Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/kfYbLm3vbJuhWFeioxDbVcachU8.roa
File: kfYbLm3vbJuhWFeioxDbVcachU8.roa (raw, json)
Hash identifier: 6ng1QV1qAa836h8ykcDF4xxR/e/4eSOgjBO6g6Ugics=
Subject key identifier: 91:F6:1B:2E:6D:EF:6C:9B:A1:58:57:A2:A3:10:DB:55:C6:9C:85:4F
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0186C080A1924A6D2293EEA3E1BE0A0CDE54
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/kfYbLm3vbJuhWFeioxDbVcachU8.roa
Signing time: Wed 08 Mar 2023 09:15:00 +0000
ROA not before: Wed 08 Mar 2023 09:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9123
IP address blocks: 193.233.98.0/24 maxlen: 24
193.233.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Mar 2023 19:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c0:80:a1:92:4a:6d:22:93:ee:a3:e1:be:0a:0c:de:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Mar 8 09:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91f61b2e6def6c9ba15857a2a310db55c69c854f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fd:04:06:76:53:92:dd:11:9a:1a:63:27:28:
a2:c8:7f:bf:20:f5:f8:35:14:88:28:5e:ef:60:e8:
48:9e:92:5a:be:ca:93:86:bd:1c:97:07:88:2f:24:
54:dd:30:17:95:f0:d1:1e:5a:bf:1e:a1:b7:9f:86:
14:f9:ba:db:12:80:cc:68:41:ec:d7:5e:37:7a:7e:
2d:76:2a:71:24:ed:cf:fc:a1:b6:af:bc:22:86:a3:
84:74:3e:94:1c:a6:1f:a5:e9:72:73:2f:52:72:37:
ec:a6:9d:9a:27:7f:cc:bd:74:06:4d:a2:9a:69:53:
65:4e:34:91:08:54:18:51:33:f3:45:20:4f:bb:ec:
a7:33:81:14:78:9c:69:b2:86:6f:d0:2b:5b:f1:7d:
d4:79:6c:50:91:75:1b:49:55:8f:35:eb:90:f7:e2:
2f:45:e3:8c:9a:a0:f2:c6:d2:23:0c:b8:04:64:2b:
16:9c:41:77:01:51:89:a5:6b:9b:20:a9:da:88:8d:
b0:ea:02:6e:99:7e:e2:d4:f1:e2:18:96:37:bf:13:
04:61:ec:d1:88:bc:25:84:18:67:74:d2:c3:a8:8d:
38:e4:f0:84:d2:f9:f8:f3:38:c5:74:34:23:b6:4d:
8d:87:4c:e6:9f:99:8d:6b:94:a3:98:2c:06:c4:29:
44:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:F6:1B:2E:6D:EF:6C:9B:A1:58:57:A2:A3:10:DB:55:C6:9C:85:4F
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/kfYbLm3vbJuhWFeioxDbVcachU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.98.0/23
Signature Algorithm: sha256WithRSAEncryption
53:b6:12:a0:ee:28:56:4d:2b:67:43:59:6f:15:2d:49:b2:40:
c5:c9:c2:b7:ca:73:be:71:b0:c5:b8:bf:2a:7b:87:9d:7e:8e:
f4:4e:58:99:83:eb:99:89:97:01:2c:ea:23:90:4e:a1:31:c6:
86:46:5b:9f:1b:8d:c0:88:c9:87:de:9b:30:9b:d7:5a:36:23:
94:eb:9d:78:03:78:4b:94:0d:11:91:1a:90:43:1d:8a:34:d9:
69:3e:4f:5a:11:87:d9:b9:7a:28:17:7d:e8:5e:c3:46:4c:0d:
0e:11:bf:2d:65:ea:29:a0:01:ff:1c:b7:65:e7:6d:b5:47:b1:
b7:f6:0f:af:a7:26:76:b7:1e:c1:c7:18:bf:06:20:cd:59:7c:
1d:4a:da:0c:54:09:92:f0:0a:f5:a4:90:3b:13:54:28:8d:24:
0a:c6:41:3b:7f:da:60:43:a4:f1:9c:cb:b0:9b:ae:38:37:04:
aa:eb:d0:78:5d:25:f0:bb:28:ca:c4:00:e7:35:72:a7:5c:c4:
75:aa:eb:ad:9e:91:10:75:69:4c:c0:72:6b:16:47:0a:4c:ec:
fc:fb:9e:83:8e:06:39:34:7d:e6:83:e2:0e:1d:d1:6d:25:1d:
90:6d:58:f2:8f:70:bd:13:e2:90:f7:f7:a2:bc:a2:09:a1:65:
46:7f:d4:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbAgKGSSm0ik+6j4b4KDN5UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwMzA4MDkxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWY2MWIyZTZkZWY2YzliYTE1ODU3YTJhMzEwZGI1NWM2OWM4NTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/0EBnZTkt0RmhpjJyiiyH+/IPX4
NRSIKF7vYOhInpJavsqThr0clweILyRU3TAXlfDRHlq/HqG3n4YU+brbEoDMaEHs
1143en4tdipxJO3P/KG2r7wihqOEdD6UHKYfpelycy9Scjfspp2aJ3/MvXQGTaKa
aVNlTjSRCFQYUTPzRSBPu+ynM4EUeJxpsoZv0Ctb8X3UeWxQkXUbSVWPNeuQ9+Iv
ReOMmqDyxtIjDLgEZCsWnEF3AVGJpWubIKnaiI2w6gJumX7i1PHiGJY3vxMEYezR
iLwlhBhndNLDqI045PCE0vn48zjFdDQjtk2Nh0zmn5mNa5SjmCwGxClEbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJH2Gy5t72yboVhXoqMQ21XGnIVPMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEva2ZZYkxtM3ZiSnVoV0ZlaW94RGJWY2FjaFU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBweliMA0G
CSqGSIb3DQEBCwUAA4IBAQBTthKg7ihWTStnQ1lvFS1JskDFycK3ynO+cbDFuL8q
e4edfo70TliZg+uZiZcBLOojkE6hMcaGRlufG43AiMmH3pswm9daNiOU6514A3hL
lA0RkRqQQx2KNNlpPk9aEYfZuXooF33oXsNGTA0OEb8tZeopoAH/HLdl5221R7G3
9g+vpyZ2tx7Bxxi/BiDNWXwdStoMVAmS8Ar1pJA7E1QojSQKxkE7f9pgQ6TxnMuw
m644NwSq69B4XSXwuyjKxADnNXKnXMR1quutnpEQdWlMwHJrFkcKTOz8+56DjgY5
NH3mg+IOHdFtJR2QbVjyj3C9E+KQ9/eivKIJoWVGf9TE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:39 2024 by rpki-client on console-fra.rpki-client.org