Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/y_IQCn-ZxrLZDo9pj0JwcwZk_QQ.roa
File: y_IQCn-ZxrLZDo9pj0JwcwZk_QQ.roa (raw, json)
Hash identifier: MR+xM2fER86jSHULy1Cz4sLacONm0yPBjD9cE7xK2vE=
Subject key identifier: CB:F2:10:0A:7F:99:C6:B2:D9:0E:8F:69:8F:42:70:73:06:64:FD:04
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0188359FCBE27F702B9A352C03B421248C00
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/y_IQCn-ZxrLZDo9pj0JwcwZk_QQ.roa
Signing time: Fri 19 May 2023 20:07:24 +0000
ROA not before: Fri 19 May 2023 20:07:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49392
IP address blocks: 193.233.16.0/24 maxlen: 24
193.233.252.0/23 maxlen: 23
193.233.61.0/24 maxlen: 24
193.233.192.0/24 maxlen: 24
193.233.85.0/24 maxlen: 24
193.233.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 May 2023 18:33:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:35:9f:cb:e2:7f:70:2b:9a:35:2c:03:b4:21:24:8c:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: May 19 20:07:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cbf2100a7f99c6b2d90e8f698f4270730664fd04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:e1:b7:0c:ba:56:36:78:d5:e2:15:e1:c3:5a:
ad:dc:05:9a:1d:fe:97:04:4a:9b:e2:d2:22:79:ee:
fe:b3:2f:6f:9c:fa:e2:53:ce:13:3a:e2:31:0c:9b:
8a:31:45:64:ec:c2:4b:0d:df:31:2d:78:ad:13:1f:
58:aa:2c:f0:d2:b8:01:fe:24:8d:3a:8c:61:2f:3c:
0c:29:cf:f9:c3:5b:39:88:14:80:48:e4:2d:e3:3c:
28:b2:64:ce:82:cc:b1:b2:1b:64:5c:76:25:a1:38:
10:9e:57:d1:6d:fc:f8:26:07:52:5c:4f:25:d7:eb:
46:b2:cd:d3:51:9a:80:a0:21:2e:2e:1e:4a:f6:4f:
b3:ce:f7:ae:bf:b7:bb:2f:34:1c:71:0b:03:34:31:
06:98:16:92:55:1f:08:80:65:f8:8c:1d:ff:a6:f0:
82:6a:68:66:8a:93:4b:70:b3:d2:f2:f9:a6:44:2a:
10:3d:76:13:a7:4e:07:be:7f:46:c4:13:39:ae:97:
0d:9f:39:41:e0:fc:fa:a7:e6:2f:85:09:76:94:a7:
70:c6:dc:30:9a:f2:1d:bb:58:7b:d3:53:b8:d8:77:
34:c8:55:b4:e4:f8:bd:e1:ed:54:23:8c:6e:87:93:
51:5b:e1:09:6c:46:91:c4:3b:15:0c:59:56:8c:4a:
af:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:F2:10:0A:7F:99:C6:B2:D9:0E:8F:69:8F:42:70:73:06:64:FD:04
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/y_IQCn-ZxrLZDo9pj0JwcwZk_QQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.16.0/24
193.233.61.0/24
193.233.85.0-193.233.86.255
193.233.192.0/24
193.233.252.0/23
Signature Algorithm: sha256WithRSAEncryption
28:74:5a:af:4e:1c:10:23:08:41:11:48:29:9c:81:47:01:96:
2b:54:0f:c4:9e:e0:64:03:ad:d5:1f:c8:fc:aa:bc:fe:4c:87:
56:f3:d0:a6:6a:d5:08:09:96:65:e5:d1:b5:d3:14:80:04:a9:
a5:14:f5:c0:a7:d4:50:22:d3:40:3e:c9:70:5a:89:3b:15:d5:
41:bf:00:00:54:da:97:e1:a0:8b:91:68:fb:bc:e4:49:b8:ef:
30:7f:0a:5e:52:f6:c9:ff:5d:96:3d:df:b1:e6:45:80:64:66:
49:7e:76:8d:42:b3:c6:f3:35:0a:bc:80:1b:24:a1:bd:60:08:
47:0b:6b:37:f7:d8:ef:f6:78:fc:5c:02:db:20:48:e8:c4:98:
39:c1:63:2b:be:e0:45:9d:0f:d6:15:48:f6:82:fe:b4:b0:0c:
63:e7:f8:9f:ac:da:8e:35:b7:58:ea:f9:0a:e7:93:fd:60:50:
85:be:b0:26:a6:1c:bb:c9:39:ca:eb:19:86:e2:b6:85:67:aa:
73:bc:65:e7:06:9c:c3:45:78:7d:8a:b4:3d:11:05:d2:b0:dc:
ea:35:b8:5a:3b:c2:db:6d:58:16:ba:c1:00:5d:0f:7e:6b:3e:
a4:ae:28:ce:54:74:4d:e6:a8:59:dc:d4:b4:e7:1e:ab:bf:4d:
63:0d:4f:90
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYg1n8vif3ArmjUsA7QhJIwAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwNTE5MjAwNzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmYyMTAwYTdmOTljNmIyZDkwZThmNjk4ZjQyNzA3MzA2NjRmZDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6OG3DLpWNnjV4hXhw1qt3AWaHf6X
BEqb4tIiee7+sy9vnPriU84TOuIxDJuKMUVk7MJLDd8xLXitEx9Yqizw0rgB/iSN
OoxhLzwMKc/5w1s5iBSASOQt4zwosmTOgsyxshtkXHYloTgQnlfRbfz4JgdSXE8l
1+tGss3TUZqAoCEuLh5K9k+zzveuv7e7LzQccQsDNDEGmBaSVR8IgGX4jB3/pvCC
amhmipNLcLPS8vmmRCoQPXYTp04Hvn9GxBM5rpcNnzlB4Pz6p+YvhQl2lKdwxtww
mvIdu1h701O42Hc0yFW05Pi94e1UI4xuh5NRW+EJbEaRxDsVDFlWjEqvSwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFMvyEAp/mcay2Q6PaY9CcHMGZP0EMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEveV9JUUNuLVp4ckxaRG85cGowSndjd1prX1FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAwekQAwQA
wek9MAwDBADB6VUDBADB6VYDBADB6cADBAHB6fwwDQYJKoZIhvcNAQELBQADggEB
ACh0Wq9OHBAjCEERSCmcgUcBlitUD8Se4GQDrdUfyPyqvP5Mh1bz0KZq1QgJlmXl
0bXTFIAEqaUU9cCn1FAi00A+yXBaiTsV1UG/AABU2pfhoIuRaPu85Em47zB/Cl5S
9sn/XZY937HmRYBkZkl+do1Cs8bzNQq8gBskob1gCEcLazf32O/2ePxcAtsgSOjE
mDnBYyu+4EWdD9YVSPaC/rSwDGPn+J+s2o41t1jq+Qrnk/1gUIW+sCamHLvJOcrr
GYbitoVnqnO8ZecGnMNFeH2KtD0RBdKw3Oo1uFo7wtttWBa6wQBdD35rPqSuKM5U
dE3mqFnc1LTnHqu/TWMNT5A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:40 2024 by rpki-client on console-fra.rpki-client.org