27:ff:04:21:26:91:fe:45:ef:68:51:eb:18:
1c:10:9d:f3:98:3b:81:e7:ab:e7:12:99:4d:08:b8:
d7:54:ae:8f:51:43:e2:3a:05:94:39:7f:df:29:90:
7f:f2:5a:c1:e8:77:66:75:bd:f7:98:5f:31:3a:73:
2e:1a:be:2f:f6:8b:94:67:32:d5:be:8f:ca:ea:79:
0d:f7:1c:1b:23:de:dc:10:46:7c:af:4a:a7:a9:a2:
23:e9:86:1f:e3:9f:ce:dc:21:83:b7:e0:3e:7d:b7:
6d:62:44:c0:5d:dd:22:02:f2:2d:4c:8a:bb:dc:a7:
74:e6:44:ff:66:f8:0c:da:67:72:c7:de:24:2b:40:
79:9c:e4:d8:58:45:fe:6a:3a:87:78:78:a2:ae:0e:
6c:a6:7c:cd:84:f3:ad:38:34:b4:e9:60:f5:77:4f:
85:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:A9:7C:16:BC:BE:B9:44:EC:8F:DF:F9:CA:C7:57:A5:59:AA:0B:DA
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/bal8Fry-uUTsj9_5ysdXpVmqC9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.16.0/24
193.233.85.0-193.233.86.255
193.233.252.0/23
Signature Algorithm: sha256WithRSAEncryption
81:21:66:3d:37:15:45:86:06:de:e0:0b:06:ef:56:14:42:01:
4c:fc:7d:04:e8:41:77:c0:dc:8b:7d:26:a0:0e:08:ed:33:17:
bd:81:dd:d3:5b:2c:80:f8:88:53:30:96:96:f5:47:be:2d:0a:
fc:89:9d:24:31:be:3c:cd:0c:3f:d0:3d:47:e3:1a:2d:66:68:
3c:a5:2b:44:27:9f:48:f2:3c:8b:52:c8:9a:b8:e6:68:86:64:
82:62:76:34:a7:0c:3b:95:56:0e:ef:db:74:37:b5:a2:99:38:
93:0c:9f:4c:c9:ba:fc:fb:7d:5a:09:dd:2c:28:3e:5e:05:8e:
d0:e8:52:69:04:c0:f3:ef:2b:53:dc:31:8d:9c:8f:c5:1c:e1:
f8:2e:b3:ee:33:2a:0b:28:dd:c3:d3:93:5f:19:aa:61:cb:1e:
7b:fd:09:8b:14:70:07:06:58:1a:00:70:98:f4:9c:03:01:97:
24:df:50:56:a3:40:4d:b0:d5:50:8b:9c:d3:34:75:72:2d:9e:
03:46:16:e3:03:ff:15:2d:8a:2e:9f:40:eb:2c:86:db:df:7d:
5d:40:a3:ff:3b:c9:4f:c7:0b:97:00:45:9e:59:8a:18:2b:84:
b3:aa:99:75:bc:80:18:fa:5b:e0:4a:52:35:e0:10:bc:45:3c:
d7:b2:f8:69
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYq5TwGkB1VUBFZdGFDtPD0xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwOTIxMTk1NDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGE5N2MxNmJjYmViOTQ0ZWM4ZmRmZjljYWM3NTdhNTU5YWEwYmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjObXHVYJ8WHstiuLLB83tLW5c/Ye
QydqcvrKxwihBB3scoOTmoucz0cL/7ye99h5BnqMhWZwvW+6pk7+OsX+JsXcVJn9
s997hMOzc6ZbLOghdf/QGe7EoUEY5Cf/BCEmkf5F72hR6xgcEJ3zmDuB56vnEplN
CLjXVK6PUUPiOgWUOX/fKZB/8lrB6Hdmdb33mF8xOnMuGr4v9ouUZzLVvo/K6nkN
9xwbI97cEEZ8r0qnqaIj6YYf45/O3CGDt+A+fbdtYkTAXd0iAvItTIq73Kd05kT/
ZvgM2mdyx94kK0B5nOTYWEX+ajqHeHiirg5spnzNhPOtODS06WD1d0+FIwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFG2pfBa8vrlE7I/f+crHV6VZqgvaMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvYmFsOEZyeS11VVRzajlfNXlzZFhwVm1xQzlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAwekQMAwD
BADB6VUDBADB6VYDBAHB6fwwDQYJKoZIhvcNAQELBQADggEBAIEhZj03FUWGBt7g
CwbvVhRCAUz8fQToQXfA3It9JqAOCO0zF72B3dNbLID4iFMwlpb1R74tCvyJnSQx
vjzNDD/QPUfjGi1maDylK0Qnn0jyPItSyJq45miGZIJidjSnDDuVVg7v23Q3taKZ
OJMMn0zJuvz7fVoJ3SwoPl4FjtDoUmkEwPPvK1PcMY2cj8Uc4fgus+4zKgso3cPT
k18ZqmHLHnv9CYsUcAcGWBoAcJj0nAMBlyTfUFajQE2w1VCLnNM0dXItngNGFuMD
/xUtii6fQOsshtvffV1Ao/87yU/HC5cARZ5ZihgrhLOqmXW8gBj6W+BKUjXgELxF
PNey+Gk=
-----END CERTIFICATE-----
Generated at Tue Nov 14 15:54:35 2023 by rpki-client on console-ams.rpki-client.org