Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/oLS_9B1_ZJHa1fTlE1fI7tY2G_g.roa
File: oLS_9B1_ZJHa1fTlE1fI7tY2G_g.roa (raw, json)
Hash identifier: jQrmBMGXIesXX7oCKzZ0m+LDMtKuqi4jxvr3EMKpDxA=
Subject key identifier: A0:B4:BF:F4:1D:7F:64:91:DA:D5:F4:E5:13:57:C8:EE:D6:36:1B:F8
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 01856F26E669B855FBD74B963A3E2CBFFE85
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/oLS_9B1_ZJHa1fTlE1fI7tY2G_g.roa
Signing time: Sun 01 Jan 2023 21:04:58 +0000
ROA not before: Sun 01 Jan 2023 21:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49453
IP address blocks: 193.233.248.0/24 maxlen: 24
193.233.251.0/24 maxlen: 24
193.233.250.0/24 maxlen: 24
193.233.249.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:e6:69:b8:55:fb:d7:4b:96:3a:3e:2c:bf:fe:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 21:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0b4bff41d7f6491dad5f4e51357c8eed6361bf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:23:87:d7:74:14:ee:36:eb:96:b8:27:32:bc:
62:11:d5:c2:8b:ee:e0:f7:90:3a:4a:fe:32:77:f1:
28:e6:fe:14:c8:1e:e1:60:a5:50:e3:5f:d3:74:83:
c2:d8:10:4c:36:f9:aa:b7:96:b5:b9:2e:59:d4:3a:
cb:7b:64:86:cb:8c:09:fb:b8:26:f7:fd:33:ed:38:
99:8d:e8:77:80:d6:73:51:59:c3:ef:fc:a4:90:b7:
b6:e8:d8:76:30:f7:7b:fc:14:96:86:e0:ef:6a:0d:
8a:24:fe:1d:4d:55:fe:a8:56:2f:00:93:ec:7e:a0:
fa:d5:1e:53:ff:09:c2:3a:c1:e9:95:b5:c8:47:ca:
b2:44:aa:de:2b:3a:f3:dc:59:41:63:2e:32:16:bc:
96:c3:4a:14:81:93:05:e4:4b:53:43:6a:a2:64:1c:
af:81:f2:1e:81:ba:a6:8c:51:d3:b4:fd:db:81:fb:
f6:3d:6c:09:46:b2:92:d6:0d:6b:fb:99:61:4b:df:
e8:b9:2e:16:5a:d7:bd:da:08:cc:7d:5e:90:b2:13:
d7:20:de:e6:4d:15:36:ef:42:f4:9b:60:3c:02:08:
62:4f:e5:07:5b:d8:0c:92:72:c6:54:e6:82:cd:ec:
f0:76:77:d5:20:b6:70:ea:95:ee:61:a3:7c:82:a6:
fd:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:B4:BF:F4:1D:7F:64:91:DA:D5:F4:E5:13:57:C8:EE:D6:36:1B:F8
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/oLS_9B1_ZJHa1fTlE1fI7tY2G_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.248.0/22
Signature Algorithm: sha256WithRSAEncryption
76:ab:ce:d0:c4:3a:a1:ad:ed:5f:e8:5c:9e:69:4a:9e:f8:e2:
04:50:e5:46:6b:85:ae:8e:10:33:6a:df:96:c2:42:db:8b:1c:
2c:5b:05:26:bb:c8:01:37:94:ae:fe:0c:33:6e:ce:f3:65:15:
a0:57:19:09:7b:97:67:dc:1a:29:9a:56:8e:38:41:70:92:ba:
8c:df:db:e4:c5:a4:ab:ce:70:4b:71:33:8c:00:06:8c:ce:3a:
74:07:17:3a:15:c3:45:a7:26:2e:39:05:d5:16:37:c4:e2:44:
81:0b:b9:ea:05:88:3d:51:14:35:6f:e4:72:b2:b7:97:6d:5f:
52:f7:76:fc:37:32:5f:0c:8e:e1:af:b7:e6:a9:3d:21:80:09:
48:51:3d:35:aa:0f:15:5a:d3:0b:76:15:f8:bf:e6:12:f0:68:
b8:9d:35:a4:b7:5c:f5:b8:77:c4:0e:08:28:42:71:e8:37:4a:
6d:09:ea:03:34:cb:c7:91:f5:54:35:af:a9:09:8b:1c:8c:3e:
10:bf:dc:b2:90:7c:2f:38:b0:bf:86:3a:7c:54:70:1d:61:51:
d9:7d:23:86:bb:cf:69:c9:86:d6:3e:e3:11:82:6b:ba:ef:51:
12:ba:0b:af:20:e8:85:aa:e1:76:c7:94:c1:d8:43:cd:9f:e4:
f5:a6:84:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvJuZpuFX710uWOj4sv/6FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwMTAxMjEwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGI0YmZmNDFkN2Y2NDkxZGFkNWY0ZTUxMzU3YzhlZWQ2MzYxYmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyOH13QU7jbrlrgnMrxiEdXCi+7g
95A6Sv4yd/Eo5v4UyB7hYKVQ41/TdIPC2BBMNvmqt5a1uS5Z1DrLe2SGy4wJ+7gm
9/0z7TiZjeh3gNZzUVnD7/ykkLe26Nh2MPd7/BSWhuDvag2KJP4dTVX+qFYvAJPs
fqD61R5T/wnCOsHplbXIR8qyRKreKzrz3FlBYy4yFryWw0oUgZMF5EtTQ2qiZByv
gfIegbqmjFHTtP3bgfv2PWwJRrKS1g1r+5lhS9/ouS4WWte92gjMfV6QshPXIN7m
TRU270L0m2A8AghiT+UHW9gMknLGVOaCzezwdnfVILZw6pXuYaN8gqb99QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKC0v/Qdf2SR2tX05RNXyO7WNhv4MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvb0xTXzlCMV9aSkhhMWZUbEUxZkk3dFkyR19nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwen4MA0G
CSqGSIb3DQEBCwUAA4IBAQB2q87QxDqhre1f6FyeaUqe+OIEUOVGa4WujhAzat+W
wkLbixwsWwUmu8gBN5Su/gwzbs7zZRWgVxkJe5dn3BopmlaOOEFwkrqM39vkxaSr
znBLcTOMAAaMzjp0Bxc6FcNFpyYuOQXVFjfE4kSBC7nqBYg9URQ1b+RysreXbV9S
93b8NzJfDI7hr7fmqT0hgAlIUT01qg8VWtMLdhX4v+YS8Gi4nTWkt1z1uHfEDggo
QnHoN0ptCeoDNMvHkfVUNa+pCYscjD4Qv9yykHwvOLC/hjp8VHAdYVHZfSOGu89p
yYbWPuMRgmu671ESuguvIOiFquF2x5TB2EPNn+T1poT2
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:21 2024 by rpki-client on console-ams.rpki-client.org