Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/uOh7MrqvdnTWJk1KE0cHc5wy8P4.roa
File: uOh7MrqvdnTWJk1KE0cHc5wy8P4.roa (raw, json)
Hash identifier: GnbctCSjwlANoZbHphh6LxIN46UJqbVAor1Skelb49A=
Subject key identifier: B8:E8:7B:32:BA:AF:76:74:D6:26:4D:4A:13:47:07:73:9C:32:F0:FE
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 01856F26F464A726A138CDB72AD6EE16A663
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/uOh7MrqvdnTWJk1KE0cHc5wy8P4.roa
Signing time: Sun 01 Jan 2023 21:05:01 +0000
ROA not before: Sun 01 Jan 2023 21:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210352
IP address blocks: 193.233.234.0/24 maxlen: 24
193.233.49.0/24 maxlen: 24
193.233.48.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:f4:64:a7:26:a1:38:cd:b7:2a:d6:ee:16:a6:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 21:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8e87b32baaf7674d6264d4a134707739c32f0fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:00:4b:89:19:fa:fe:48:51:2e:7c:16:87:14:
08:9f:3e:4f:00:26:d8:02:6b:35:dd:e1:26:a5:a1:
55:0a:2b:7f:44:07:b2:98:f5:df:d2:a9:d4:42:d6:
bc:69:ab:f9:6d:7b:1f:41:f9:a1:7d:9a:b1:77:cc:
e0:45:a5:fc:3c:7c:27:8b:97:14:fd:b7:6b:77:0a:
41:41:42:8b:06:cf:1e:0b:ef:a5:f5:3d:18:74:4c:
4d:73:01:1e:11:ff:97:85:ea:f1:12:e0:01:fb:0a:
04:9a:9b:e6:e1:56:0c:5c:5d:53:c1:7c:8f:2f:10:
dd:e0:8d:1b:17:9b:62:fe:83:ab:d2:b3:33:6b:1b:
40:e5:5b:15:5f:37:88:59:40:72:e7:61:1d:c1:a3:
ac:23:db:55:64:4a:95:fe:33:79:30:b1:1c:76:6c:
b5:67:a0:72:df:a9:13:ed:e0:94:85:a8:66:85:64:
3e:96:45:2a:aa:f0:a0:c6:49:a9:58:92:0d:05:4f:
93:e7:c6:05:5d:d2:07:49:7c:8b:94:f2:8e:f1:20:
65:36:ea:b3:41:a0:a6:5b:48:ac:e7:c1:85:d4:02:
e5:86:12:f8:aa:1c:e5:38:bc:67:f4:bf:34:9d:7b:
ae:37:d9:c3:f9:dc:d6:f9:17:dd:51:aa:dd:29:30:
d1:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:E8:7B:32:BA:AF:76:74:D6:26:4D:4A:13:47:07:73:9C:32:F0:FE
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/uOh7MrqvdnTWJk1KE0cHc5wy8P4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.48.0/23
193.233.234.0/24
Signature Algorithm: sha256WithRSAEncryption
32:ff:14:ba:35:de:14:a9:e5:89:8f:d0:d9:6e:fa:b5:84:4a:
41:5a:66:12:11:a4:68:9b:76:a4:09:75:d7:7a:00:94:7e:53:
b9:ff:08:1a:29:fb:47:6a:5c:79:bf:6d:78:45:ba:39:7a:e4:
6d:91:41:f0:44:b4:5e:7c:4a:9e:2d:74:dc:3c:31:fe:74:6b:
15:a4:9e:f1:8a:87:66:7d:82:8c:40:86:79:f5:a4:0b:c9:d1:
28:4b:e1:4c:7a:51:82:f0:af:3e:cb:f2:af:6f:a7:d9:b0:e7:
7d:a9:69:40:fd:b2:60:02:c9:20:39:8e:6f:f9:97:65:9f:02:
c0:99:58:42:cf:d3:b0:10:0c:67:e8:01:3a:f4:74:12:86:37:
17:44:7f:f0:b4:22:ea:2e:3d:d3:7f:87:26:8a:15:ba:17:39:
d6:d6:a5:c4:7f:c8:39:8d:58:1f:24:56:d3:02:45:22:1b:47:
71:fa:0f:59:5b:17:e8:33:0d:4c:8c:d2:b2:44:85:43:9b:11:
a4:cb:c8:ed:9d:77:99:0d:c4:1d:91:60:e1:cd:9b:b1:9f:60:
73:a5:3c:75:21:61:48:ba:6a:76:4a:c7:1b:e7:f4:ce:40:ce:
0d:f6:75:d0:df:ce:01:af:9a:2d:e6:89:2c:69:a7:e5:1f:0b:
ef:14:0f:29
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvJvRkpyahOM23KtbuFqZjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwMTAxMjEwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGU4N2IzMmJhYWY3Njc0ZDYyNjRkNGExMzQ3MDc3MzljMzJmMGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigBLiRn6/khRLnwWhxQInz5PACbY
Ams13eEmpaFVCit/RAeymPXf0qnUQta8aav5bXsfQfmhfZqxd8zgRaX8PHwni5cU
/bdrdwpBQUKLBs8eC++l9T0YdExNcwEeEf+XherxEuAB+woEmpvm4VYMXF1TwXyP
LxDd4I0bF5ti/oOr0rMzaxtA5VsVXzeIWUBy52EdwaOsI9tVZEqV/jN5MLEcdmy1
Z6By36kT7eCUhahmhWQ+lkUqqvCgxkmpWJINBU+T58YFXdIHSXyLlPKO8SBlNuqz
QaCmW0is58GF1ALlhhL4qhzlOLxn9L80nXuuN9nD+dzW+RfdUardKTDRqwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLjoezK6r3Z01iZNShNHB3OcMvD+MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvdU9oN01ycXZkblRXSmsxS0UwY0hjNXd5OFA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwekwAwQA
wenqMA0GCSqGSIb3DQEBCwUAA4IBAQAy/xS6Nd4UqeWJj9DZbvq1hEpBWmYSEaRo
m3akCXXXegCUflO5/wgaKftHalx5v214Rbo5euRtkUHwRLRefEqeLXTcPDH+dGsV
pJ7xiodmfYKMQIZ59aQLydEoS+FMelGC8K8+y/Kvb6fZsOd9qWlA/bJgAskgOY5v
+ZdlnwLAmVhCz9OwEAxn6AE69HQShjcXRH/wtCLqLj3Tf4cmihW6FznW1qXEf8g5
jVgfJFbTAkUiG0dx+g9ZWxfoMw1MjNKyRIVDmxGky8jtnXeZDcQdkWDhzZuxn2Bz
pTx1IWFIump2Sscb5/TOQM4N9nXQ384Br5ot5oksaaflHwvvFA8p
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:31 2023 by rpki-client on console-ams.rpki-client.org