Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/vq8ELa4oaEP9QrRh42dR1OzhwL4.roa
File: vq8ELa4oaEP9QrRh42dR1OzhwL4.roa (raw, json)
Hash identifier: 6R5Ot4WmiPY1Ro2jiM86FpJ1V1KGBc3Tja67x3PnKso=
Subject key identifier: BE:AF:04:2D:AE:28:68:43:FD:42:B4:61:E3:67:51:D4:EC:E1:C0:BE
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018C0C2E7A85D03B7E1063C096E4136A8CF9
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/vq8ELa4oaEP9QrRh42dR1OzhwL4.roa
Signing time: Sun 26 Nov 2023 15:10:21 +0000
ROA not before: Sun 26 Nov 2023 15:10:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 193.233.100.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:0c:2e:7a:85:d0:3b:7e:10:63:c0:96:e4:13:6a:8c:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Nov 26 15:10:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=beaf042dae286843fd42b461e36751d4ece1c0be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:73:93:96:2a:0a:21:9f:3c:fa:9c:5c:4c:c9:
76:3e:2b:24:70:a8:df:d6:e1:d2:27:ee:ff:9a:e6:
78:5f:70:1f:ab:93:bc:0b:a2:4d:56:a0:48:05:6a:
cf:9c:35:42:a9:51:e0:91:6d:2c:24:b6:b3:42:f2:
25:a1:9e:09:18:5d:75:ad:01:8c:79:d0:70:60:32:
13:4b:4a:a7:0e:d1:47:e0:4f:4b:cd:a5:fd:2f:68:
30:5a:9a:18:59:8b:09:b6:db:c6:bc:fe:76:1f:47:
25:e5:d0:90:98:29:16:f5:d7:5b:c8:8d:35:38:63:
7d:9d:8c:86:98:2b:5e:5a:ef:7d:17:bc:c2:82:9d:
8d:e4:6a:b7:09:4f:81:23:17:0f:b6:0b:68:d7:50:
74:f3:ef:f3:3b:cc:07:aa:f5:c3:0a:c0:f3:b7:84:
41:ac:1a:8b:3a:d4:23:71:9a:c9:b2:bd:f9:99:b4:
27:fb:85:19:53:68:0c:94:c8:b8:eb:ed:3c:23:77:
57:e0:27:75:13:cf:15:c7:9b:7d:fc:de:a9:d5:ad:
0b:a9:dc:13:70:3d:7a:ed:46:1f:81:61:6f:75:6a:
68:d3:90:80:0d:85:7c:49:03:77:59:4b:a6:d5:07:
66:49:ee:3e:58:25:0b:10:fe:45:4d:28:71:bb:a3:
68:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:AF:04:2D:AE:28:68:43:FD:42:B4:61:E3:67:51:D4:EC:E1:C0:BE
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/vq8ELa4oaEP9QrRh42dR1OzhwL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.100.0/22
Signature Algorithm: sha256WithRSAEncryption
57:e4:38:85:5d:e4:31:76:0b:7f:b0:f9:fa:ea:4a:0d:e0:d2:
36:a4:4c:46:d1:18:ca:23:28:b7:28:7b:31:ba:cc:de:74:3c:
ba:18:07:b6:ce:57:c5:82:ec:22:ed:c2:f5:f0:2b:fb:97:b0:
e8:8a:5c:2a:84:94:1d:49:07:81:d5:b2:ff:a3:6f:29:c6:99:
30:bd:71:cf:67:d2:da:71:01:95:df:54:0d:2b:ca:ac:8e:3e:
8a:b1:8d:11:1c:a3:41:00:ca:07:42:4d:47:67:e0:d8:f1:35:
9e:06:27:80:c3:f0:80:39:c0:75:19:5e:18:cc:d5:1e:8b:70:
36:79:8d:dc:15:01:7d:70:03:c7:6f:0d:7d:cb:f9:a0:19:3f:
a4:94:62:31:62:01:27:3c:b1:1a:4a:ca:46:4d:fc:d5:49:13:
aa:da:5b:1e:83:df:73:5d:c2:47:77:a9:c8:56:5d:6b:76:3f:
c3:b0:b6:f4:fb:0d:b5:41:6b:52:5c:f6:19:85:5d:26:68:2d:
ba:96:2c:66:1e:ca:32:2c:90:56:64:d4:61:ce:50:a6:d4:6b:
5a:3d:8f:d1:d6:77:db:d9:e4:6c:df:b1:39:a7:79:44:50:9a:
87:68:13:63:d7:76:6c:ba:bf:22:79:70:e7:ab:1d:14:6a:d6:
6b:66:78:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwMLnqF0Dt+EGPAluQTaoz5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMxMTI2MTUxMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWFmMDQyZGFlMjg2ODQzZmQ0MmI0NjFlMzY3NTFkNGVjZTFjMGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXOTlioKIZ88+pxcTMl2PiskcKjf
1uHSJ+7/muZ4X3Afq5O8C6JNVqBIBWrPnDVCqVHgkW0sJLazQvIloZ4JGF11rQGM
edBwYDITS0qnDtFH4E9LzaX9L2gwWpoYWYsJttvGvP52H0cl5dCQmCkW9ddbyI01
OGN9nYyGmCteWu99F7zCgp2N5Gq3CU+BIxcPtgto11B08+/zO8wHqvXDCsDzt4RB
rBqLOtQjcZrJsr35mbQn+4UZU2gMlMi46+08I3dX4Cd1E88Vx5t9/N6p1a0LqdwT
cD167UYfgWFvdWpo05CADYV8SQN3WUum1QdmSe4+WCULEP5FTShxu6NogQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL6vBC2uKGhD/UK0YeNnUdTs4cC+MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvdnE4RUxhNG9hRVA5UXJSaDQyZFIxT3pod0w0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwelkMA0G
CSqGSIb3DQEBCwUAA4IBAQBX5DiFXeQxdgt/sPn66koN4NI2pExG0RjKIyi3KHsx
uszedDy6GAe2zlfFguwi7cL18Cv7l7DoilwqhJQdSQeB1bL/o28pxpkwvXHPZ9La
cQGV31QNK8qsjj6KsY0RHKNBAMoHQk1HZ+DY8TWeBieAw/CAOcB1GV4YzNUei3A2
eY3cFQF9cAPHbw19y/mgGT+klGIxYgEnPLEaSspGTfzVSROq2lseg99zXcJHd6nI
Vl1rdj/DsLb0+w21QWtSXPYZhV0maC26lixmHsoyLJBWZNRhzlCm1GtaPY/R1nfb
2eRs37E5p3lEUJqHaBNj13Zsur8ieXDnqx0UatZrZngW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:40 2024 by rpki-client on console-fra.rpki-client.org