Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/yHL6MeHNFOwhFVM5aoeYNHGI_NU.roa
File: yHL6MeHNFOwhFVM5aoeYNHGI_NU.roa (raw, json)
Hash identifier: 1BDKm61s119HhEJ1Ocf1ugj3jhSrAuJErOfLTfrVSt8=
Subject key identifier: C8:72:FA:31:E1:CD:14:EC:21:15:53:39:6A:87:98:34:71:88:FC:D5
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018CC7953657F1E82CA7A4A7A554AA316C28
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/yHL6MeHNFOwhFVM5aoeYNHGI_NU.roa
Signing time: Tue 02 Jan 2024 00:31:33 +0000
ROA not before: Tue 02 Jan 2024 00:31:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207967
IP address blocks: 193.233.124.0/23 maxlen: 23
193.233.126.0/23 maxlen: 23
147.45.224.0/19 maxlen: 19
193.233.112.0/22 maxlen: 22
193.233.108.0/22 maxlen: 22
193.233.116.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 07 Feb 2024 11:50:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:36:57:f1:e8:2c:a7:a4:a7:a5:54:aa:31:6c:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 2 00:31:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c872fa31e1cd14ec211553396a8798347188fcd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:fa:49:34:b3:3c:a9:27:ef:08:95:9b:1f:03:
f2:5c:be:ec:a5:8c:58:5c:9e:17:d5:b4:6b:f7:20:
52:0b:0b:81:0a:cf:ef:4d:fe:69:64:d7:1c:89:02:
3f:8b:07:f4:a2:c3:aa:49:8b:c8:d0:6d:24:83:f1:
c2:fc:48:c9:3e:f1:a7:11:17:db:8f:92:7d:16:3a:
b0:58:b3:5d:93:24:73:26:db:06:83:56:16:29:19:
51:e7:01:41:8f:3e:1f:d0:c1:c8:04:0f:13:ce:6b:
a2:20:af:68:13:c7:13:67:4e:ea:30:74:03:4b:72:
d4:a5:05:2d:86:75:17:69:36:9b:a4:a6:56:47:7b:
91:c1:8d:84:4b:90:c4:4a:4e:4f:ea:d0:de:64:07:
26:1c:e8:fa:66:c3:0d:9e:46:11:1d:9d:d1:8c:d6:
a4:b7:b3:9d:f9:05:f8:44:76:03:3c:04:f1:2d:a4:
af:92:a5:33:4f:f6:11:54:ee:c5:2d:1a:0e:72:d2:
45:cd:ca:c1:c5:03:51:af:2d:d9:61:d0:1a:a3:8e:
a4:96:10:35:20:9f:22:b6:eb:89:75:93:8f:d1:e1:
eb:c3:a8:cd:67:e1:10:16:6d:c1:91:7d:0a:91:4f:
a1:3c:74:7f:fb:14:10:0c:4c:a3:62:79:22:0c:67:
80:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:72:FA:31:E1:CD:14:EC:21:15:53:39:6A:87:98:34:71:88:FC:D5
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/yHL6MeHNFOwhFVM5aoeYNHGI_NU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.224.0/19
193.233.108.0-193.233.119.255
193.233.124.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:6e:19:ab:d0:7b:25:34:7c:79:35:d8:8e:ed:d4:e7:f0:ca:
e1:4c:4a:4d:16:e8:c7:14:d4:e9:b6:58:da:50:e4:86:3c:4c:
aa:c8:23:8d:4a:08:53:e6:ac:66:4d:77:93:f5:e0:50:c5:f8:
07:20:44:39:96:a4:13:5b:e6:da:bb:07:29:f0:95:9e:eb:0f:
95:ca:eb:89:c9:94:58:26:c5:74:88:9c:90:46:1f:4e:67:01:
8e:16:36:fc:27:d7:14:f2:c7:98:47:a6:56:39:88:01:d5:d2:
03:43:d2:e8:7c:a1:5b:77:2a:4d:a1:61:98:18:3b:c7:29:6d:
21:61:76:e9:70:64:ea:c8:d1:c0:19:7d:c1:e4:da:34:72:aa:
38:b6:43:a4:4a:44:71:97:e8:6e:47:20:c5:7c:f0:ff:f4:a4:
43:cd:61:f8:4b:78:78:64:7b:0b:65:7b:cf:59:df:d2:1d:d1:
7a:26:8e:89:80:da:7e:fe:fd:ba:f1:d7:9f:69:2f:96:53:4d:
16:2c:a2:f7:e9:35:f1:3c:ed:6c:1b:15:c7:b7:75:fc:e0:36:
b4:03:1e:e9:4e:33:1d:5c:f2:83:87:85:01:ef:e6:50:da:80:
ac:1d:e0:e7:e6:39:51:98:14:37:c6:62:1a:e5:9f:04:b1:ef:
84:27:3c:f1
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzHlTZX8egsp6SnpVSqMWwoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMTAyMDAzMTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODcyZmEzMWUxY2QxNGVjMjExNTUzMzk2YTg3OTgzNDcxODhmY2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/pJNLM8qSfvCJWbHwPyXL7spYxY
XJ4X1bRr9yBSCwuBCs/vTf5pZNcciQI/iwf0osOqSYvI0G0kg/HC/EjJPvGnERfb
j5J9FjqwWLNdkyRzJtsGg1YWKRlR5wFBjz4f0MHIBA8TzmuiIK9oE8cTZ07qMHQD
S3LUpQUthnUXaTabpKZWR3uRwY2ES5DESk5P6tDeZAcmHOj6ZsMNnkYRHZ3RjNak
t7Od+QX4RHYDPATxLaSvkqUzT/YRVO7FLRoOctJFzcrBxQNRry3ZYdAao46klhA1
IJ8ituuJdZOP0eHrw6jNZ+EQFm3BkX0KkU+hPHR/+xQQDEyjYnkiDGeAeQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMhy+jHhzRTsIRVTOWqHmDRxiPzVMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEveUhMNk1lSE5GT3doRlZNNWFvZVlOSEdJX05VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQFky3gMAwD
BALB6WwDBAPB6XADBALB6XwwDQYJKoZIhvcNAQELBQADggEBAExuGavQeyU0fHk1
2I7t1OfwyuFMSk0W6McU1Om2WNpQ5IY8TKrII41KCFPmrGZNd5P14FDF+AcgRDmW
pBNb5tq7BynwlZ7rD5XK64nJlFgmxXSInJBGH05nAY4WNvwn1xTyx5hHplY5iAHV
0gND0uh8oVt3Kk2hYZgYO8cpbSFhdulwZOrI0cAZfcHk2jRyqji2Q6RKRHGX6G5H
IMV88P/0pEPNYfhLeHhkewtle89Z39Id0XomjomA2n7+/brx159pL5ZTTRYsovfp
NfE87WwbFce3dfzgNrQDHulOMx1c8oOHhQHv5lDagKwd4OfmOVGYFDfGYhrlnwSx
74QnPPE=
-----END CERTIFICATE-----
Generated at Wed Feb 7 14:49:04 2024 by rpki-client on console-ams.rpki-client.org