Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/dZoT6--frlj6aI3KaWwg2rfhQSE.roa
File: dZoT6--frlj6aI3KaWwg2rfhQSE.roa (raw, json)
Hash identifier: /lq9Mwze3KhXq/p1Sm0yw/tGkKTnBXZGZzQMSSqEzBo=
Subject key identifier: 75:9A:13:EB:EF:9F:AE:58:FA:68:8D:CA:69:6C:20:DA:B7:E1:41:21
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 01856F26DADED35380AAFD80627BE15BA406
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/dZoT6--frlj6aI3KaWwg2rfhQSE.roa
Signing time: Sun 01 Jan 2023 21:04:55 +0000
ROA not before: Sun 01 Jan 2023 21:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6869
IP address blocks: 193.233.152.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:da:de:d3:53:80:aa:fd:80:62:7b:e1:5b:a4:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 21:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=759a13ebef9fae58fa688dca696c20dab7e14121
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:16:30:47:78:33:9b:3f:aa:a1:55:c6:1b:6a:
c0:45:18:de:87:16:28:4b:f2:97:2f:57:94:b7:86:
fc:3f:e0:85:77:39:35:0e:e0:45:7c:f0:01:3e:57:
11:ed:7d:75:cb:28:a1:17:7c:e3:42:9e:53:4f:76:
f6:c2:f7:be:97:27:d1:11:78:fd:14:0a:80:9e:c8:
2d:77:0d:f0:44:f2:b0:d2:2c:8d:2c:87:69:f5:97:
a4:44:1d:c6:7b:9f:14:8e:75:6e:90:ae:75:e4:88:
35:5f:71:e0:2e:ee:85:90:9e:0d:a8:66:ad:9f:03:
4c:ff:ec:76:0d:e8:c2:7b:d2:81:de:f5:43:8b:b4:
67:73:d3:49:b8:c4:30:6b:1d:5f:ad:ad:c0:a1:9e:
25:f6:ca:0f:12:ca:a8:95:df:0a:be:0f:2c:6c:6e:
6b:34:45:c9:44:6e:ab:4d:67:4b:22:48:2a:dc:41:
6b:21:d3:87:58:29:17:2b:d2:15:d9:c3:0b:89:dd:
fa:03:a1:79:d8:75:cd:37:2e:10:e6:80:cd:00:cb:
1b:4e:dd:cf:9c:95:a3:c0:9c:a7:8e:ca:b6:19:e4:
16:34:70:86:f1:b8:36:d4:f7:6e:19:f8:d9:bc:62:
ec:bf:a2:26:8e:0b:7c:68:28:bc:79:a7:4b:bc:37:
5a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:9A:13:EB:EF:9F:AE:58:FA:68:8D:CA:69:6C:20:DA:B7:E1:41:21
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/dZoT6--frlj6aI3KaWwg2rfhQSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.152.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:da:ce:36:45:8c:cb:5d:97:08:6a:1d:1f:b4:88:47:e8:b1:
c9:08:66:d1:7f:6c:9b:b1:e1:36:06:20:41:f4:90:7e:d9:89:
b7:d5:d2:f2:11:13:49:b5:b6:97:ff:65:ba:7f:df:c3:1e:70:
39:f7:f3:66:14:cd:68:6e:29:a4:e4:1d:43:4d:37:bd:58:d2:
38:dd:f6:58:d9:01:23:b5:ad:62:ee:98:79:d1:59:47:75:5b:
cf:aa:f0:af:df:9f:c4:60:21:a8:95:42:28:28:ef:a5:d4:08:
d4:b0:88:cb:e9:6e:cf:c2:1b:5b:28:f6:f0:52:15:ea:68:41:
34:e3:bb:85:e5:84:f0:87:f0:29:69:6d:72:45:a3:66:2c:92:
a8:bb:4b:bd:64:95:28:99:33:5f:9f:f6:47:c7:00:bf:84:4d:
ad:96:f3:37:2d:97:69:db:44:ce:58:a2:74:1a:44:c8:f8:d7:
3e:7f:03:a8:fe:36:ba:00:8e:17:3d:37:10:8c:1e:bb:54:d4:
c6:af:6b:eb:04:f3:54:7d:48:e9:e9:b8:26:20:f7:1d:35:60:
0b:3f:20:7a:cd:3c:e8:fb:cc:d2:0f:cb:71:92:b0:b4:8e:21:
9e:d3:28:e0:5b:fa:d4:d0:1c:9f:fb:44:ca:52:36:7b:46:6b:
a6:49:75:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvJtre01OAqv2AYnvhW6QGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwMTAxMjEwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTlhMTNlYmVmOWZhZTU4ZmE2ODhkY2E2OTZjMjBkYWI3ZTE0MTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxYwR3gzmz+qoVXGG2rARRjehxYo
S/KXL1eUt4b8P+CFdzk1DuBFfPABPlcR7X11yyihF3zjQp5TT3b2wve+lyfREXj9
FAqAnsgtdw3wRPKw0iyNLIdp9ZekRB3Ge58UjnVukK515Ig1X3HgLu6FkJ4NqGat
nwNM/+x2DejCe9KB3vVDi7Rnc9NJuMQwax1fra3AoZ4l9soPEsqold8Kvg8sbG5r
NEXJRG6rTWdLIkgq3EFrIdOHWCkXK9IV2cMLid36A6F52HXNNy4Q5oDNAMsbTt3P
nJWjwJynjsq2GeQWNHCG8bg21PduGfjZvGLsv6Imjgt8aCi8eadLvDdaKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHWaE+vvn65Y+miNymlsINq34UEhMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvZFpvVDYtLWZybGo2YUkzS2FXd2cycmZoUVNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwemYMA0G
CSqGSIb3DQEBCwUAA4IBAQCO2s42RYzLXZcIah0ftIhH6LHJCGbRf2ybseE2BiBB
9JB+2Ym31dLyERNJtbaX/2W6f9/DHnA59/NmFM1obimk5B1DTTe9WNI43fZY2QEj
ta1i7ph50VlHdVvPqvCv35/EYCGolUIoKO+l1AjUsIjL6W7PwhtbKPbwUhXqaEE0
47uF5YTwh/ApaW1yRaNmLJKou0u9ZJUomTNfn/ZHxwC/hE2tlvM3LZdp20TOWKJ0
GkTI+Nc+fwOo/ja6AI4XPTcQjB67VNTGr2vrBPNUfUjp6bgmIPcdNWALPyB6zTzo
+8zSD8txkrC0jiGe0yjgW/rU0Byf+0TKUjZ7RmumSXWi
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:21 2024 by rpki-client on console-ams.rpki-client.org