Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/vVbcWwbswty30VfkF2SFTUNEFKI.roa
File: vVbcWwbswty30VfkF2SFTUNEFKI.roa (raw, json)
Hash identifier: sQ4tWrJVAYvwbpNoy5QbQK56lvUQuUx7VO7hIigKkwE=
Subject key identifier: BD:56:DC:5B:06:EC:C2:DC:B7:D1:57:E4:17:64:85:4D:43:44:14:A2
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018B8F72A173DB8F2C83B0BB5C6062C220DC
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/vVbcWwbswty30VfkF2SFTUNEFKI.roa
Signing time: Thu 02 Nov 2023 09:52:15 +0000
ROA not before: Thu 02 Nov 2023 09:52:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2895
IP address blocks: 147.45.194.0/23 maxlen: 23
147.45.0.0/19 maxlen: 19
147.45.0.0/16 maxlen: 16
147.45.32.0/23 maxlen: 23
193.233.4.0/24 maxlen: 24
193.233.0.0/22 maxlen: 22
147.45.64.0/24 maxlen: 24
193.233.10.0/23 maxlen: 23
193.233.8.0/24 maxlen: 24
2001:640::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8f:72:a1:73:db:8f:2c:83:b0:bb:5c:60:62:c2:20:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Nov 2 09:52:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd56dc5b06ecc2dcb7d157e41764854d434414a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:97:47:01:26:cb:c7:84:b0:27:b1:76:86:d6:
37:d9:9e:cc:23:29:5f:b2:30:80:c6:c7:f5:4a:86:
a6:1e:31:34:e3:a5:8e:15:eb:2b:c5:67:db:bb:00:
76:3a:56:36:9e:82:f4:98:51:9e:bf:f6:31:e1:e3:
6e:f7:dd:9e:dd:14:5d:f7:1c:f1:75:cf:c8:84:15:
6e:b0:49:ba:85:29:4d:63:e4:c8:57:88:26:78:91:
b0:ba:3f:5e:57:87:4a:14:de:07:97:7f:eb:dd:51:
fa:11:d7:55:a2:b6:09:26:3e:2c:22:b2:59:97:ac:
83:05:59:1c:27:7d:1d:4c:7e:72:b8:ab:f1:9d:10:
8c:1d:51:36:5d:0e:46:ee:39:4e:5c:1b:67:15:db:
5a:01:79:66:a1:a7:2a:78:b4:40:31:b7:5a:7d:93:
09:88:c2:39:37:c7:ef:8a:a8:e7:13:3f:f8:f8:ef:
99:92:66:bb:33:ea:25:cd:3d:c1:c7:28:b8:d9:e0:
a8:32:10:2f:29:4f:da:9c:0d:50:6f:cf:f9:ee:eb:
bd:7c:f3:97:3f:7f:ab:69:02:93:70:06:c1:31:e9:
4e:58:ef:89:e6:b0:33:2d:0f:04:17:6f:6b:ff:43:
a0:cd:82:c5:3d:66:4f:ea:51:95:c2:8d:08:aa:71:
62:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:56:DC:5B:06:EC:C2:DC:B7:D1:57:E4:17:64:85:4D:43:44:14:A2
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/vVbcWwbswty30VfkF2SFTUNEFKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.0.0/16
193.233.0.0-193.233.4.255
193.233.8.0/24
193.233.10.0/23
IPv6:
2001:640::/32
Signature Algorithm: sha256WithRSAEncryption
77:2e:49:74:f6:08:df:7e:07:03:a8:ef:3a:30:d1:84:65:93:
fa:26:10:7d:6f:d1:ec:35:c7:7b:c2:65:a5:f0:09:05:9a:56:
cb:b0:1d:ea:32:b6:c0:b8:be:15:c3:c6:08:ba:68:e7:90:cc:
9a:c5:a1:53:4b:35:79:d1:81:d0:6f:89:3c:6d:2e:5b:07:f8:
01:61:30:46:4d:39:e2:8b:dd:4c:a6:2e:35:b9:5d:ed:88:fb:
62:41:34:ae:0a:0c:a0:35:95:63:d9:28:49:94:34:ba:4b:a0:
3a:bb:4e:14:cf:bc:c3:aa:5a:01:1b:41:4c:c7:91:aa:e5:a5:
75:88:04:e2:46:90:78:0c:77:66:21:c7:60:90:c6:46:2d:ce:
1d:f3:99:b2:5e:77:03:e5:65:f9:f0:39:d8:7d:6c:97:c9:a2:
e9:23:93:6a:48:a4:92:80:37:0d:fc:ca:34:47:e4:64:c5:71:
bf:22:40:0e:d1:af:02:55:e9:65:46:33:2d:36:e3:7e:59:3e:
d2:b0:74:3e:18:23:3c:e5:d6:55:cf:03:41:e4:05:27:be:95:
c5:32:be:e7:c3:dd:45:b0:e9:e7:c8:01:e2:f3:18:29:85:af:
45:c8:32:64:a9:36:31:ef:b0:c1:82:e9:12:21:ef:ec:72:f3:
45:cc:50:2f
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYuPcqFz248sg7C7XGBiwiDcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMxMTAyMDk1MjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDU2ZGM1YjA2ZWNjMmRjYjdkMTU3ZTQxNzY0ODU0ZDQzNDQxNGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJdHASbLx4SwJ7F2htY32Z7MIylf
sjCAxsf1SoamHjE046WOFesrxWfbuwB2OlY2noL0mFGev/Yx4eNu992e3RRd9xzx
dc/IhBVusEm6hSlNY+TIV4gmeJGwuj9eV4dKFN4Hl3/r3VH6EddVorYJJj4sIrJZ
l6yDBVkcJ30dTH5yuKvxnRCMHVE2XQ5G7jlOXBtnFdtaAXlmoacqeLRAMbdafZMJ
iMI5N8fviqjnEz/4+O+Zkma7M+olzT3Bxyi42eCoMhAvKU/anA1Qb8/57uu9fPOX
P3+raQKTcAbBMelOWO+J5rAzLQ8EF29r/0OgzYLFPWZP6lGVwo0IqnFiowIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFL1W3FsG7MLct9FX5BdkhU1DRBSiMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvdlZiY1d3YnN3dHkzMFZma0YyU0ZUVU5FRktJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwMAky0wCwMD
AMHpAwQAwekEAwQAwekIAwQBwekKMA0EAgACMAcDBQAgAQZAMA0GCSqGSIb3DQEB
CwUAA4IBAQB3Lkl09gjffgcDqO86MNGEZZP6JhB9b9HsNcd7wmWl8AkFmlbLsB3q
MrbAuL4Vw8YIumjnkMyaxaFTSzV50YHQb4k8bS5bB/gBYTBGTTnii91Mpi41uV3t
iPtiQTSuCgygNZVj2ShJlDS6S6A6u04Uz7zDqloBG0FMx5Gq5aV1iATiRpB4DHdm
IcdgkMZGLc4d85myXncD5WX58DnYfWyXyaLpI5NqSKSSgDcN/Mo0R+RkxXG/IkAO
0a8CVellRjMtNuN+WT7SsHQ+GCM85dZVzwNB5AUnvpXFMr7nw91FsOnnyAHi8xgp
ha9FyDJkqTYx77DBgukSIe/scvNFzFAv
-----END CERTIFICATE-----
Generated at Thu Nov 2 18:07:40 2023 by rpki-client on console-ams.rpki-client.org