Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/dMuwVFQHWXhH-NfM7cGxwd86U-4.roa
File: dMuwVFQHWXhH-NfM7cGxwd86U-4.roa (raw, json)
Hash identifier: nG7f6w/3sHXXR/81aMyX23IJogiDiHwHi6l5+aK6vVU=
Subject key identifier: 74:CB:B0:54:54:07:59:78:47:F8:D7:CC:ED:C1:B1:C1:DF:3A:53:EE
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018CC795220385D78C6008F43F40BA39ADE0
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/dMuwVFQHWXhH-NfM7cGxwd86U-4.roa
Signing time: Tue 02 Jan 2024 00:31:28 +0000
ROA not before: Tue 02 Jan 2024 00:31:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8342
IP address blocks: 193.233.170.0/24 maxlen: 24
193.233.60.0/24 maxlen: 24
193.233.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 27 Jan 2024 10:56:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:22:03:85:d7:8c:60:08:f4:3f:40:ba:39:ad:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 2 00:31:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=74cbb0545407597847f8d7ccedc1b1c1df3a53ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:af:f1:d8:18:0c:77:21:88:f1:61:d3:40:d2:
1c:21:0b:47:c7:93:23:d7:ae:a0:8e:db:28:91:d9:
1c:c9:31:33:32:ca:41:92:d0:e0:87:b5:fb:4b:60:
6c:f6:a0:6e:66:6d:ec:be:8b:6e:99:e5:e3:6d:fa:
f5:67:f5:56:a5:63:43:0a:d0:aa:a2:44:ca:d4:22:
70:f1:bb:5b:00:44:50:a9:b6:94:65:4b:c8:10:8a:
91:ec:b9:a5:74:b0:b4:6f:ea:94:88:76:bf:d8:d7:
28:78:7c:5d:96:6f:d3:15:57:87:65:a1:a2:07:fd:
3a:b0:84:81:e4:77:e9:18:50:b1:66:40:e1:c8:7b:
d6:0a:d9:b9:cb:56:af:ba:ca:f6:24:c9:a7:3e:19:
3e:f2:5d:21:fa:84:70:f1:45:fc:d9:58:a7:99:49:
fd:18:10:54:30:a0:3a:84:5a:31:52:b8:02:5a:ef:
06:bc:37:be:9b:6f:92:ab:f7:7b:2f:fa:33:d1:88:
6a:61:12:67:dd:ae:a3:7a:36:b5:c9:f1:0c:62:9f:
61:cc:fa:26:0a:4e:d4:5e:04:4e:71:93:3a:25:7a:
6d:70:17:77:fa:96:0e:22:ea:0e:6f:b0:9f:e6:16:
2f:d4:ec:13:70:9c:e8:d0:9a:dc:c6:dd:9f:1b:74:
2d:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:CB:B0:54:54:07:59:78:47:F8:D7:CC:ED:C1:B1:C1:DF:3A:53:EE
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/dMuwVFQHWXhH-NfM7cGxwd86U-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.60.0/24
193.233.62.0/24
193.233.170.0/24
Signature Algorithm: sha256WithRSAEncryption
54:01:75:09:d4:30:8d:7f:d6:8b:74:fd:16:64:43:48:ea:62:
07:ba:43:c4:e2:92:91:aa:bd:83:e3:d1:9e:bb:d5:ba:b8:7c:
3b:9d:56:dc:4a:da:36:da:58:2a:90:f7:14:1a:26:07:69:fd:
94:aa:8c:51:55:f5:d6:d7:0d:97:20:86:ac:b6:44:ea:f8:92:
a4:f1:b4:e9:80:fb:b3:14:3e:90:83:54:f3:a1:f1:a1:13:83:
b0:1d:6d:1f:ba:1e:9f:20:19:ab:fa:08:e6:fd:2e:02:f8:c4:
f7:28:d1:7c:83:14:0c:43:f3:73:e7:13:68:c8:58:3c:51:8d:
b3:09:eb:6d:10:81:bf:4e:8c:58:ce:e5:9f:d7:03:b0:68:97:
1a:e2:2c:01:1d:fa:92:aa:d7:67:9f:0b:aa:da:61:90:bb:22:
b5:cb:ea:bc:97:52:fd:aa:a5:dd:cf:75:57:27:01:c2:7e:ee:
e5:37:43:e4:11:c6:0e:c5:c6:98:c2:02:17:2c:70:fb:7e:9b:
46:11:77:ff:6d:87:56:d8:80:3c:b6:3a:10:84:ed:92:e3:fd:
f9:be:78:96:1c:1b:71:18:dd:36:e7:22:5a:c2:d6:71:54:9a:
a6:61:e7:33:6f:3b:ca:a1:de:c6:43:30:25:4e:49:0a:ff:70:
5b:66:b5:8b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHlSIDhdeMYAj0P0C6Oa3gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMTAyMDAzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGNiYjA1NDU0MDc1OTc4NDdmOGQ3Y2NlZGMxYjFjMWRmM2E1M2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiq/x2BgMdyGI8WHTQNIcIQtHx5Mj
166gjtsokdkcyTEzMspBktDgh7X7S2Bs9qBuZm3svotumeXjbfr1Z/VWpWNDCtCq
okTK1CJw8btbAERQqbaUZUvIEIqR7LmldLC0b+qUiHa/2NcoeHxdlm/TFVeHZaGi
B/06sISB5HfpGFCxZkDhyHvWCtm5y1avusr2JMmnPhk+8l0h+oRw8UX82VinmUn9
GBBUMKA6hFoxUrgCWu8GvDe+m2+Sq/d7L/oz0YhqYRJn3a6jeja1yfEMYp9hzPom
Ck7UXgROcZM6JXptcBd3+pYOIuoOb7Cf5hYv1OwTcJzo0Jrcxt2fG3QtuQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHTLsFRUB1l4R/jXzO3BscHfOlPuMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvZE11d1ZGUUhXWGhILU5mTTdjR3h3ZDg2VS00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwek8AwQA
wek+AwQAwemqMA0GCSqGSIb3DQEBCwUAA4IBAQBUAXUJ1DCNf9aLdP0WZENI6mIH
ukPE4pKRqr2D49Geu9W6uHw7nVbcSto22lgqkPcUGiYHaf2UqoxRVfXW1w2XIIas
tkTq+JKk8bTpgPuzFD6Qg1TzofGhE4OwHW0fuh6fIBmr+gjm/S4C+MT3KNF8gxQM
Q/Nz5xNoyFg8UY2zCettEIG/ToxYzuWf1wOwaJca4iwBHfqSqtdnnwuq2mGQuyK1
y+q8l1L9qqXdz3VXJwHCfu7lN0PkEcYOxcaYwgIXLHD7fptGEXf/bYdW2IA8tjoQ
hO2S4/35vniWHBtxGN025yJawtZxVJqmYeczbzvKod7GQzAlTkkK/3BbZrWL
-----END CERTIFICATE-----
Generated at Sat Jan 27 11:40:57 2024 by rpki-client on console-fra.rpki-client.org