Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/m4U-AIC2iiNXnPncOHNnCQxhWug.roa
File: m4U-AIC2iiNXnPncOHNnCQxhWug.roa (raw, json)
Hash identifier: lwiljH3hecTGGD0KLxpIuh/qUewgE0r5hi/wIaKQpF8=
Subject key identifier: 9B:85:3E:00:80:B6:8A:23:57:9C:F9:DC:38:73:67:09:0C:61:5A:E8
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0188E88D06C40B21C90ABF7EEC3AEE890053
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/m4U-AIC2iiNXnPncOHNnCQxhWug.roa
Signing time: Fri 23 Jun 2023 13:58:56 +0000
ROA not before: Fri 23 Jun 2023 13:58:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207713
IP address blocks: 193.233.18.0/24 maxlen: 24
193.233.48.0/24 maxlen: 24
193.233.49.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e8:8d:06:c4:0b:21:c9:0a:bf:7e:ec:3a:ee:89:00:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jun 23 13:58:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9b853e0080b68a23579cf9dc387367090c615ae8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:87:be:c6:13:05:2d:fc:0e:e5:e4:bf:43:ad:
aa:e7:30:9f:74:3c:5c:46:0b:27:ac:0e:79:87:b9:
a5:7b:b0:02:52:f1:91:f2:8a:dc:2d:9c:91:76:dc:
1f:cb:45:5a:49:3c:b5:9d:60:dd:36:ca:4f:24:30:
94:de:44:02:25:cd:9a:39:cc:c6:c8:e7:37:6f:35:
25:46:da:d4:78:90:41:65:a0:0b:40:b7:1d:45:e7:
aa:2a:5b:28:0e:4f:fc:bb:33:61:e5:24:ab:8a:9e:
76:95:c8:79:a3:3f:0e:dd:d8:6a:b5:40:26:e4:ea:
db:fb:8c:c1:29:22:6c:a9:87:af:cd:3e:8e:df:59:
41:46:bf:01:9b:84:0f:51:47:4d:2c:05:47:99:a5:
a8:c6:4e:2d:12:af:dd:83:8f:62:2d:56:2a:34:00:
23:6b:0b:0b:72:c6:ae:5f:5b:44:10:f0:db:43:21:
7c:f5:6f:c6:ac:97:14:77:11:1f:b3:6f:2d:b9:88:
df:cf:c0:42:8e:93:82:a7:8b:4b:f4:8f:69:12:d3:
5a:70:98:2b:f3:1e:98:1e:7e:63:d1:b2:e4:87:90:
81:35:a1:a9:75:b9:de:d4:32:12:57:26:4a:cd:85:
a7:9b:7b:50:d6:60:0a:55:a5:4b:58:0f:83:58:f8:
67:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:85:3E:00:80:B6:8A:23:57:9C:F9:DC:38:73:67:09:0C:61:5A:E8
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/m4U-AIC2iiNXnPncOHNnCQxhWug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.18.0/24
193.233.48.0/23
Signature Algorithm: sha256WithRSAEncryption
38:f7:48:79:a9:59:c2:b9:ed:2a:58:69:9a:2d:59:90:35:76:
81:a8:c7:63:a0:1c:db:96:db:f0:21:2a:bf:a2:19:32:45:92:
b4:0b:1f:12:60:73:be:e4:e9:20:62:11:9a:94:da:f0:69:f0:
f4:a9:0b:77:5c:38:0e:aa:5c:48:94:21:44:84:03:19:4f:c7:
0d:3d:30:55:02:61:74:76:bb:4e:27:fe:ff:86:8f:b9:fa:55:
9f:0d:2c:22:44:82:ec:de:c3:ca:27:a5:9a:88:95:a4:0e:8a:
2e:1a:d9:65:31:ac:b0:b3:5c:13:02:53:90:d7:46:f4:9e:46:
e2:f4:ca:65:c6:26:f8:03:af:e4:44:ca:6d:01:83:53:22:a8:
1e:38:c7:7b:31:ed:34:83:e6:6e:de:5c:d9:b6:1b:3a:09:b6:
e3:af:0b:77:83:c0:2b:7d:2f:4c:51:f8:64:ac:bd:73:5d:e8:
26:4a:19:eb:04:89:b5:74:2c:a7:10:28:4f:02:3a:dd:ac:3d:
a1:84:36:f8:b8:c7:0e:9c:eb:56:3e:ff:e0:6f:d1:76:66:a4:
5c:6c:dc:fd:38:f1:ea:07:2d:2f:2c:f8:c0:f7:85:a4:a0:81:
b0:ab:96:c1:49:c4:d1:c2:b6:77:56:ac:bb:c7:0b:77:14:83:
5b:2d:8f:96
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYjojQbECyHJCr9+7DruiQBTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwNjIzMTM1ODU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yjg1M2UwMDgwYjY4YTIzNTc5Y2Y5ZGMzODczNjcwOTBjNjE1YWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYe+xhMFLfwO5eS/Q62q5zCfdDxc
RgsnrA55h7mle7ACUvGR8orcLZyRdtwfy0VaSTy1nWDdNspPJDCU3kQCJc2aOczG
yOc3bzUlRtrUeJBBZaALQLcdReeqKlsoDk/8uzNh5SSrip52lch5oz8O3dhqtUAm
5Orb+4zBKSJsqYevzT6O31lBRr8Bm4QPUUdNLAVHmaWoxk4tEq/dg49iLVYqNAAj
awsLcsauX1tEEPDbQyF89W/GrJcUdxEfs28tuYjfz8BCjpOCp4tL9I9pEtNacJgr
8x6YHn5j0bLkh5CBNaGpdbne1DISVyZKzYWnm3tQ1mAKVaVLWA+DWPhn+wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJuFPgCAtoojV5z53DhzZwkMYVroMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvbTRVLUFJQzJpaU5YblBuY09ITm5DUXhoV3VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwekSAwQB
wekwMA0GCSqGSIb3DQEBCwUAA4IBAQA490h5qVnCue0qWGmaLVmQNXaBqMdjoBzb
ltvwISq/ohkyRZK0Cx8SYHO+5OkgYhGalNrwafD0qQt3XDgOqlxIlCFEhAMZT8cN
PTBVAmF0drtOJ/7/ho+5+lWfDSwiRILs3sPKJ6WaiJWkDoouGtllMayws1wTAlOQ
10b0nkbi9Mplxib4A6/kRMptAYNTIqgeOMd7Me00g+Zu3lzZths6Cbbjrwt3g8Ar
fS9MUfhkrL1zXegmShnrBIm1dCynEChPAjrdrD2hhDb4uMcOnOtWPv/gb9F2ZqRc
bNz9OPHqBy0vLPjA94WkoIGwq5bBScTRwrZ3Vqy7xwt3FINbLY+W
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:21 2024 by rpki-client on console-ams.rpki-client.org