Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/fQXsnZJ6dep3D5L_KJSUAZNaVZg.roa
File: fQXsnZJ6dep3D5L_KJSUAZNaVZg.roa (raw, json)
Hash identifier: SzjjYSeSZNoYtQv0fti5tye1A9JO9AO6GC2RBcL2g+w=
Subject key identifier: 7D:05:EC:9D:92:7A:75:EA:77:0F:92:FF:28:94:94:01:93:5A:55:98
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 01856F26E2BF4AF2E8046BC8CADFF3CEF203
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/fQXsnZJ6dep3D5L_KJSUAZNaVZg.roa
Signing time: Sun 01 Jan 2023 21:04:57 +0000
ROA not before: Sun 01 Jan 2023 21:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43444
IP address blocks: 193.233.128.0/22 maxlen: 22
193.233.216.0/22 maxlen: 22
193.233.220.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:e2:bf:4a:f2:e8:04:6b:c8:ca:df:f3:ce:f2:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 21:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7d05ec9d927a75ea770f92ff28949401935a5598
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:33:8f:3a:99:13:03:b7:cc:72:3b:88:04:1b:
a4:92:c2:7c:4b:c1:25:ae:ce:39:b1:4a:ae:6b:cf:
3a:92:12:aa:43:c2:a3:c1:30:99:c1:1a:bb:e6:fb:
65:82:79:f8:8b:e4:2e:d1:bf:2b:43:9e:bb:5b:72:
6d:e2:c8:d5:ef:00:7f:72:3a:6c:0a:e7:df:9e:c5:
20:80:b5:5f:ed:36:c5:58:fe:fe:83:85:ab:3a:d1:
e6:f5:f7:93:a3:dd:27:c1:c8:73:53:9b:2f:ea:d8:
ff:fe:83:f6:72:33:82:d9:73:16:9d:39:9d:c5:64:
af:6a:80:9e:f3:db:ee:23:d0:13:fe:58:e1:ba:ae:
a2:fb:d9:21:b6:38:08:bc:cb:ea:91:c5:be:7a:ca:
54:8e:5d:59:2a:f1:e5:16:77:dc:ed:59:33:a5:b0:
17:9b:1a:9c:5a:ff:a3:83:ac:75:ec:6f:d9:ac:66:
46:29:9e:09:1b:43:a5:8a:d8:ed:b6:f7:3e:aa:d9:
30:2c:b6:a0:fb:47:52:67:d6:2a:9f:66:08:31:b6:
ea:05:c8:21:37:eb:48:fb:a2:14:98:57:f2:ec:13:
11:91:70:e7:4d:16:ce:6e:c1:be:8e:b5:33:9b:f5:
98:e2:9f:1f:a1:95:3e:16:62:0a:da:0b:d2:b2:1f:
e2:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:05:EC:9D:92:7A:75:EA:77:0F:92:FF:28:94:94:01:93:5A:55:98
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/fQXsnZJ6dep3D5L_KJSUAZNaVZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.128.0/22
193.233.216.0-193.233.221.255
Signature Algorithm: sha256WithRSAEncryption
29:38:ff:80:ac:dc:e8:eb:2c:d1:4b:19:df:bb:e2:cb:5c:16:
d8:0b:35:07:7f:cb:6f:f5:83:7b:29:3a:3e:1a:b8:27:df:70:
61:06:c2:4e:ae:57:61:20:a4:7d:46:57:44:14:61:fb:fc:34:
aa:b6:67:8e:7a:55:6b:50:b6:8b:72:b4:f8:67:30:79:79:b8:
40:35:21:24:92:56:8b:72:1c:bd:47:e5:df:99:7d:fa:93:11:
3c:68:3c:0c:7f:df:ee:e6:1d:11:e0:6b:e7:68:2a:57:b5:68:
52:3a:c9:b6:3d:95:10:88:13:02:aa:5e:f9:16:a2:40:28:e7:
40:3f:61:c9:37:bd:ae:48:1a:ff:0a:49:64:a5:d4:5a:2a:b2:
4b:9d:02:72:a6:f5:26:fa:5d:a8:52:dd:30:bb:9b:f2:e6:5b:
33:99:ab:6b:7d:53:fe:3f:a4:a7:fb:cb:6b:45:04:da:4c:18:
c0:dd:ba:6d:de:49:ac:f7:fe:78:56:e5:25:c1:15:43:09:7e:
48:11:89:7a:27:8d:5f:f2:97:7c:43:e4:08:b1:d7:c0:c1:62:
3f:f6:19:4e:4d:b4:dd:c7:95:ca:a8:a9:cb:81:b2:0c:4b:93:
b4:a6:a8:7f:89:37:f1:27:3d:85:f3:eb:c9:1b:4b:e7:09:80:
1d:cc:ee:b2
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVvJuK/SvLoBGvIyt/zzvIDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwMTAxMjEwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDA1ZWM5ZDkyN2E3NWVhNzcwZjkyZmYyODk0OTQwMTkzNWE1NTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszOPOpkTA7fMcjuIBBukksJ8S8El
rs45sUqua886khKqQ8KjwTCZwRq75vtlgnn4i+Qu0b8rQ567W3Jt4sjV7wB/cjps
CuffnsUggLVf7TbFWP7+g4WrOtHm9feTo90nwchzU5sv6tj//oP2cjOC2XMWnTmd
xWSvaoCe89vuI9AT/ljhuq6i+9khtjgIvMvqkcW+espUjl1ZKvHlFnfc7VkzpbAX
mxqcWv+jg6x17G/ZrGZGKZ4JG0Olitjttvc+qtkwLLag+0dSZ9Yqn2YIMbbqBcgh
N+tI+6IUmFfy7BMRkXDnTRbObsG+jrUzm/WY4p8foZU+FmIK2gvSsh/igwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFH0F7J2SenXqdw+S/yiUlAGTWlWYMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvZlFYc25aSjZkZXAzRDVMX0tKU1VBWk5hVlpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCwemAMAwD
BAPB6dgDBAHB6dwwDQYJKoZIhvcNAQELBQADggEBACk4/4Cs3OjrLNFLGd+74stc
FtgLNQd/y2/1g3spOj4auCffcGEGwk6uV2EgpH1GV0QUYfv8NKq2Z456VWtQtoty
tPhnMHl5uEA1ISSSVotyHL1H5d+ZffqTETxoPAx/3+7mHRHga+doKle1aFI6ybY9
lRCIEwKqXvkWokAo50A/Yck3va5IGv8KSWSl1FoqskudAnKm9Sb6XahS3TC7m/Lm
WzOZq2t9U/4/pKf7y2tFBNpMGMDdum3eSaz3/nhW5SXBFUMJfkgRiXonjV/yl3xD
5Aix18DBYj/2GU5NtN3HlcqoqcuBsgxLk7SmqH+JN/EnPYXz68kbS+cJgB3M7rI=
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:21 2024 by rpki-client on console-ams.rpki-client.org