Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/u7UGaMfzWcRuICCpY-NOUVwLCo8.roa
File: u7UGaMfzWcRuICCpY-NOUVwLCo8.roa (raw, json)
Hash identifier: h50DqdEiu7HwYyjRM42zUScBCrFLIwq2qztW9XnmAL4=
Subject key identifier: BB:B5:06:68:C7:F3:59:C4:6E:20:20:A9:63:E3:4E:51:5C:0B:0A:8F
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0187994D15C38F0E708C3C37D999E7EFBE55
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/u7UGaMfzWcRuICCpY-NOUVwLCo8.roa
Signing time: Wed 19 Apr 2023 11:36:18 +0000
ROA not before: Wed 19 Apr 2023 11:36:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49392
IP address blocks: 193.233.252.0/23 maxlen: 23
193.233.192.0/24 maxlen: 24
193.233.85.0/24 maxlen: 24
193.233.86.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:99:4d:15:c3:8f:0e:70:8c:3c:37:d9:99:e7:ef:be:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Apr 19 11:36:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbb50668c7f359c46e2020a963e34e515c0b0a8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:a2:53:02:08:42:1c:e0:e9:c3:2b:fb:07:77:
27:23:36:0e:cb:61:fd:68:f1:8b:fc:b9:ba:d0:5a:
5f:3f:49:9f:fe:e0:df:03:2e:01:79:6b:cf:6e:e4:
ee:28:57:13:5c:63:c8:5e:85:e8:fd:51:39:b3:4b:
c4:9d:1f:bf:08:6c:d1:28:b6:3a:47:ef:55:bc:07:
30:43:a1:f7:f7:ac:5c:f5:7f:4c:50:5b:83:ce:78:
44:8c:46:d8:27:fe:3b:3d:35:7e:89:85:8e:87:50:
19:79:29:2b:01:c6:a6:52:b4:7b:2d:23:88:b1:34:
b8:b3:8d:19:78:b7:c4:1e:f7:30:75:eb:d8:10:10:
83:ee:32:d4:b7:99:66:66:de:3f:75:5e:88:72:97:
88:e8:d3:1a:84:af:4e:52:93:ca:e3:c1:a6:ef:b2:
73:42:70:02:ba:40:94:82:f3:ff:ef:89:f8:18:43:
ed:da:94:60:38:e0:d0:a8:34:9b:d6:22:81:0a:29:
01:1b:03:3c:c4:cb:98:9d:1d:46:bd:5f:0a:01:a4:
f7:42:06:85:e3:dc:43:fa:b1:1c:3d:fd:46:2e:f1:
a3:1f:e0:9d:8c:8b:dc:ad:8a:33:fd:fd:6a:ae:a3:
b8:73:19:be:44:11:24:7a:57:64:73:1e:1f:28:e6:
ef:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:B5:06:68:C7:F3:59:C4:6E:20:20:A9:63:E3:4E:51:5C:0B:0A:8F
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/u7UGaMfzWcRuICCpY-NOUVwLCo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.85.0-193.233.86.255
193.233.192.0/24
193.233.252.0/23
Signature Algorithm: sha256WithRSAEncryption
97:8a:df:9b:20:79:bf:67:59:22:07:39:9d:b6:4a:0f:16:d6:
1a:33:97:54:2b:7f:4f:16:ad:bb:b5:11:7c:41:66:14:39:88:
8f:df:db:34:b8:30:3e:04:18:ea:c7:4d:fd:67:f9:54:42:53:
bd:7b:47:7f:f9:13:f8:02:8e:99:da:d9:8e:94:4f:b5:f4:fa:
70:06:db:ad:b7:ab:e2:86:0c:d2:8d:59:8f:1d:5c:cf:17:3c:
f7:a3:2b:c2:4d:60:18:f4:5e:a8:92:a3:ac:11:90:e8:5b:0a:
be:e3:28:fd:23:3c:66:af:c0:fa:26:97:16:e3:69:56:0b:f2:
da:2d:5e:63:a9:5e:a3:0b:ae:fa:e1:1a:44:40:32:6d:ad:5e:
31:52:2d:fa:aa:62:ee:15:ef:0a:2c:c0:a7:cc:d7:45:2f:f6:
af:51:b6:4c:e9:08:38:51:eb:42:01:b0:c1:df:1e:cc:17:f9:
69:e7:51:55:68:35:d1:c8:ed:71:09:ef:34:ac:f7:50:8b:45:
92:2a:8f:8d:6e:5d:8d:c0:d3:a7:64:f9:30:fd:d6:fd:db:b0:
fb:f1:a2:ef:61:ee:de:15:fd:1d:a8:7a:62:e0:08:fa:e7:b4:
a1:ea:9e:bf:e2:14:2c:08:43:dc:e1:94:c8:65:b9:f6:8c:35:
c9:4c:36:dc
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYeZTRXDjw5wjDw32Znn775VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwNDE5MTEzNjE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmI1MDY2OGM3ZjM1OWM0NmUyMDIwYTk2M2UzNGU1MTVjMGIwYThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKJTAghCHODpwyv7B3cnIzYOy2H9
aPGL/Lm60FpfP0mf/uDfAy4BeWvPbuTuKFcTXGPIXoXo/VE5s0vEnR+/CGzRKLY6
R+9VvAcwQ6H396xc9X9MUFuDznhEjEbYJ/47PTV+iYWOh1AZeSkrAcamUrR7LSOI
sTS4s40ZeLfEHvcwdevYEBCD7jLUt5lmZt4/dV6IcpeI6NMahK9OUpPK48Gm77Jz
QnACukCUgvP/74n4GEPt2pRgOODQqDSb1iKBCikBGwM8xMuYnR1GvV8KAaT3QgaF
49xD+rEcPf1GLvGjH+CdjIvcrYoz/f1qrqO4cxm+RBEkeldkcx4fKObvYQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLu1BmjH81nEbiAgqWPjTlFcCwqPMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvdTdVR2FNZnpXY1J1SUNDcFktTk9VVndMQ284LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBADB6VUD
BADB6VYDBADB6cADBAHB6fwwDQYJKoZIhvcNAQELBQADggEBAJeK35sgeb9nWSIH
OZ22Sg8W1hozl1Qrf08Wrbu1EXxBZhQ5iI/f2zS4MD4EGOrHTf1n+VRCU717R3/5
E/gCjpna2Y6UT7X0+nAG2623q+KGDNKNWY8dXM8XPPejK8JNYBj0XqiSo6wRkOhb
Cr7jKP0jPGavwPomlxbjaVYL8totXmOpXqMLrvrhGkRAMm2tXjFSLfqqYu4V7wos
wKfM10Uv9q9RtkzpCDhR60IBsMHfHswX+WnnUVVoNdHI7XEJ7zSs91CLRZIqj41u
XY3A06dk+TD91v3bsPvxou9h7t4V/R2oemLgCPrntKHqnr/iFCwIQ9zhlMhlufaM
NclMNtw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:39 2023 by rpki-client on console-fra.rpki-client.org