Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/xOt-0x8-bj9NZrPUkXhwU9xOocg.roa
File: xOt-0x8-bj9NZrPUkXhwU9xOocg.roa (raw, json)
Hash identifier: UYi7K2/lptFI6QmnIOrY127pQg8/SO5kcbSXpCapEdY=
Subject key identifier: C4:EB:7E:D3:1F:3E:6E:3F:4D:66:B3:D4:91:78:70:53:DC:4E:A1:C8
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0193FEB1B434CBAF87C6F17BC74D43B7F32D
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/xOt-0x8-bj9NZrPUkXhwU9xOocg.roa
Signing time: Wed 25 Dec 2024 16:41:19 +0000
ROA not before: Wed 25 Dec 2024 16:41:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49418
IP address blocks: 193.233.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:fe:b1:b4:34:cb:af:87:c6:f1:7b:c7:4d:43:b7:f3:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Dec 25 16:41:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4eb7ed31f3e6e3f4d66b3d491787053dc4ea1c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ca:a5:25:f7:47:a5:35:97:83:7e:bc:82:5d:
1b:fe:dd:1f:26:89:58:78:ae:c0:e4:64:c9:46:18:
92:1f:79:cf:ff:cc:2d:dc:bc:90:9b:5d:49:59:65:
9d:1c:a8:2b:c5:e8:cb:9c:d9:e5:8d:dd:07:65:d4:
6f:47:cf:d2:6a:7c:ea:b9:8b:07:5a:15:be:95:33:
e4:69:8c:73:4e:fd:ba:1c:96:60:c8:f9:41:d0:e2:
7e:bf:24:d2:d1:78:5c:60:97:04:d8:3d:13:12:f7:
4e:e3:9a:aa:d9:05:04:9a:f9:32:26:dc:56:04:db:
86:9e:8f:c5:5f:82:22:89:ca:0d:f9:58:20:38:ec:
2b:18:64:6d:92:5c:04:62:5a:79:bc:30:c3:e8:5e:
db:76:55:48:52:d7:23:32:ac:3c:25:3f:6d:8a:74:
25:d6:45:fd:27:95:c6:aa:6a:31:e3:59:a9:fa:34:
87:7e:91:a8:e2:d5:b4:02:28:0d:45:cc:15:ba:84:
6f:ec:16:c4:d0:5d:40:23:d0:23:f0:13:58:62:f8:
b1:31:7c:00:f1:73:ae:d0:09:3f:4b:b6:e3:ed:75:
0a:b3:ab:88:c5:d7:86:8d:fb:2a:bf:6f:79:6b:16:
c5:fd:5b:8e:27:6a:c2:eb:0a:dd:e6:16:99:6e:83:
1a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:EB:7E:D3:1F:3E:6E:3F:4D:66:B3:D4:91:78:70:53:DC:4E:A1:C8
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/xOt-0x8-bj9NZrPUkXhwU9xOocg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.86.0/24
Signature Algorithm: sha256WithRSAEncryption
75:f8:27:25:3f:61:37:63:b6:a7:02:ab:dd:f5:ae:db:30:b5:
25:65:8f:22:1f:5b:c1:d8:75:92:4a:e9:75:4f:eb:b1:10:8e:
e1:cf:20:36:f8:76:29:e2:1a:9d:04:5b:e8:21:87:89:e6:ba:
de:0b:19:9e:93:ef:e0:27:16:9e:6c:03:40:f3:ef:e5:d2:34:
00:6a:ef:7f:56:9e:16:2b:f8:17:59:7a:16:f1:c9:2a:af:65:
86:4e:2f:65:fd:09:79:da:60:e2:cc:e6:d7:d2:a5:43:a8:0e:
d7:a3:c5:6f:37:0b:a6:1a:fe:10:36:89:27:86:34:fa:c3:ec:
ea:00:13:57:d6:1d:fd:b6:29:78:56:3e:10:51:4a:a4:93:54:
4b:7c:8c:bc:21:ff:b2:0f:a4:e4:7c:8b:9c:f3:e6:df:dd:82:
d1:02:85:17:6e:c5:7d:b0:f4:7e:95:81:26:ec:90:0c:3a:f9:
f8:44:d4:65:9a:56:65:42:5f:94:f9:8d:fe:12:98:6a:b3:48:
37:91:c9:6e:e2:1f:ac:87:0f:a4:d6:98:58:55:43:ed:94:96:
4b:5e:51:4d:d1:ff:77:c4:b1:ee:12:06:e3:ba:d0:8f:97:60:
5f:52:e9:47:31:4b:bf:e0:76:09:11:50:af:2b:6c:05:14:78:
ef:5b:78:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZP+sbQ0y6+HxvF7x01Dt/MtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQxMjI1MTY0MTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGViN2VkMzFmM2U2ZTNmNGQ2NmIzZDQ5MTc4NzA1M2RjNGVhMWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsqlJfdHpTWXg368gl0b/t0fJolY
eK7A5GTJRhiSH3nP/8wt3LyQm11JWWWdHKgrxejLnNnljd0HZdRvR8/SanzquYsH
WhW+lTPkaYxzTv26HJZgyPlB0OJ+vyTS0XhcYJcE2D0TEvdO45qq2QUEmvkyJtxW
BNuGno/FX4IiicoN+VggOOwrGGRtklwEYlp5vDDD6F7bdlVIUtcjMqw8JT9tinQl
1kX9J5XGqmox41mp+jSHfpGo4tW0AigNRcwVuoRv7BbE0F1AI9Aj8BNYYvixMXwA
8XOu0Ak/S7bj7XUKs6uIxdeGjfsqv295axbF/VuOJ2rC6wrd5haZboMaWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMTrftMfPm4/TWaz1JF4cFPcTqHIMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEveE90LTB4OC1iajlOWnJQVWtYaHdVOXhPb2NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwelWMA0G
CSqGSIb3DQEBCwUAA4IBAQB1+CclP2E3Y7anAqvd9a7bMLUlZY8iH1vB2HWSSul1
T+uxEI7hzyA2+HYp4hqdBFvoIYeJ5rreCxmek+/gJxaebANA8+/l0jQAau9/Vp4W
K/gXWXoW8ckqr2WGTi9l/Ql52mDizObX0qVDqA7Xo8VvNwumGv4QNoknhjT6w+zq
ABNX1h39til4Vj4QUUqkk1RLfIy8If+yD6TkfIuc8+bf3YLRAoUXbsV9sPR+lYEm
7JAMOvn4RNRlmlZlQl+U+Y3+Ephqs0g3kclu4h+shw+k1phYVUPtlJZLXlFN0f93
xLHuEgbjutCPl2BfUulHMUu/4HYJEVCvK2wFFHjvW3gg
-----END CERTIFICATE-----
Generated at Wed Apr 9 05:42:55 2025 by rpki-client