Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/fg6oi5ug4fNQvm9i6wjP_IXBJ08.roa
File: fg6oi5ug4fNQvm9i6wjP_IXBJ08.roa (raw, json)
Hash identifier: cC6iG2V0bGSRgYIpp0RxynWVkEN+D9BpN+5D0tNGTU8=
Subject key identifier: 7E:0E:A8:8B:9B:A0:E1:F3:50:BE:6F:62:EB:08:CF:FC:85:C1:27:4F
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018B5BB033C83AD8052AD2B389BCF457045F
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/fg6oi5ug4fNQvm9i6wjP_IXBJ08.roa
Signing time: Mon 23 Oct 2023 08:39:16 +0000
ROA not before: Mon 23 Oct 2023 08:39:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204833
IP address blocks: 193.233.17.0/24 maxlen: 24
193.233.160.0/24 maxlen: 24
193.233.78.0/24 maxlen: 24
193.233.6.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:5b:b0:33:c8:3a:d8:05:2a:d2:b3:89:bc:f4:57:04:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Oct 23 08:39:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e0ea88b9ba0e1f350be6f62eb08cffc85c1274f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:dd:30:e5:28:d9:d4:47:50:5b:10:83:62:01:
94:45:43:5d:91:12:48:16:49:1e:55:e0:b9:93:a9:
f7:7e:42:a2:25:68:75:20:e7:6a:e2:d7:57:5c:42:
a9:09:d7:f0:d6:a4:6b:40:22:1a:67:2c:b5:50:46:
c6:50:d1:f4:0b:8b:80:fa:27:81:67:17:ce:af:f8:
fd:34:cb:f6:59:d4:28:4d:01:e9:36:ec:62:4f:35:
c1:e9:8b:25:ba:3f:8a:58:cf:e4:35:dd:52:42:5a:
0a:16:0a:77:4a:b6:14:94:b9:64:bd:5e:9c:32:46:
d5:33:47:75:70:2b:1a:4c:1d:12:01:78:14:71:cf:
6b:bd:dc:c1:9e:07:38:44:ea:49:68:da:49:5a:db:
c2:24:8b:df:58:64:89:ff:85:21:6e:4a:a4:10:4c:
ac:50:93:68:85:ae:1f:ab:a5:b8:50:28:09:a5:8e:
43:a9:6a:62:af:dc:8e:92:62:a2:0a:a3:0b:a1:db:
2e:dd:db:e2:f5:63:c4:34:5d:68:59:36:1c:b7:68:
4b:97:28:df:28:58:34:6d:67:1d:e8:3c:e4:c9:fd:
d6:b8:ea:98:04:7f:ce:bb:4f:e9:55:6f:a8:90:32:
1f:2d:bc:27:99:4a:cf:2a:37:13:b5:d3:82:1b:28:
b3:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:0E:A8:8B:9B:A0:E1:F3:50:BE:6F:62:EB:08:CF:FC:85:C1:27:4F
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/fg6oi5ug4fNQvm9i6wjP_IXBJ08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.6.0/24
193.233.17.0/24
193.233.78.0/24
193.233.160.0/24
Signature Algorithm: sha256WithRSAEncryption
04:2b:76:59:b8:48:f9:1f:92:b5:e2:40:77:d3:57:ae:d2:97:
5b:fa:e4:69:95:46:43:fe:c7:5b:bd:26:e5:fd:64:71:5b:f4:
79:af:09:ba:f5:73:5c:0e:cb:89:a4:80:a5:29:2f:1b:ac:8b:
a5:62:b3:50:fd:8a:ab:ec:3f:13:51:a8:a1:0e:dc:94:6c:de:
e5:9d:b8:32:8a:02:f1:6a:a5:fa:97:f3:91:a6:d9:8b:af:27:
54:45:bf:c1:02:18:4b:29:48:ee:3e:b4:27:60:2a:b9:0f:a9:
4f:65:d2:c5:c3:44:a8:c2:b2:fd:13:28:71:70:df:7f:52:70:
bc:34:57:75:ee:40:2a:4a:20:68:6e:de:9e:02:2f:40:42:6c:
54:21:72:01:e8:24:c1:04:28:88:35:5d:46:b8:b5:99:8d:db:
3e:b3:1f:f5:ba:0d:b5:2b:14:4b:76:32:2b:46:21:40:40:c1:
76:49:4d:dd:90:2b:86:e7:72:0b:aa:23:7b:f8:1b:27:b8:c6:
f7:a3:a7:02:9e:b8:ce:b0:29:a4:aa:6c:4e:54:af:24:07:ff:
09:6d:14:1c:e8:de:e2:38:22:c8:d8:aa:e7:1e:88:34:85:33:
35:53:61:46:df:dc:83:9b:e5:98:74:76:34:3c:83:63:37:e1:
ac:6f:51:43
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYtbsDPIOtgFKtKzibz0VwRfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMxMDIzMDgzOTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTBlYTg4YjliYTBlMWYzNTBiZTZmNjJlYjA4Y2ZmYzg1YzEyNzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhN0w5SjZ1EdQWxCDYgGURUNdkRJI
FkkeVeC5k6n3fkKiJWh1IOdq4tdXXEKpCdfw1qRrQCIaZyy1UEbGUNH0C4uA+ieB
ZxfOr/j9NMv2WdQoTQHpNuxiTzXB6Ysluj+KWM/kNd1SQloKFgp3SrYUlLlkvV6c
MkbVM0d1cCsaTB0SAXgUcc9rvdzBngc4ROpJaNpJWtvCJIvfWGSJ/4UhbkqkEEys
UJNoha4fq6W4UCgJpY5DqWpir9yOkmKiCqMLodsu3dvi9WPENF1oWTYct2hLlyjf
KFg0bWcd6Dzkyf3WuOqYBH/Ou0/pVW+okDIfLbwnmUrPKjcTtdOCGyiznwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFH4OqIuboOHzUL5vYusIz/yFwSdPMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvZmc2b2k1dWc0Zk5Rdm05aTZ3alBfSVhCSjA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwekGAwQA
wekRAwQAwelOAwQAwemgMA0GCSqGSIb3DQEBCwUAA4IBAQAEK3ZZuEj5H5K14kB3
01eu0pdb+uRplUZD/sdbvSbl/WRxW/R5rwm69XNcDsuJpIClKS8brIulYrNQ/Yqr
7D8TUaihDtyUbN7lnbgyigLxaqX6l/ORptmLrydURb/BAhhLKUjuPrQnYCq5D6lP
ZdLFw0SowrL9EyhxcN9/UnC8NFd17kAqSiBobt6eAi9AQmxUIXIB6CTBBCiINV1G
uLWZjds+sx/1ug21KxRLdjIrRiFAQMF2SU3dkCuG53ILqiN7+BsnuMb3o6cCnrjO
sCmkqmxOVK8kB/8JbRQc6N7iOCLI2KrnHog0hTM1U2FG39yDm+WYdHY0PINjN+Gs
b1FD
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:05 2024 by rpki-client on console-fra.rpki-client.org