Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/yvQBnbaCMZtI3U4-W4nQjJuZApI.roa
File: yvQBnbaCMZtI3U4-W4nQjJuZApI.roa (raw, json)
Hash identifier: pxLOu/Owr2wVWao2taNmKF5fH/BPoCqQcbTJhDiV5+U=
Subject key identifier: CA:F4:01:9D:B6:82:31:9B:48:DD:4E:3E:5B:89:D0:8C:9B:99:02:92
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018CC7953706F8570BD7909C7A0B0E5004D7
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/yvQBnbaCMZtI3U4-W4nQjJuZApI.roa
Signing time: Tue 02 Jan 2024 00:31:34 +0000
ROA not before: Tue 02 Jan 2024 00:31:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210352
IP address blocks: 193.233.49.0/24 maxlen: 24
193.233.48.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Aug 2024 13:23:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:37:06:f8:57:0b:d7:90:9c:7a:0b:0e:50:04:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 2 00:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=caf4019db682319b48dd4e3e5b89d08c9b990292
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:9d:f7:9f:ae:b3:2d:4d:94:97:4a:df:d7:13:
6f:1c:26:6a:08:d9:bf:70:ea:a7:61:15:d6:bf:dc:
81:dd:2f:f9:e7:3f:70:44:ba:32:7c:70:2d:5e:3a:
03:b2:b4:21:94:d5:91:82:f8:54:47:3b:e5:df:5c:
d7:40:76:ff:d8:99:08:88:7e:16:d2:38:f2:9a:f4:
36:f6:3d:f5:3a:ba:6c:4f:49:bf:77:a8:a9:a6:0c:
37:77:27:93:eb:13:6e:67:7e:22:26:33:32:dc:55:
ef:00:b2:98:26:ed:86:c2:88:f2:7c:c3:e3:9a:1a:
8f:c7:67:e7:c7:4b:07:3d:dd:51:d3:5d:90:a6:a0:
e9:b3:84:6a:c8:a8:b6:0f:3d:38:93:70:1b:d7:a2:
37:b1:2b:14:ee:62:45:c8:1d:e6:6f:17:1c:b5:99:
7e:37:2c:c1:2a:02:0e:93:4b:4d:c4:85:ac:4a:94:
b0:bb:61:52:82:27:9a:c7:e8:56:1b:4f:ad:31:4b:
57:25:82:65:86:b9:5e:d2:72:76:db:94:bc:29:51:
70:f5:d7:10:7a:64:b0:54:e9:fb:ad:84:29:89:3b:
44:28:a3:7c:1e:59:2e:ce:fb:9f:fc:a1:77:0f:35:
65:ff:a8:8d:77:94:af:8a:33:a3:92:98:68:ab:2f:
94:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:F4:01:9D:B6:82:31:9B:48:DD:4E:3E:5B:89:D0:8C:9B:99:02:92
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/yvQBnbaCMZtI3U4-W4nQjJuZApI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.48.0/23
Signature Algorithm: sha256WithRSAEncryption
68:7e:49:5c:93:31:f2:c7:7d:5b:51:e5:75:1a:57:cf:45:68:
8b:db:b6:42:7b:87:30:a1:19:cc:a1:ab:05:c8:dd:50:0d:c6:
e4:c6:16:55:c2:f0:ea:4c:d0:af:98:9c:95:a8:05:d7:eb:49:
c3:30:0c:92:01:15:9d:6c:8e:bf:01:67:f5:b1:32:bf:45:3f:
3c:34:9e:7d:d3:97:23:f5:d3:aa:bc:e8:2b:57:95:5c:ad:23:
e0:bc:85:63:76:72:5c:2e:1b:0a:a8:62:5f:04:ee:95:25:1b:
09:a1:82:09:66:e7:12:da:20:71:84:7d:c9:c4:0d:90:59:7c:
0f:49:52:59:04:34:3c:c1:b6:7d:b4:e6:f8:91:89:b6:7b:8a:
e6:2f:40:0c:f7:d9:75:66:9e:65:e2:30:9a:87:8e:a0:0f:c3:
05:e4:53:42:ec:63:47:d4:d5:8b:b9:0c:e2:b2:1b:15:c0:67:
ac:8c:45:ea:d3:c4:34:fb:67:bd:89:35:fa:bc:af:07:fd:a6:
f0:58:af:5b:90:8a:f1:4c:f7:24:bd:ca:f6:fb:6e:b4:a5:95:
89:a7:a4:38:ea:35:07:0b:27:54:86:f7:ea:b5:99:ea:fc:52:
77:19:72:fb:c3:2b:a8:76:b4:52:44:03:f4:9f:8d:17:f7:e8:
e1:89:8e:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlTcG+FcL15CcegsOUATXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMTAyMDAzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWY0MDE5ZGI2ODIzMTliNDhkZDRlM2U1Yjg5ZDA4YzliOTkwMjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZ33n66zLU2Ul0rf1xNvHCZqCNm/
cOqnYRXWv9yB3S/55z9wRLoyfHAtXjoDsrQhlNWRgvhURzvl31zXQHb/2JkIiH4W
0jjymvQ29j31OrpsT0m/d6ippgw3dyeT6xNuZ34iJjMy3FXvALKYJu2GwojyfMPj
mhqPx2fnx0sHPd1R012QpqDps4RqyKi2Dz04k3Ab16I3sSsU7mJFyB3mbxcctZl+
NyzBKgIOk0tNxIWsSpSwu2FSgieax+hWG0+tMUtXJYJlhrle0nJ225S8KVFw9dcQ
emSwVOn7rYQpiTtEKKN8Hlkuzvuf/KF3DzVl/6iNd5SvijOjkphoqy+UswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMr0AZ22gjGbSN1OPluJ0IybmQKSMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEveXZRQm5iYUNNWnRJM1U0LVc0blFqSnVaQXBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwekwMA0G
CSqGSIb3DQEBCwUAA4IBAQBofklckzHyx31bUeV1GlfPRWiL27ZCe4cwoRnMoasF
yN1QDcbkxhZVwvDqTNCvmJyVqAXX60nDMAySARWdbI6/AWf1sTK/RT88NJ5905cj
9dOqvOgrV5VcrSPgvIVjdnJcLhsKqGJfBO6VJRsJoYIJZucS2iBxhH3JxA2QWXwP
SVJZBDQ8wbZ9tOb4kYm2e4rmL0AM99l1Zp5l4jCah46gD8MF5FNC7GNH1NWLuQzi
shsVwGesjEXq08Q0+2e9iTX6vK8H/abwWK9bkIrxTPckvcr2+260pZWJp6Q46jUH
CydUhvfqtZnq/FJ3GXL7wyuodrRSRAP0n40X9+jhiY51
-----END CERTIFICATE-----
Generated at Mon Aug 5 15:20:46 2024 by rpki-client on console-ams.rpki-client.org