Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/qwOk8n_x8W9qZFwXqBJxoi0qCHk.roa
File: qwOk8n_x8W9qZFwXqBJxoi0qCHk.roa (raw, json)
Hash identifier: 1zre1gAgzoA1bvq38O2l9oxLkpxZyF9WSULLmb27XS4=
Subject key identifier: AB:03:A4:F2:7F:F1:F1:6F:6A:64:5C:17:A8:12:71:A2:2D:2A:08:79
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018CC7952B36FCD52ED59AEE7BF517EC2EF1
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/qwOk8n_x8W9qZFwXqBJxoi0qCHk.roa
Signing time: Tue 02 Jan 2024 00:31:31 +0000
ROA not before: Tue 02 Jan 2024 00:31:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52000
IP address blocks: 193.233.22.0/24 maxlen: 24
193.233.250.0/24 maxlen: 24
193.233.249.0/24 maxlen: 24
193.233.248.0/24 maxlen: 24
193.233.251.0/24 maxlen: 24
193.233.88.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Feb 2024 09:34:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:2b:36:fc:d5:2e:d5:9a:ee:7b:f5:17:ec:2e:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 2 00:31:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab03a4f27ff1f16f6a645c17a81271a22d2a0879
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ae:59:ea:d4:9e:c3:2c:b2:83:57:ad:84:26:
9a:b6:a5:21:fb:32:61:e4:6a:62:41:24:10:35:54:
e9:fd:e5:c7:1d:71:81:73:09:8e:db:07:3b:e6:da:
6d:cf:e1:e5:c3:13:37:6d:e7:e8:9c:87:d1:aa:b7:
76:9d:a4:7e:42:b0:f4:a0:89:aa:29:d8:52:9e:ec:
40:d3:4e:c5:64:7e:34:b2:e0:f4:5c:24:14:a4:b9:
a0:db:60:2a:72:de:c4:a9:aa:3e:f4:fb:f3:74:0f:
44:25:f1:e3:62:b6:31:63:86:89:d1:38:7c:5d:bb:
32:34:09:a0:94:7b:56:cf:96:e3:c9:08:cf:a5:14:
c0:01:58:26:05:52:ff:05:c7:3f:14:e5:a8:77:d9:
bc:58:7e:d4:24:91:fa:bd:26:cb:d7:a1:b5:f8:63:
15:2c:b7:6c:74:4b:05:ec:10:9f:cc:bc:71:34:e8:
de:4a:37:ff:08:2e:7c:92:a1:3e:d7:e0:6b:59:9c:
af:95:6b:e8:92:aa:30:87:9a:1b:a2:bd:09:ec:e6:
fd:42:d1:e4:19:f7:7b:64:2c:60:ba:47:08:26:3e:
c8:c2:42:82:ee:bd:aa:8e:c5:7d:11:69:96:b6:36:
d9:ea:09:06:9d:80:27:93:ad:93:d3:41:de:6d:2c:
c5:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:03:A4:F2:7F:F1:F1:6F:6A:64:5C:17:A8:12:71:A2:2D:2A:08:79
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/qwOk8n_x8W9qZFwXqBJxoi0qCHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.22.0/24
193.233.88.0/22
193.233.248.0/22
Signature Algorithm: sha256WithRSAEncryption
07:c1:16:69:b7:4d:24:53:32:b2:c9:ed:4e:b5:f2:42:02:ab:
dd:d0:dc:fa:b9:3c:ea:d9:d0:f5:13:cc:d9:18:82:de:4a:62:
43:25:0a:79:4c:21:57:6f:7f:dd:49:79:38:ca:2c:6b:20:28:
11:bc:d1:1f:11:19:1f:78:aa:6c:8b:c1:e7:5f:81:2a:15:3e:
a7:d3:5b:51:36:16:e2:a8:34:72:26:1f:5c:ed:51:8e:d8:56:
f4:53:80:5d:c7:f6:4a:f9:bd:7c:42:87:ac:df:6d:29:ea:0d:
9f:14:96:eb:9e:63:de:4e:25:49:a7:de:19:b9:f4:ec:b3:af:
16:bd:99:8a:43:5c:81:d1:28:cb:dd:bd:96:48:3f:54:7b:a7:
e7:97:86:09:b9:33:cc:95:97:f4:f0:76:31:76:dd:8c:ab:aa:
d8:b7:56:2b:bd:aa:c0:f2:56:28:16:b6:4b:f6:d4:d6:f5:0b:
8c:80:b8:a1:8c:6d:8c:eb:b3:a1:b6:49:7f:aa:a9:90:92:24:
12:1d:bb:7c:70:c3:50:8e:03:e4:2b:2f:f9:95:a0:36:c6:53:
37:ba:22:4d:8b:c0:47:94:59:77:28:79:00:d4:ea:ed:f6:43:
f5:ed:4a:76:6f:4b:87:11:4c:ee:3f:49:28:a2:0e:84:fa:18:
6c:5d:10:d3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHlSs2/NUu1Zrue/UX7C7xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMTAyMDAzMTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjAzYTRmMjdmZjFmMTZmNmE2NDVjMTdhODEyNzFhMjJkMmEwODc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgq5Z6tSewyyyg1ethCaatqUh+zJh
5GpiQSQQNVTp/eXHHXGBcwmO2wc75tptz+HlwxM3befonIfRqrd2naR+QrD0oImq
KdhSnuxA007FZH40suD0XCQUpLmg22Aqct7Eqao+9PvzdA9EJfHjYrYxY4aJ0Th8
XbsyNAmglHtWz5bjyQjPpRTAAVgmBVL/Bcc/FOWod9m8WH7UJJH6vSbL16G1+GMV
LLdsdEsF7BCfzLxxNOjeSjf/CC58kqE+1+BrWZyvlWvokqowh5obor0J7Ob9QtHk
Gfd7ZCxgukcIJj7IwkKC7r2qjsV9EWmWtjbZ6gkGnYAnk62T00HebSzFRwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKsDpPJ/8fFvamRcF6gScaItKgh5MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvcXdPazhuX3g4VzlxWkZ3WHFCSnhvaTBxQ0hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwekWAwQC
welYAwQCwen4MA0GCSqGSIb3DQEBCwUAA4IBAQAHwRZpt00kUzKyye1OtfJCAqvd
0Nz6uTzq2dD1E8zZGILeSmJDJQp5TCFXb3/dSXk4yixrICgRvNEfERkfeKpsi8Hn
X4EqFT6n01tRNhbiqDRyJh9c7VGO2Fb0U4Bdx/ZK+b18Qoes320p6g2fFJbrnmPe
TiVJp94ZufTss68WvZmKQ1yB0SjL3b2WSD9Ue6fnl4YJuTPMlZf08HYxdt2Mq6rY
t1YrvarA8lYoFrZL9tTW9QuMgLihjG2M67Ohtkl/qqmQkiQSHbt8cMNQjgPkKy/5
laA2xlM3uiJNi8BHlFl3KHkA1Ort9kP17Up2b0uHEUzuP0koog6E+hhsXRDT
-----END CERTIFICATE-----
Generated at Fri Feb 16 12:45:17 2024 by rpki-client on console-ams.rpki-client.org