Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/m7qavFOx6uzR2Y2ui4xV_QADGkM.roa
File: m7qavFOx6uzR2Y2ui4xV_QADGkM.roa (raw, json)
Hash identifier: ogV2ive9LvbfWARoqUK07JZdcyK+6OOZ74oIuWnGOX8=
Subject key identifier: 9B:BA:9A:BC:53:B1:EA:EC:D1:D9:8D:AE:8B:8C:55:FD:00:03:1A:43
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018CC7952E9086EA4C38D0F64B0B88AFA31F
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/m7qavFOx6uzR2Y2ui4xV_QADGkM.roa
Signing time: Tue 02 Jan 2024 00:31:31 +0000
ROA not before: Tue 02 Jan 2024 00:31:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199868
IP address blocks: 185.103.102.0/24 maxlen: 24
185.103.103.0/24 maxlen: 24
185.103.100.0/24 maxlen: 24
185.103.101.0/24 maxlen: 24
193.233.164.0/24 maxlen: 24
193.233.75.0/24 maxlen: 24
193.233.74.0/24 maxlen: 24
193.233.80.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Jan 2024 13:19:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:2e:90:86:ea:4c:38:d0:f6:4b:0b:88:af:a3:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 2 00:31:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9bba9abc53b1eaecd1d98dae8b8c55fd00031a43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:bc:b2:a8:8d:9a:14:5a:f2:80:17:9c:82:f4:
bf:3f:fa:b7:f8:ba:1e:50:c4:44:3a:2e:13:b8:10:
38:1a:63:6e:14:30:81:dc:8b:fe:99:23:12:22:02:
a6:61:5a:e6:c6:fd:7f:57:1d:ca:98:ad:ee:b1:b9:
69:4a:06:e4:26:55:a2:be:2d:fb:df:0d:c2:42:73:
8f:83:fb:d8:5b:b3:b4:44:89:82:73:23:c9:d4:d4:
8a:84:67:ee:c8:b8:fa:06:eb:51:62:83:14:83:62:
6f:ca:9f:3e:55:87:5f:41:f2:a7:a9:5f:cd:64:f5:
2d:aa:64:e9:77:50:2c:8d:f2:f7:f3:12:f7:ad:02:
d9:05:0b:f7:25:22:b4:54:ac:78:92:28:cf:cc:bb:
88:52:22:4e:d6:06:a4:e4:20:b1:18:c2:0c:1a:75:
f6:3b:b3:72:2a:ae:05:74:15:d4:88:03:cf:a5:84:
5f:ec:ea:e7:c7:7a:42:7b:c5:3f:1c:2b:66:45:b4:
41:42:19:04:a5:18:24:d6:0d:a3:fd:34:30:62:34:
a2:97:61:d2:3b:2a:4e:57:3d:6c:3b:47:9d:f3:91:
7b:12:cb:06:74:cf:82:64:af:99:ab:6d:f5:18:78:
3e:a5:d4:c9:54:1c:a5:ad:a1:ef:7a:d3:ae:18:f1:
57:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:BA:9A:BC:53:B1:EA:EC:D1:D9:8D:AE:8B:8C:55:FD:00:03:1A:43
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/m7qavFOx6uzR2Y2ui4xV_QADGkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.103.100.0/22
193.233.74.0/23
193.233.80.0/24
193.233.164.0/24
Signature Algorithm: sha256WithRSAEncryption
27:90:1c:13:a1:14:d6:02:9a:27:d8:8f:03:92:74:cf:19:29:
75:ce:90:44:3e:1c:00:d7:1f:c8:d0:76:c8:c4:ba:ee:51:3d:
c4:83:83:5c:9e:3f:83:08:e6:2e:17:8f:4e:3c:88:59:72:d2:
01:3a:f7:13:2b:83:a7:fc:02:61:44:c7:ea:b7:54:9d:a2:57:
90:d6:8c:7a:e6:30:f8:d6:b3:e2:1b:4e:48:1c:cc:a6:84:eb:
83:cb:5f:9a:fb:67:36:cd:f8:0c:d1:b9:e4:d3:f9:c4:6c:c8:
58:05:ef:87:2d:71:f0:49:4c:e2:63:77:58:d4:c2:2c:e7:ed:
6e:a9:7b:80:c0:cc:c9:d4:43:8c:14:f8:13:c3:3d:ad:5c:05:
01:48:ad:b8:bc:53:ba:b9:c3:06:84:da:40:d4:45:68:72:6a:
ae:f0:cc:61:b5:19:a0:52:ec:7d:0f:97:c0:f8:79:08:06:83:
e2:b9:78:b8:38:c0:20:b5:37:03:95:90:7a:64:e0:03:a1:b4:
8f:c0:7d:36:f9:48:21:38:b8:38:dc:fd:fc:6a:e6:ee:f7:bd:
fd:cf:40:8b:4a:9d:f8:ea:6a:90:cb:9b:86:38:86:10:3f:41:
ac:d7:e6:73:1c:3b:3b:92:9f:9d:b9:14:35:12:0e:ec:23:eb:
58:c2:40:1b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzHlS6QhupMOND2SwuIr6MfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMTAyMDAzMTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmJhOWFiYzUzYjFlYWVjZDFkOThkYWU4YjhjNTVmZDAwMDMxYTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLyyqI2aFFrygBecgvS/P/q3+Loe
UMREOi4TuBA4GmNuFDCB3Iv+mSMSIgKmYVrmxv1/Vx3KmK3usblpSgbkJlWivi37
3w3CQnOPg/vYW7O0RImCcyPJ1NSKhGfuyLj6ButRYoMUg2Jvyp8+VYdfQfKnqV/N
ZPUtqmTpd1AsjfL38xL3rQLZBQv3JSK0VKx4kijPzLuIUiJO1gak5CCxGMIMGnX2
O7NyKq4FdBXUiAPPpYRf7Ornx3pCe8U/HCtmRbRBQhkEpRgk1g2j/TQwYjSil2HS
OypOVz1sO0ed85F7EssGdM+CZK+Zq231GHg+pdTJVBylraHvetOuGPFXSwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJu6mrxTsers0dmNrouMVf0AAxpDMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvbTdxYXZGT3g2dXpSMlkydWk0eFZfUUFER2tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuWdkAwQB
welKAwQAwelQAwQAwemkMA0GCSqGSIb3DQEBCwUAA4IBAQAnkBwToRTWApon2I8D
knTPGSl1zpBEPhwA1x/I0HbIxLruUT3Eg4Ncnj+DCOYuF49OPIhZctIBOvcTK4On
/AJhRMfqt1SdoleQ1ox65jD41rPiG05IHMymhOuDy1+a+2c2zfgM0bnk0/nEbMhY
Be+HLXHwSUziY3dY1MIs5+1uqXuAwMzJ1EOMFPgTwz2tXAUBSK24vFO6ucMGhNpA
1EVocmqu8MxhtRmgUux9D5fA+HkIBoPiuXi4OMAgtTcDlZB6ZOADobSPwH02+Ugh
OLg43P38aubu9739z0CLSp346mqQy5uGOIYQP0Gs1+ZzHDs7kp+duRQ1Eg7sI+tY
wkAb
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:32 2024 by rpki-client on console-ams.rpki-client.org