Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/sK_ghgIAEjgqH5yYgf5adCHM_rA.roa
File: sK_ghgIAEjgqH5yYgf5adCHM_rA.roa (raw, json)
Hash identifier: 3VwDb+mDq019sFUlVJVAEFDmkp5mcKTu+Ai3D86a8cE=
Subject key identifier: B0:AF:E0:86:02:00:12:38:2A:1F:9C:98:81:FE:5A:74:21:CC:FE:B0
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 01880A98DA6D59E53FC7691FC2E7ADA5CA68
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/sK_ghgIAEjgqH5yYgf5adCHM_rA.roa
Signing time: Thu 11 May 2023 11:36:09 +0000
ROA not before: Thu 11 May 2023 11:36:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202973
IP address blocks: 193.233.134.0/24 maxlen: 24
193.233.254.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:0a:98:da:6d:59:e5:3f:c7:69:1f:c2:e7:ad:a5:ca:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: May 11 11:36:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b0afe086020012382a1f9c9881fe5a7421ccfeb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:b1:d6:3e:1f:df:d3:a9:48:7b:b6:d8:69:01:
d2:8c:ce:2e:fe:37:2d:08:b6:82:cd:45:08:4b:8a:
6d:00:d9:44:eb:07:4a:0f:35:e2:b7:4c:6c:b9:f9:
b9:27:27:77:db:5b:b4:e3:a2:be:bf:b3:06:77:a1:
75:64:6c:0a:fe:37:dd:ed:20:46:26:e2:0a:6d:0d:
2a:64:f1:da:21:59:2d:a7:e8:07:e9:6b:1f:9e:c2:
c8:58:df:4b:2a:46:72:1d:64:eb:a8:94:f3:3d:ff:
5e:0c:55:20:99:9e:01:87:03:0b:4f:e2:9f:f8:59:
93:4c:bc:d4:77:2a:2f:22:2a:01:bd:1e:a8:74:b1:
2d:bc:99:6b:38:e9:31:d2:47:cc:4a:fb:f4:61:16:
94:9e:2a:84:a5:ce:cc:b1:3c:28:27:20:d1:0f:a7:
53:d8:fc:2e:00:b0:66:88:f8:ce:f2:b0:6c:dd:71:
e2:81:99:ce:6a:2f:65:38:f3:32:a0:ec:69:7a:bb:
4d:2f:31:2e:c9:89:d8:2d:a3:2e:63:61:2f:ee:41:
8e:88:0e:f2:2f:84:69:69:56:76:8f:93:bc:87:cb:
67:78:e4:e0:8e:33:f0:7c:a2:9f:05:1c:1a:fd:e3:
91:72:bb:6c:8f:e0:4f:10:d4:d4:86:1a:c5:18:7d:
15:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:AF:E0:86:02:00:12:38:2A:1F:9C:98:81:FE:5A:74:21:CC:FE:B0
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/sK_ghgIAEjgqH5yYgf5adCHM_rA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.134.0/24
193.233.254.0/24
Signature Algorithm: sha256WithRSAEncryption
28:cc:4c:88:84:db:76:15:59:bf:65:b4:e6:f7:25:ae:6d:3f:
a8:f9:59:64:3e:80:97:ac:c5:a9:c2:da:69:83:09:00:5a:d3:
02:3a:c2:6c:96:89:77:45:74:a6:2a:fb:2c:17:d3:ee:a7:3c:
f2:09:0c:e4:bb:63:cc:f5:d2:5d:61:ce:c0:3c:c9:1b:29:07:
47:51:b8:7e:bf:13:21:26:e8:2d:b6:24:ff:d9:63:13:60:84:
6e:64:6a:ad:b3:3a:39:6d:36:e3:49:22:2a:9f:f0:71:f2:a6:
b4:08:10:f7:e5:4a:30:ff:80:31:f4:dd:61:74:5f:4e:c1:90:
48:48:80:b0:34:8e:ab:b3:03:1e:4d:15:d6:94:23:5e:b6:50:
5b:c5:e1:83:30:7c:bc:d2:d7:ab:56:2e:1f:a9:81:c0:2f:f5:
9a:90:30:f7:ce:7c:b9:85:f2:35:ee:e3:50:ce:87:83:aa:93:
2e:3d:f1:aa:1e:20:df:d2:6b:bd:bc:6d:52:34:ee:aa:5f:6a:
37:9e:f7:8d:31:d6:74:e8:94:42:00:85:37:4b:e7:73:5a:19:
c6:ab:09:cc:61:85:45:0d:d9:cb:4d:a9:f4:45:bb:6a:cf:88:
70:31:b1:e5:bd:63:0e:87:e5:c6:02:a0:20:38:c2:9f:02:3e:
ce:0a:0a:a1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYgKmNptWeU/x2kfwuetpcpoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwNTExMTEzNjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGFmZTA4NjAyMDAxMjM4MmExZjljOTg4MWZlNWE3NDIxY2NmZWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4LHWPh/f06lIe7bYaQHSjM4u/jct
CLaCzUUIS4ptANlE6wdKDzXit0xsufm5Jyd321u046K+v7MGd6F1ZGwK/jfd7SBG
JuIKbQ0qZPHaIVktp+gH6WsfnsLIWN9LKkZyHWTrqJTzPf9eDFUgmZ4BhwMLT+Kf
+FmTTLzUdyovIioBvR6odLEtvJlrOOkx0kfMSvv0YRaUniqEpc7MsTwoJyDRD6dT
2PwuALBmiPjO8rBs3XHigZnOai9lOPMyoOxpertNLzEuyYnYLaMuY2Ev7kGOiA7y
L4RpaVZ2j5O8h8tneOTgjjPwfKKfBRwa/eORcrtsj+BPENTUhhrFGH0VDQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLCv4IYCABI4Kh+cmIH+WnQhzP6wMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvc0tfZ2hnSUFFamdxSDV5WWdmNWFkQ0hNX3JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwemGAwQA
wen+MA0GCSqGSIb3DQEBCwUAA4IBAQAozEyIhNt2FVm/ZbTm9yWubT+o+VlkPoCX
rMWpwtppgwkAWtMCOsJslol3RXSmKvssF9PupzzyCQzku2PM9dJdYc7APMkbKQdH
Ubh+vxMhJugttiT/2WMTYIRuZGqtszo5bTbjSSIqn/Bx8qa0CBD35Uow/4Ax9N1h
dF9OwZBISICwNI6rswMeTRXWlCNetlBbxeGDMHy80terVi4fqYHAL/WakDD3zny5
hfI17uNQzoeDqpMuPfGqHiDf0mu9vG1SNO6qX2o3nveNMdZ06JRCAIU3S+dzWhnG
qwnMYYVFDdnLTan0Rbtqz4hwMbHlvWMOh+XGAqAgOMKfAj7OCgqh
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:05 2024 by rpki-client on console-fra.rpki-client.org