Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/kc1ygK_cl_NhqvZuDavM5e2kLfk.roa
File: kc1ygK_cl_NhqvZuDavM5e2kLfk.roa (raw, json)
Hash identifier: 1SxUxe7YCoxrFikSStyAYfpxt5O/Y9YAcedHUG9cEn8=
Subject key identifier: 91:CD:72:80:AF:DC:97:F3:61:AA:F6:6E:0D:AB:CC:E5:ED:A4:2D:F9
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0185ACA61DE622F909E05AE3F5C3A39CC642
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/kc1ygK_cl_NhqvZuDavM5e2kLfk.roa
Signing time: Fri 13 Jan 2023 19:40:45 +0000
ROA not before: Fri 13 Jan 2023 19:40:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49392
IP address blocks: 193.233.252.0/23 maxlen: 23
193.233.192.0/24 maxlen: 24
193.233.85.0/24 maxlen: 24
193.233.193.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ac:a6:1d:e6:22:f9:09:e0:5a:e3:f5:c3:a3:9c:c6:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 13 19:40:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91cd7280afdc97f361aaf66e0dabcce5eda42df9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:4e:de:f8:1e:d7:d7:bd:95:34:41:62:6f:40:
f7:d2:7b:c9:fc:80:59:e5:84:79:86:0c:c2:75:9e:
ff:ef:7f:10:3b:c9:c8:5a:48:e7:6e:c9:2d:88:ea:
65:54:ca:a8:23:1f:2d:1a:0f:98:93:64:bd:6b:0b:
8f:cb:08:92:55:5e:37:a0:3e:d9:a0:65:0f:35:89:
3f:dc:f2:7d:dc:29:e6:5a:0e:4f:2c:58:8f:0a:ce:
02:a3:f5:ac:bd:5a:00:14:4d:ff:d1:6d:35:d0:7e:
a4:54:30:09:0c:62:78:6b:68:32:18:cb:24:e1:f4:
5a:c1:8f:57:dd:1b:a9:67:74:c1:02:cf:ea:6b:f4:
67:c4:ba:58:31:e4:b5:66:f6:e0:79:4d:1d:1a:9a:
d1:f3:e9:71:fd:73:21:71:0a:44:e1:3e:55:f1:69:
22:41:98:fb:ba:c2:56:3f:55:5e:52:dc:28:4a:a3:
8f:df:a8:3e:11:66:a1:ff:0e:6f:19:23:93:05:ae:
f1:2a:cd:f5:31:d1:75:3f:f4:7f:d0:7c:6c:ef:d9:
76:6d:42:a8:76:79:c1:b4:3f:6d:0e:8f:60:8d:fd:
3f:60:2e:7e:10:1e:a8:1e:27:31:0b:f6:af:82:c0:
c3:fe:72:40:78:a8:a2:de:c9:70:a1:7e:3d:fb:88:
7e:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:CD:72:80:AF:DC:97:F3:61:AA:F6:6E:0D:AB:CC:E5:ED:A4:2D:F9
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/kc1ygK_cl_NhqvZuDavM5e2kLfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.85.0/24
193.233.192.0/23
193.233.252.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:5c:34:80:c3:68:05:5a:0e:14:f4:53:7a:25:b5:d5:55:73:
ef:a4:1a:d5:64:c8:6a:69:15:f9:92:5b:89:c9:b7:2b:a6:b1:
f8:04:5b:b7:ec:0a:1f:1d:34:af:09:c4:ba:b8:24:b3:d3:9b:
da:aa:6b:00:44:19:a9:51:a0:eb:f1:ef:b0:6b:45:c5:1a:f9:
ac:82:88:7d:7b:74:85:94:b6:59:e2:fd:83:5d:a5:02:50:cd:
65:31:53:30:5d:df:1f:9a:f6:a2:85:83:a9:92:05:28:df:80:
cd:d6:91:45:e0:f8:a1:e2:76:1f:8b:01:f4:3c:2a:27:ef:f5:
f0:d4:10:74:5b:0b:76:26:69:ad:25:17:4c:84:a9:e4:5a:ea:
b7:3c:13:fd:9d:fc:77:ef:60:d1:d9:4b:fb:1c:34:08:43:76:
96:b4:70:1f:38:41:52:7f:69:96:d5:13:d5:74:c7:76:69:7f:
de:5e:5e:00:66:94:ef:de:6e:31:fd:e5:81:55:4f:83:77:7d:
ce:a4:c1:1d:79:07:d4:2b:d8:eb:70:4a:ea:0f:e0:64:67:e4:
eb:3b:59:da:0f:d8:40:76:75:b8:cb:ef:40:aa:9d:a7:5e:38:
51:1f:25:a2:fa:2f:b5:75:1c:24:95:13:cb:c1:21:f1:d4:9e:
91:37:c6:27
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYWsph3mIvkJ4Frj9cOjnMZCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwMTEzMTk0MDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWNkNzI4MGFmZGM5N2YzNjFhYWY2NmUwZGFiY2NlNWVkYTQyZGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnk7e+B7X172VNEFib0D30nvJ/IBZ
5YR5hgzCdZ7/738QO8nIWkjnbsktiOplVMqoIx8tGg+Yk2S9awuPywiSVV43oD7Z
oGUPNYk/3PJ93CnmWg5PLFiPCs4Co/WsvVoAFE3/0W010H6kVDAJDGJ4a2gyGMsk
4fRawY9X3RupZ3TBAs/qa/RnxLpYMeS1ZvbgeU0dGprR8+lx/XMhcQpE4T5V8Wki
QZj7usJWP1VeUtwoSqOP36g+EWah/w5vGSOTBa7xKs31MdF1P/R/0Hxs79l2bUKo
dnnBtD9tDo9gjf0/YC5+EB6oHicxC/avgsDD/nJAeKii3slwoX49+4h+3QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJHNcoCv3JfzYar2bg2rzOXtpC35MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEva2MxeWdLX2NsX05ocXZadURhdk01ZTJrTGZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwelVAwQB
wenAAwQBwen8MA0GCSqGSIb3DQEBCwUAA4IBAQBbXDSAw2gFWg4U9FN6JbXVVXPv
pBrVZMhqaRX5kluJybcrprH4BFu37AofHTSvCcS6uCSz05vaqmsARBmpUaDr8e+w
a0XFGvmsgoh9e3SFlLZZ4v2DXaUCUM1lMVMwXd8fmvaihYOpkgUo34DN1pFF4Pih
4nYfiwH0PCon7/Xw1BB0Wwt2JmmtJRdMhKnkWuq3PBP9nfx372DR2Uv7HDQIQ3aW
tHAfOEFSf2mW1RPVdMd2aX/eXl4AZpTv3m4x/eWBVU+Dd33OpMEdeQfUK9jrcErq
D+BkZ+TrO1naD9hAdnW4y+9Aqp2nXjhRHyWi+i+1dRwklRPLwSHx1J6RN8Yn
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:31 2023 by rpki-client on console-ams.rpki-client.org