Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/nExIFLDufcrYZ2guoWsONEvURpU.roa
File: nExIFLDufcrYZ2guoWsONEvURpU.roa (raw, json)
Hash identifier: tm1ETv8uAXP9qSVIbzZOH2byzaH322Z5mnDOVVu+zz0=
Subject key identifier: 9C:4C:48:14:B0:EE:7D:CA:D8:67:68:2E:A1:6B:0E:34:4B:D4:46:95
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 01856F26F256B356F7D9C09D07EC891635A6
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/nExIFLDufcrYZ2guoWsONEvURpU.roa
Signing time: Sun 01 Jan 2023 21:05:01 +0000
ROA not before: Sun 01 Jan 2023 21:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207967
IP address blocks: 193.233.124.0/23 maxlen: 23
193.233.126.0/23 maxlen: 23
193.233.104.0/22 maxlen: 22
193.233.112.0/22 maxlen: 22
193.233.108.0/22 maxlen: 22
193.233.116.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:f2:56:b3:56:f7:d9:c0:9d:07:ec:89:16:35:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 21:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c4c4814b0ee7dcad867682ea16b0e344bd44695
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:1e:90:ee:31:b3:28:1b:a1:3e:17:27:a6:fd:
6d:e7:5c:73:24:bb:e8:62:ea:f3:ba:8e:cd:27:4d:
7b:46:89:fb:20:0c:38:c6:88:c3:52:5c:45:5f:96:
89:68:8d:d8:db:c0:31:dd:3f:63:74:a5:81:d0:37:
b2:55:56:d9:6d:c4:c2:90:a8:8a:ad:94:9c:79:c6:
31:30:fb:50:65:9b:8e:7d:02:a7:06:2a:1c:10:c3:
c7:ea:e5:3c:7d:9f:f5:a1:d3:12:56:2f:c1:35:9d:
71:18:3b:2d:3d:1f:6f:80:87:c8:00:41:02:c8:74:
65:d0:15:63:03:b5:a4:22:4c:b5:46:70:b6:75:3a:
c6:0b:fa:5b:05:53:68:cb:1a:a8:6e:7d:3d:0a:b9:
60:f5:96:e9:67:7e:e9:23:8e:c8:42:fa:56:a8:b8:
df:ea:2c:5a:07:f7:6e:cf:78:39:e5:bc:af:7d:f8:
b9:da:d5:cd:86:c1:f0:87:10:80:5b:be:c6:35:8f:
b2:f3:44:f8:65:bd:c5:9f:ac:ec:c9:1f:ce:91:32:
b1:a7:89:1b:75:06:94:6f:60:af:b2:8c:d9:b8:81:
b4:d0:be:ec:e2:87:5b:64:7b:e4:ef:26:c0:ae:f8:
27:19:2b:52:29:59:d6:14:05:87:eb:27:28:a9:21:
e1:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:4C:48:14:B0:EE:7D:CA:D8:67:68:2E:A1:6B:0E:34:4B:D4:46:95
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/nExIFLDufcrYZ2guoWsONEvURpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.104.0-193.233.119.255
193.233.124.0/22
Signature Algorithm: sha256WithRSAEncryption
89:af:a4:a5:c4:05:c9:1b:12:02:57:0d:85:14:5e:1e:73:51:
31:c6:a3:9a:e3:35:a0:eb:87:02:9d:0f:01:9c:5c:fc:6e:2a:
4b:4b:40:10:75:6a:aa:5f:7d:f6:ca:18:14:9b:0c:69:07:2c:
31:d4:1e:08:5b:b7:ac:3b:cd:08:8b:43:98:48:75:69:fa:bf:
a2:b4:7c:90:92:29:b7:fb:b8:42:5e:f0:7f:c6:50:58:96:09:
31:f0:01:66:d9:c4:e8:cd:8f:91:1b:95:e8:81:c0:64:83:50:
3a:2a:52:82:3f:84:ab:ad:88:77:1c:47:a6:1a:6d:1c:76:4b:
31:4e:6e:71:9b:d7:23:a4:09:19:41:d5:75:fa:74:cf:f7:3b:
27:94:2f:29:b2:8a:29:11:d3:0c:db:48:06:d4:e2:7d:b8:dd:
c5:e1:67:20:f1:66:4b:5c:35:c3:7a:ce:4d:39:27:61:e1:da:
39:d2:20:8d:89:75:5c:82:a7:fc:77:d3:ac:0b:bb:21:45:85:
29:ba:0f:a0:8f:fb:4b:ae:c4:23:c9:68:43:24:0b:cd:52:70:
45:2a:ae:36:99:4b:0e:2e:6e:48:ec:76:45:59:c1:93:88:cf:
dc:ce:3a:8c:ea:ed:8e:27:4c:a7:f4:18:f5:a0:0b:c0:9a:0c:
52:a9:21:d0
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVvJvJWs1b32cCdB+yJFjWmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwMTAxMjEwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzRjNDgxNGIwZWU3ZGNhZDg2NzY4MmVhMTZiMGUzNDRiZDQ0Njk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApx6Q7jGzKBuhPhcnpv1t51xzJLvo
Yurzuo7NJ017Ron7IAw4xojDUlxFX5aJaI3Y28Ax3T9jdKWB0DeyVVbZbcTCkKiK
rZScecYxMPtQZZuOfQKnBiocEMPH6uU8fZ/1odMSVi/BNZ1xGDstPR9vgIfIAEEC
yHRl0BVjA7WkIky1RnC2dTrGC/pbBVNoyxqobn09Crlg9ZbpZ37pI47IQvpWqLjf
6ixaB/duz3g55byvffi52tXNhsHwhxCAW77GNY+y80T4Zb3Fn6zsyR/OkTKxp4kb
dQaUb2CvsozZuIG00L7s4odbZHvk7ybArvgnGStSKVnWFAWH6ycoqSHhXwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJxMSBSw7n3K2GdoLqFrDjRL1EaVMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvbkV4SUZMRHVmY3JZWjJndW9Xc09ORXZVUnBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAPB6WgD
BAPB6XADBALB6XwwDQYJKoZIhvcNAQELBQADggEBAImvpKXEBckbEgJXDYUUXh5z
UTHGo5rjNaDrhwKdDwGcXPxuKktLQBB1aqpfffbKGBSbDGkHLDHUHghbt6w7zQiL
Q5hIdWn6v6K0fJCSKbf7uEJe8H/GUFiWCTHwAWbZxOjNj5EbleiBwGSDUDoqUoI/
hKutiHccR6YabRx2SzFObnGb1yOkCRlB1XX6dM/3OyeULymyiikR0wzbSAbU4n24
3cXhZyDxZktcNcN6zk05J2Hh2jnSII2JdVyCp/x306wLuyFFhSm6D6CP+0uuxCPJ
aEMkC81ScEUqrjaZSw4ubkjsdkVZwZOIz9zOOozq7Y4nTKf0GPWgC8CaDFKpIdA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:31 2023 by rpki-client on console-ams.rpki-client.org