Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/zHb67dyws1nV7Rs7e6JTdhdOmHE.roa
File: zHb67dyws1nV7Rs7e6JTdhdOmHE.roa (raw, json)
Hash identifier: FthF/PsE0/0UgRtYxB6bRl5Dm+izZlKyzv5I6F9cn4I=
Subject key identifier: CC:76:FA:ED:DC:B0:B3:59:D5:ED:1B:3B:7B:A2:53:76:17:4E:98:71
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018C2A0ECB4ED91BD0E8BB9A4B3D706DCB34
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/zHb67dyws1nV7Rs7e6JTdhdOmHE.roa
Signing time: Sat 02 Dec 2023 10:24:21 +0000
ROA not before: Sat 02 Dec 2023 10:24:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207967
IP address blocks: 193.233.124.0/23 maxlen: 23
193.233.126.0/23 maxlen: 23
147.45.224.0/19 maxlen: 19
193.233.112.0/22 maxlen: 22
193.233.108.0/22 maxlen: 22
193.233.116.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:2a:0e:cb:4e:d9:1b:d0:e8:bb:9a:4b:3d:70:6d:cb:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Dec 2 10:24:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc76faeddcb0b359d5ed1b3b7ba25376174e9871
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:15:7d:9e:74:a0:4d:2e:d9:ee:c1:53:a3:6d:
09:35:25:ac:c1:b1:b2:4c:87:13:14:ab:de:f9:3c:
1a:4b:e1:db:4f:da:81:98:3e:80:58:fc:fe:b4:c2:
15:3e:69:c3:62:8b:40:09:1d:37:af:d1:87:56:f8:
15:28:4a:67:65:16:c1:dd:82:fa:6a:64:c5:6d:75:
cd:ca:5e:f6:7c:a3:30:80:35:98:f7:98:29:fa:69:
3a:72:16:21:d9:be:b9:96:15:7d:3b:59:0e:1c:db:
d6:bd:74:d1:d5:e3:55:bf:0d:cb:43:9d:42:7f:c2:
08:cf:5a:68:89:96:d1:9f:43:84:5e:76:05:74:5b:
5e:0b:f7:45:83:06:79:cc:ad:62:82:f4:69:48:fc:
de:d3:9e:96:a9:df:03:b5:b6:c6:01:46:6c:56:ee:
77:da:54:47:d9:39:24:71:14:b6:7d:57:f5:f5:2d:
b5:9a:00:4d:b4:81:26:d4:e1:27:26:08:14:71:02:
11:5e:3b:e1:06:60:f6:76:20:17:3e:0a:9c:7b:3e:
54:5d:71:52:cc:4d:93:bb:b2:25:bd:4d:f3:78:cf:
4a:c5:ab:48:7d:07:ea:2a:c1:c9:e7:4d:6d:f5:ea:
75:2d:1a:c7:04:71:6d:06:55:06:0e:bd:5d:72:44:
ad:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:76:FA:ED:DC:B0:B3:59:D5:ED:1B:3B:7B:A2:53:76:17:4E:98:71
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/zHb67dyws1nV7Rs7e6JTdhdOmHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.224.0/19
193.233.108.0-193.233.119.255
193.233.124.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:ee:ab:ad:cd:b3:4b:35:16:62:06:d0:7e:f8:14:57:57:a5:
5d:70:cf:ca:c2:70:31:ef:b0:fa:56:f3:b7:b1:27:43:19:43:
13:91:b5:ed:71:e1:6c:62:32:e7:1a:23:fb:9c:aa:41:8f:f6:
a3:2b:dd:00:3b:1e:8b:6b:b3:bc:f2:10:24:35:d5:38:09:9b:
6f:a1:65:f0:6b:03:ba:a8:22:a2:5e:9f:1d:6f:d3:44:b5:15:
97:af:a1:f7:dc:f5:19:ab:f8:f0:87:87:42:ee:82:7c:1e:6f:
f2:10:a5:f1:eb:74:9b:4b:b8:87:c3:39:ec:dc:23:43:2c:91:
56:a6:ce:80:be:e6:97:bb:04:6d:68:78:86:9b:1e:92:45:c3:
ec:a2:08:53:dc:b6:2b:eb:af:ad:bf:cf:84:1c:26:de:54:02:
e3:8b:d7:1b:ef:c5:0a:3e:55:23:9a:34:f4:f1:22:17:8f:fa:
62:ca:03:56:c8:cd:ed:6b:00:33:47:3d:ae:a6:88:62:07:8e:
bc:09:41:cf:26:f2:35:3f:7a:75:1d:97:b1:02:6e:b8:20:36:
26:27:63:ac:9b:e8:60:f2:62:17:e8:17:27:78:b6:05:6f:9d:
48:f6:9b:ac:de:47:a4:c5:ae:a4:f3:4a:0d:5d:40:f4:90:23:
98:03:83:c3
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYwqDstO2RvQ6LuaSz1wbcs0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMxMjAyMTAyNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzc2ZmFlZGRjYjBiMzU5ZDVlZDFiM2I3YmEyNTM3NjE3NGU5ODcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxV9nnSgTS7Z7sFTo20JNSWswbGy
TIcTFKve+TwaS+HbT9qBmD6AWPz+tMIVPmnDYotACR03r9GHVvgVKEpnZRbB3YL6
amTFbXXNyl72fKMwgDWY95gp+mk6chYh2b65lhV9O1kOHNvWvXTR1eNVvw3LQ51C
f8IIz1poiZbRn0OEXnYFdFteC/dFgwZ5zK1igvRpSPze056Wqd8DtbbGAUZsVu53
2lRH2TkkcRS2fVf19S21mgBNtIEm1OEnJggUcQIRXjvhBmD2diAXPgqcez5UXXFS
zE2Tu7IlvU3zeM9KxatIfQfqKsHJ501t9ep1LRrHBHFtBlUGDr1dckSt5wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMx2+u3csLNZ1e0bO3uiU3YXTphxMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvekhiNjdkeXdzMW5WN1JzN2U2SlRkaGRPbUhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQFky3gMAwD
BALB6WwDBAPB6XADBALB6XwwDQYJKoZIhvcNAQELBQADggEBAGzuq63Ns0s1FmIG
0H74FFdXpV1wz8rCcDHvsPpW87exJ0MZQxORte1x4WxiMucaI/ucqkGP9qMr3QA7
Hotrs7zyECQ11TgJm2+hZfBrA7qoIqJenx1v00S1FZevoffc9Rmr+PCHh0Lugnwe
b/IQpfHrdJtLuIfDOezcI0MskVamzoC+5pe7BG1oeIabHpJFw+yiCFPctivrr62/
z4QcJt5UAuOL1xvvxQo+VSOaNPTxIheP+mLKA1bIze1rADNHPa6miGIHjrwJQc8m
8jU/enUdl7ECbrggNiYnY6yb6GDyYhfoFyd4tgVvnUj2m6zeR6TFrqTzSg1dQPSQ
I5gDg8M=
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:06 2024 by rpki-client on console-fra.rpki-client.org