Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/upQ9Zk6WK6oGmdVEEAzNdBbJfT8.roa
File: upQ9Zk6WK6oGmdVEEAzNdBbJfT8.roa (raw, json)
Hash identifier: 91zn/TrCCkpD+0KT8YinD+aW1UGdtCfhynuF0BDNw74=
Subject key identifier: BA:94:3D:66:4E:96:2B:AA:06:99:D5:44:10:0C:CD:74:16:C9:7D:3F
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0186309C1B62BC37FE85488D4DDAFC377618
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/upQ9Zk6WK6oGmdVEEAzNdBbJfT8.roa
Signing time: Wed 08 Feb 2023 10:39:42 +0000
ROA not before: Wed 08 Feb 2023 10:39:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137263
IP address blocks: 193.233.194.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 26 Jul 2023 08:30:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:30:9c:1b:62:bc:37:fe:85:48:8d:4d:da:fc:37:76:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Feb 8 10:39:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba943d664e962baa0699d544100ccd7416c97d3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:b0:5e:8b:73:fe:83:cd:02:c3:bb:c4:4c:5f:
1c:43:1e:fc:81:93:2f:79:e0:4f:d2:ea:1f:44:a0:
1a:1c:3f:60:3d:ff:47:a7:ab:5c:49:98:97:75:be:
5b:e4:a0:60:74:a5:d8:0a:ec:4a:ab:60:b2:cb:e7:
73:0d:f5:d3:ae:c9:4a:43:37:c6:21:98:f5:f9:f3:
ba:45:2f:44:45:73:bb:1a:0a:f3:93:9a:0c:f6:f7:
e3:14:16:f2:bd:d5:d9:5e:13:6c:0c:d3:4a:2b:14:
43:64:ac:be:00:74:37:a8:a3:ae:e2:54:82:3c:21:
c5:60:22:37:29:a9:3d:97:68:d8:88:79:d8:99:42:
31:28:74:20:88:0b:4e:b4:0c:01:62:ed:19:f0:88:
c1:55:c3:ae:12:73:56:ea:09:71:11:6a:b3:38:ae:
f6:f5:a5:1a:ef:5a:af:02:1e:90:9d:81:f6:18:64:
c8:27:a4:b5:ad:ae:ef:f6:4e:06:8d:55:95:6c:74:
26:2d:df:84:a3:89:63:24:b8:ec:30:cf:c1:9d:07:
7b:24:d7:ca:9f:af:14:aa:e0:2b:71:aa:7e:7b:96:
8a:de:06:d9:bb:76:cf:e0:fc:3b:b3:5d:2a:af:17:
fa:d1:ec:68:70:3c:2f:a2:e5:1e:b4:7d:1c:2b:32:
b5:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:94:3D:66:4E:96:2B:AA:06:99:D5:44:10:0C:CD:74:16:C9:7D:3F
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/upQ9Zk6WK6oGmdVEEAzNdBbJfT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.194.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:cc:c7:57:2d:67:62:d6:12:47:11:5f:18:1b:6e:3a:8b:50:
a7:01:ca:65:f3:60:e5:1a:b1:b1:32:7d:ed:1a:16:73:70:39:
1e:7d:61:cf:7d:b7:76:b2:7d:e4:0c:44:06:b3:83:a8:7e:5e:
cc:5f:90:fb:ef:29:39:f8:1d:ad:18:5d:c4:bb:b0:57:0c:e2:
65:ff:36:96:a7:07:6d:f8:da:ca:07:e9:fb:e8:0d:c9:0c:1a:
e8:e3:5f:91:86:32:40:66:ab:2d:7f:48:b8:9a:f2:fe:ac:ca:
15:31:07:9d:83:2e:81:9f:5d:77:9e:c9:d3:f9:d3:a3:c4:e9:
d1:47:ae:22:2b:d9:c8:1e:35:30:05:e3:26:89:da:c0:a1:d6:
6f:e6:3c:19:19:5d:be:ff:99:56:f4:0a:90:98:7e:8d:a0:71:
c7:e1:2a:d2:85:f4:ad:8f:bb:22:d6:16:06:a8:e2:5a:60:b7:
46:5e:58:4f:37:32:d0:68:02:15:d6:2e:f9:04:44:02:47:22:
f5:ab:40:98:6a:39:0f:1f:20:e4:27:2e:c0:71:c9:85:00:f2:
e5:a4:0f:79:75:0a:02:72:91:30:3a:4d:1a:8b:1b:db:5c:ba:
e4:6e:07:5b:85:5c:21:a0:f6:f3:a3:3a:af:0d:42:40:de:ff:
30:70:9c:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYwnBtivDf+hUiNTdr8N3YYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwMjA4MTAzOTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTk0M2Q2NjRlOTYyYmFhMDY5OWQ1NDQxMDBjY2Q3NDE2Yzk3ZDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLBei3P+g80Cw7vETF8cQx78gZMv
eeBP0uofRKAaHD9gPf9Hp6tcSZiXdb5b5KBgdKXYCuxKq2Cyy+dzDfXTrslKQzfG
IZj1+fO6RS9ERXO7Ggrzk5oM9vfjFBbyvdXZXhNsDNNKKxRDZKy+AHQ3qKOu4lSC
PCHFYCI3Kak9l2jYiHnYmUIxKHQgiAtOtAwBYu0Z8IjBVcOuEnNW6glxEWqzOK72
9aUa71qvAh6QnYH2GGTIJ6S1ra7v9k4GjVWVbHQmLd+Eo4ljJLjsMM/BnQd7JNfK
n68UquArcap+e5aK3gbZu3bP4Pw7s10qrxf60exocDwvouUetH0cKzK1pwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLqUPWZOliuqBpnVRBAMzXQWyX0/MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvdXBROVprNldLNm9HbWRWRUVBek5kQmJKZlQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwenCMA0G
CSqGSIb3DQEBCwUAA4IBAQA9zMdXLWdi1hJHEV8YG246i1CnAcpl82DlGrGxMn3t
GhZzcDkefWHPfbd2sn3kDEQGs4Oofl7MX5D77yk5+B2tGF3Eu7BXDOJl/zaWpwdt
+NrKB+n76A3JDBro41+RhjJAZqstf0i4mvL+rMoVMQedgy6Bn113nsnT+dOjxOnR
R64iK9nIHjUwBeMmidrAodZv5jwZGV2+/5lW9AqQmH6NoHHH4SrShfStj7si1hYG
qOJaYLdGXlhPNzLQaAIV1i75BEQCRyL1q0CYajkPHyDkJy7AccmFAPLlpA95dQoC
cpEwOk0aixvbXLrkbgdbhVwhoPbzozqvDUJA3v8wcJxj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:40 2024 by rpki-client on console-fra.rpki-client.org