Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/n284XyeRn7OUMy-W4AQlBp3bdbY.roa
File: n284XyeRn7OUMy-W4AQlBp3bdbY.roa (raw, json)
Hash identifier: y4xwHoGxIJI8GyJQOagXuwbPOmavvCkVJdvFNjlCO6c=
Subject key identifier: 9F:6F:38:5F:27:91:9F:B3:94:33:2F:96:E0:04:25:06:9D:DB:75:B6
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018C219F1012CEEF17A4B6362DAB97C64D90
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/n284XyeRn7OUMy-W4AQlBp3bdbY.roa
Signing time: Thu 30 Nov 2023 19:05:21 +0000
ROA not before: Thu 30 Nov 2023 19:05:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202423
IP address blocks: 193.233.31.0/24 maxlen: 24
193.233.149.0/24 maxlen: 24
193.233.174.0/24 maxlen: 24
193.233.72.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:21:9f:10:12:ce:ef:17:a4:b6:36:2d:ab:97:c6:4d:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Nov 30 19:05:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f6f385f27919fb394332f96e00425069ddb75b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ee:7b:fa:dd:38:4c:57:0b:74:7b:00:2f:f8:
13:dc:1f:e4:9e:02:ce:6c:3a:c0:8b:32:01:ef:5f:
e1:08:42:f4:5c:19:89:a0:45:ce:ef:cb:66:45:ff:
93:69:a0:bb:2d:ea:3b:33:0a:d0:7f:63:50:08:86:
d1:f6:86:fe:4b:6e:02:76:7b:b3:1b:13:7b:16:45:
43:e6:fc:b5:03:f4:9a:d4:4d:bc:3b:e1:c2:0a:ea:
45:1c:34:fa:13:b8:61:be:ba:2f:dd:a8:00:39:b5:
4d:61:6a:d1:8b:e9:ad:02:34:b7:89:ce:cd:14:73:
bb:ce:ed:eb:ac:8e:40:fb:74:c1:14:8a:cb:77:ab:
6e:3d:46:14:e8:96:52:10:f9:78:68:c9:51:84:00:
51:c5:d5:fa:bf:41:45:c6:9f:06:10:07:0e:e6:92:
ba:b3:31:56:fc:e0:0f:dd:dd:71:13:4c:7a:10:ac:
48:7d:d0:56:f2:1b:7f:95:fc:3d:83:fc:84:68:11:
62:d3:a0:39:40:c7:19:e9:87:1d:2b:d1:b7:93:28:
db:8e:9d:19:f8:7e:65:68:1b:1f:1f:44:5d:ee:a0:
93:28:c7:44:a4:d9:80:90:b0:bc:a8:d5:86:ff:f6:
37:f3:9d:52:41:19:4d:e1:6a:9f:39:f4:27:57:57:
76:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:6F:38:5F:27:91:9F:B3:94:33:2F:96:E0:04:25:06:9D:DB:75:B6
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/n284XyeRn7OUMy-W4AQlBp3bdbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.31.0/24
193.233.72.0/24
193.233.149.0/24
193.233.174.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:29:85:4d:c2:65:83:53:2b:94:b9:ee:8e:33:46:9a:c1:24:
ca:d0:bc:0e:4a:64:c2:50:eb:fd:35:a9:67:bb:23:67:50:76:
10:d6:1a:03:b5:b3:84:d9:1e:46:7d:af:ea:60:34:45:4b:f8:
30:64:f1:da:5c:1e:f2:b8:16:80:40:c0:12:97:ce:18:7a:20:
e9:8d:b1:91:5e:20:32:cd:ef:da:21:75:80:14:42:eb:1f:d5:
be:5d:00:4a:d2:6e:ae:fc:13:16:e9:fe:db:ae:d3:66:e5:b5:
26:65:75:e5:fe:01:17:7d:13:77:a6:3f:0b:ff:d9:36:35:c9:
ef:2c:88:e3:24:17:c5:37:e4:b5:e9:1d:89:d5:5a:a0:4d:99:
8e:b8:8e:6f:ba:24:2b:b1:1e:bc:83:01:d5:b5:39:e9:e1:c2:
3e:ae:34:bf:53:93:14:5c:73:31:17:0c:75:fa:4a:c2:44:c4:
dc:75:67:9a:4a:c8:be:c1:66:79:48:45:2d:7a:bc:78:27:f3:
48:09:aa:75:f6:f3:96:bd:cf:10:19:98:ea:c3:6d:30:d7:c4:
70:42:13:73:ce:1a:df:35:7c:fb:21:ff:06:15:95:3f:a8:6c:
ff:83:c8:7b:67:58:ed:c1:ce:dd:0f:1e:8e:fb:83:60:9d:8e:
75:e5:68:4f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYwhnxASzu8XpLY2LauXxk2QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMxMTMwMTkwNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjZmMzg1ZjI3OTE5ZmIzOTQzMzJmOTZlMDA0MjUwNjlkZGI3NWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAie57+t04TFcLdHsAL/gT3B/kngLO
bDrAizIB71/hCEL0XBmJoEXO78tmRf+TaaC7Leo7MwrQf2NQCIbR9ob+S24Cdnuz
GxN7FkVD5vy1A/Sa1E28O+HCCupFHDT6E7hhvrov3agAObVNYWrRi+mtAjS3ic7N
FHO7zu3rrI5A+3TBFIrLd6tuPUYU6JZSEPl4aMlRhABRxdX6v0FFxp8GEAcO5pK6
szFW/OAP3d1xE0x6EKxIfdBW8ht/lfw9g/yEaBFi06A5QMcZ6YcdK9G3kyjbjp0Z
+H5laBsfH0Rd7qCTKMdEpNmAkLC8qNWG//Y3851SQRlN4WqfOfQnV1d2RQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJ9vOF8nkZ+zlDMvluAEJQad23W2MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvbjI4NFh5ZVJuN09VTXktVzRBUWxCcDNiZGJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwekfAwQA
welIAwQAwemVAwQAwemuMA0GCSqGSIb3DQEBCwUAA4IBAQB7KYVNwmWDUyuUue6O
M0aawSTK0LwOSmTCUOv9NalnuyNnUHYQ1hoDtbOE2R5Gfa/qYDRFS/gwZPHaXB7y
uBaAQMASl84YeiDpjbGRXiAyze/aIXWAFELrH9W+XQBK0m6u/BMW6f7brtNm5bUm
ZXXl/gEXfRN3pj8L/9k2NcnvLIjjJBfFN+S16R2J1VqgTZmOuI5vuiQrsR68gwHV
tTnp4cI+rjS/U5MUXHMxFwx1+krCRMTcdWeaSsi+wWZ5SEUterx4J/NICap19vOW
vc8QGZjqw20w18RwQhNzzhrfNXz7If8GFZU/qGz/g8h7Z1jtwc7dDx6O+4NgnY51
5WhP
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:32 2024 by rpki-client on console-ams.rpki-client.org