Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/sAkYiRe8xDM6qhr_MfinYqzW1j4.roa
File: sAkYiRe8xDM6qhr_MfinYqzW1j4.roa (raw, json)
Hash identifier: rkpyMQwHuuJxNgA1m9BPyB0YN9WAUDCVc9X6bD6giQ0=
Subject key identifier: B0:09:18:89:17:BC:C4:33:3A:AA:1A:FF:31:F8:A7:62:AC:D6:D6:3E
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018D8367840CCCABBA0FB1B8665FABFFE0EB
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/sAkYiRe8xDM6qhr_MfinYqzW1j4.roa
Signing time: Wed 07 Feb 2024 11:50:15 +0000
ROA not before: Wed 07 Feb 2024 11:50:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207967
IP address blocks: 147.45.224.0/19 maxlen: 19
193.233.108.0/22 maxlen: 22
193.233.112.0/22 maxlen: 22
193.233.116.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 26 Mar 2024 07:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:83:67:84:0c:cc:ab:ba:0f:b1:b8:66:5f:ab:ff:e0:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Feb 7 11:50:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b009188917bcc4333aaa1aff31f8a762acd6d63e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:79:68:4c:f0:cd:5f:e4:6a:e0:fd:22:c7:2a:
7f:3f:85:41:98:72:3d:a5:dd:26:37:c8:65:e0:9b:
8a:15:4a:a2:d6:a4:4b:79:d7:f0:15:a5:10:34:5c:
c0:9e:e6:2f:3f:3e:1f:a5:42:2d:c2:3c:48:fb:7a:
1e:a3:60:53:14:f0:aa:0c:33:6e:91:02:fa:b4:7a:
b5:26:fd:60:f0:92:12:f3:0d:9c:3d:db:f4:54:b4:
e0:8f:c2:2e:ce:90:f9:16:8c:d4:a2:65:75:c1:c3:
51:74:48:cb:39:80:c3:5b:9c:39:76:10:8c:9d:75:
7d:a0:b7:43:98:31:4f:c2:bb:d7:6e:db:5c:eb:d6:
3a:31:8c:2e:e0:55:26:d1:81:5b:1c:83:8e:7f:44:
a3:52:a1:0e:90:c4:e0:45:70:36:a6:bb:d9:99:68:
a9:80:6a:aa:ef:6b:c9:4e:65:3f:a5:b2:f2:db:ad:
eb:8d:f0:9c:12:47:06:8a:8b:1c:19:8e:30:ed:d4:
ae:68:b0:e9:1d:70:b2:7c:a3:48:57:7c:ea:c6:1c:
74:3f:1f:9a:f6:1d:3c:ae:3b:1e:8c:b6:b9:5f:17:
55:d9:d3:26:26:3b:2e:ee:ff:58:31:51:6a:8f:c6:
18:90:77:0d:db:1d:db:f4:7f:1b:a7:c3:53:cb:0b:
68:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:09:18:89:17:BC:C4:33:3A:AA:1A:FF:31:F8:A7:62:AC:D6:D6:3E
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/sAkYiRe8xDM6qhr_MfinYqzW1j4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.224.0/19
193.233.108.0-193.233.119.255
Signature Algorithm: sha256WithRSAEncryption
6b:0b:82:87:ac:7f:31:39:1c:b7:a0:0e:fc:f6:56:fd:85:67:
82:37:ee:fe:8a:01:2d:62:76:9d:93:ea:9b:b3:db:8b:a1:b4:
c4:60:93:a8:99:e2:5b:1f:d3:cd:26:2a:19:f4:18:22:2f:15:
30:54:66:96:5d:03:c5:67:6e:9d:c2:86:c2:0d:ad:23:f4:f1:
a1:d2:de:4c:c4:89:1a:2f:6f:75:24:1e:02:fc:df:0f:14:4c:
fa:62:e8:6d:0b:6c:3d:bc:ae:5e:f3:dd:91:8d:2c:00:82:00:
70:6f:59:20:df:e9:d7:3a:a4:10:33:61:26:bb:bb:5f:1c:eb:
66:2e:01:cf:a7:8c:ab:a9:27:ad:7e:32:b5:58:57:22:c6:0d:
d5:d9:13:d5:33:d7:6c:ff:a5:e0:c1:7b:db:a1:11:bf:6c:4e:
3f:c3:67:e8:1c:09:78:c4:86:8b:66:53:e4:81:02:37:d0:ce:
ff:60:c9:ef:4c:ca:e1:82:4a:bd:45:f4:34:86:0b:21:a8:eb:
46:8e:7c:56:92:b5:06:76:3a:66:12:76:d5:04:1d:29:5c:a0:
2e:3e:58:79:93:f4:c7:5a:47:cb:95:ff:3d:8d:51:13:f0:d5:
10:15:d4:de:17:8f:10:5f:d9:bb:10:32:90:ee:9d:75:84:10:
dd:ad:83:c3
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY2DZ4QMzKu6D7G4Zl+r/+DrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMjA3MTE1MDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDA5MTg4OTE3YmNjNDMzM2FhYTFhZmYzMWY4YTc2MmFjZDZkNjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHloTPDNX+Rq4P0ixyp/P4VBmHI9
pd0mN8hl4JuKFUqi1qRLedfwFaUQNFzAnuYvPz4fpUItwjxI+3oeo2BTFPCqDDNu
kQL6tHq1Jv1g8JIS8w2cPdv0VLTgj8IuzpD5FozUomV1wcNRdEjLOYDDW5w5dhCM
nXV9oLdDmDFPwrvXbttc69Y6MYwu4FUm0YFbHIOOf0SjUqEOkMTgRXA2prvZmWip
gGqq72vJTmU/pbLy263rjfCcEkcGioscGY4w7dSuaLDpHXCyfKNIV3zqxhx0Px+a
9h08rjsejLa5XxdV2dMmJjsu7v9YMVFqj8YYkHcN2x3b9H8bp8NTywtonwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLAJGIkXvMQzOqoa/zH4p2Ks1tY+MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvc0FrWWlSZTh4RE02cWhyX01maW5ZcXpXMWo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQFky3gMAwD
BALB6WwDBAPB6XAwDQYJKoZIhvcNAQELBQADggEBAGsLgoesfzE5HLegDvz2Vv2F
Z4I37v6KAS1idp2T6puz24uhtMRgk6iZ4lsf080mKhn0GCIvFTBUZpZdA8Vnbp3C
hsINrSP08aHS3kzEiRovb3UkHgL83w8UTPpi6G0LbD28rl7z3ZGNLACCAHBvWSDf
6dc6pBAzYSa7u18c62YuAc+njKupJ61+MrVYVyLGDdXZE9Uz12z/peDBe9uhEb9s
Tj/DZ+gcCXjEhotmU+SBAjfQzv9gye9MyuGCSr1F9DSGCyGo60aOfFaStQZ2OmYS
dtUEHSlcoC4+WHmT9MdaR8uV/z2NURPw1RAV1N4XjxBf2bsQMpDunXWEEN2tg8M=
-----END CERTIFICATE-----
Generated at Tue Mar 26 12:08:39 2024 by rpki-client on console-fra.rpki-client.org