Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/h9TTsOaNkl6kVZUN-aMPUTPB9os.roa
File: h9TTsOaNkl6kVZUN-aMPUTPB9os.roa (raw, json)
Hash identifier: TcgLQYpgOCwfgfYmF8nEvkfY64l/XDiFf8vX3feyiHc=
Subject key identifier: 87:D4:D3:B0:E6:8D:92:5E:A4:55:95:0D:F9:A3:0F:51:33:C1:F6:8B
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018849B739BEF510B2B9F80BB9F4B56F2C6D
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/h9TTsOaNkl6kVZUN-aMPUTPB9os.roa
Signing time: Tue 23 May 2023 17:45:24 +0000
ROA not before: Tue 23 May 2023 17:45:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14576
IP address blocks: 193.233.136.0/22 maxlen: 22
193.233.140.0/22 maxlen: 22
193.233.82.0/23 maxlen: 23
193.233.91.0/24 maxlen: 24
193.233.90.0/24 maxlen: 24
193.233.89.0/24 maxlen: 24
193.233.88.0/24 maxlen: 24
193.233.228.0/22 maxlen: 22
193.233.251.0/24 maxlen: 24
193.233.250.0/24 maxlen: 24
193.233.249.0/24 maxlen: 24
193.233.248.0/24 maxlen: 24
193.233.210.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:49:b7:39:be:f5:10:b2:b9:f8:0b:b9:f4:b5:6f:2c:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: May 23 17:45:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87d4d3b0e68d925ea455950df9a30f5133c1f68b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:db:9e:ef:a8:09:3b:1b:5c:6f:08:93:35:93:
e4:3d:26:0e:26:4c:0f:f6:c1:08:94:45:1c:46:d4:
a6:51:f5:a9:7f:ce:b7:d1:fb:9f:dd:b5:56:f3:63:
af:35:f2:d1:ff:10:80:0a:70:b0:4d:2d:1b:de:fa:
fd:5d:97:4a:98:96:18:d1:2d:80:b3:52:ca:3d:c1:
83:d4:f0:10:16:f8:6c:e2:d3:b8:be:c7:07:06:ee:
b6:3f:76:2b:e6:1c:04:1a:f4:26:cf:10:c1:40:1b:
91:2c:92:a2:23:d0:96:ab:4a:d4:4a:54:30:25:37:
4b:fd:d2:a5:59:02:d4:0f:b3:64:48:00:65:97:9d:
2c:74:21:be:8b:5e:3a:c7:92:e4:1d:87:f5:88:85:
57:f2:2a:fa:56:ff:c5:f8:9b:26:48:47:e1:fb:49:
10:ef:65:6b:2d:dd:4d:70:6d:07:e1:b5:10:d5:48:
7b:5a:0c:19:e7:e2:42:21:06:3b:1e:1b:bc:d6:5a:
7d:f3:7d:d9:d5:9c:fd:c7:13:71:44:1c:6b:5c:8e:
e3:5a:56:91:50:02:e6:0e:2a:8e:9c:a8:3d:21:00:
29:c9:1b:bd:bb:f0:ba:83:8d:2b:c7:bb:76:b6:84:
67:d3:b4:84:1a:83:7c:81:0f:c0:5e:70:42:39:f3:
3e:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:D4:D3:B0:E6:8D:92:5E:A4:55:95:0D:F9:A3:0F:51:33:C1:F6:8B
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/h9TTsOaNkl6kVZUN-aMPUTPB9os.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.82.0/23
193.233.88.0/22
193.233.136.0/21
193.233.210.0/23
193.233.228.0/22
193.233.248.0/22
Signature Algorithm: sha256WithRSAEncryption
30:2a:69:26:e1:9f:dd:f7:a4:c0:87:f5:b5:3c:52:4b:3a:a4:
a0:a5:66:15:2c:2b:6a:62:7f:d2:3d:17:a2:79:ef:14:13:42:
5f:ef:ba:5f:3e:42:40:5e:d8:fc:19:5c:e7:05:ae:25:46:a4:
62:27:d2:4a:2d:64:c0:81:2c:c3:73:4b:36:cb:78:e2:d6:47:
74:32:40:06:aa:b3:b6:df:b8:55:07:d2:72:09:30:60:57:99:
0a:cb:38:7a:63:5e:ef:81:06:31:f6:24:15:3f:23:7b:1b:c0:
61:6d:0c:f2:b5:03:3f:7f:cd:08:86:40:9a:7c:0a:10:1e:5c:
2a:c3:32:1d:a4:54:82:8a:74:df:d1:5d:d3:02:c3:27:64:d8:
e3:9c:f0:31:f3:52:8c:cb:cc:96:38:c3:13:48:91:fa:a4:4d:
43:48:fb:d1:5a:1b:2d:bb:cf:57:28:9a:98:1a:9c:85:a9:d3:
50:5f:a5:5b:54:79:c9:7c:a2:8e:99:dc:c0:ec:17:f5:cc:e9:
23:29:d0:f1:81:b1:5b:fa:9c:26:22:54:5a:b2:69:84:32:63:
5c:45:1e:62:e9:f0:f4:96:d6:69:4f:6e:61:7c:f8:61:ed:4c:
ce:d2:5f:7d:e7:63:6f:e6:45:c7:d1:1d:4c:a7:67:c8:42:75:
28:1f:86:54
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYhJtzm+9RCyufgLufS1byxtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwNTIzMTc0NTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2Q0ZDNiMGU2OGQ5MjVlYTQ1NTk1MGRmOWEzMGY1MTMzYzFmNjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA49ue76gJOxtcbwiTNZPkPSYOJkwP
9sEIlEUcRtSmUfWpf8630fuf3bVW82OvNfLR/xCACnCwTS0b3vr9XZdKmJYY0S2A
s1LKPcGD1PAQFvhs4tO4vscHBu62P3Yr5hwEGvQmzxDBQBuRLJKiI9CWq0rUSlQw
JTdL/dKlWQLUD7NkSABll50sdCG+i146x5LkHYf1iIVX8ir6Vv/F+JsmSEfh+0kQ
72VrLd1NcG0H4bUQ1Uh7WgwZ5+JCIQY7Hhu81lp9833Z1Zz9xxNxRBxrXI7jWlaR
UALmDiqOnKg9IQApyRu9u/C6g40rx7t2toRn07SEGoN8gQ/AXnBCOfM+pQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIfU07DmjZJepFWVDfmjD1EzwfaLMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvaDlUVHNPYU5rbDZrVlpVTi1hTVBVVFBCOW9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBwelSAwQC
welYAwQDwemIAwQBwenSAwQCwenkAwQCwen4MA0GCSqGSIb3DQEBCwUAA4IBAQAw
Kmkm4Z/d96TAh/W1PFJLOqSgpWYVLCtqYn/SPReiee8UE0Jf77pfPkJAXtj8GVzn
Ba4lRqRiJ9JKLWTAgSzDc0s2y3ji1kd0MkAGqrO237hVB9JyCTBgV5kKyzh6Y17v
gQYx9iQVPyN7G8BhbQzytQM/f80IhkCafAoQHlwqwzIdpFSCinTf0V3TAsMnZNjj
nPAx81KMy8yWOMMTSJH6pE1DSPvRWhstu89XKJqYGpyFqdNQX6VbVHnJfKKOmdzA
7Bf1zOkjKdDxgbFb+pwmIlRasmmEMmNcRR5i6fD0ltZpT25hfPhh7UzO0l9952Nv
5kXH0R1Mp2fIQnUoH4ZU
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:21 2024 by rpki-client on console-ams.rpki-client.org