Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/25c017-86e2-4cc3-a202-4cda788fe899/1/oAKHt80KJHB_MIVWod59dqQTmX0.roa
File: oAKHt80KJHB_MIVWod59dqQTmX0.roa (raw, json)
Hash identifier: Vqxwt4b6JD3K+YIPLS0jFYp90MyimzU8IkRUcvbu6fY=
Subject key identifier: A0:02:87:B7:CD:0A:24:70:7F:30:85:56:A1:DE:7D:76:A4:13:99:7D
Certificate issuer: /CN=600e85f581c7513908ea04665fd23726fd70e62b
Certificate serial: 0187084F7656F255C0B812C4F7C3F0FB9979
Authority key identifier: 60:0E:85:F5:81:C7:51:39:08:EA:04:66:5F:D2:37:26:FD:70:E6:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YA6F9YHHUTkI6gRmX9I3Jv1w5is.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/25c017-86e2-4cc3-a202-4cda788fe899/1/oAKHt80KJHB_MIVWod59dqQTmX0.roa
Signing time: Wed 22 Mar 2023 07:53:58 +0000
ROA not before: Wed 22 Mar 2023 07:53:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200577
IP address blocks: 193.228.3.0/24 maxlen: 24
193.228.60.0/24 maxlen: 24
193.228.101.0/24 maxlen: 24
2001:67c:201c::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:08:4f:76:56:f2:55:c0:b8:12:c4:f7:c3:f0:fb:99:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=600e85f581c7513908ea04665fd23726fd70e62b
Validity
Not Before: Mar 22 07:53:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a00287b7cd0a24707f308556a1de7d76a413997d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:00:a6:71:59:3e:b5:5b:4c:90:dd:0d:18:7c:
34:98:aa:bb:c1:4f:03:0a:17:6e:d8:90:e7:e3:fc:
4c:1e:ec:e5:80:e1:c0:06:4e:be:e3:e7:9d:27:82:
e9:28:f8:7e:53:85:a5:24:0f:f5:b9:c3:8b:3b:ee:
4a:0a:e4:33:5a:1c:46:a3:27:c2:87:56:6d:7d:cc:
ab:07:81:24:b2:0e:35:cf:f7:90:87:4e:14:09:07:
4e:ce:3d:21:f7:83:4b:70:60:17:55:9a:99:6b:6c:
ae:de:0d:93:c0:d9:5b:84:4f:db:3a:72:0f:3d:8d:
5b:98:fe:08:00:20:a7:93:60:6f:2b:83:8e:b2:55:
ef:4d:f2:61:6a:e2:9a:df:1a:32:fe:6d:4d:90:9f:
07:dd:f4:be:7e:d1:16:1c:82:c0:df:c0:a0:28:d5:
6c:40:09:d8:7a:63:f8:05:f8:b0:a0:48:b7:19:29:
ab:c9:2f:28:3d:d7:f6:50:aa:73:57:4d:3f:70:10:
23:4d:55:cc:c2:a9:ed:70:30:3b:85:7c:e1:25:7e:
3c:e2:6b:d4:0c:79:34:86:d2:ab:b1:64:be:c5:f9:
2a:bb:27:69:7b:98:c0:fc:4e:f9:a6:95:54:9f:bc:
e0:dc:87:37:2a:65:72:da:0e:aa:57:bf:fb:d2:7b:
54:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:02:87:B7:CD:0A:24:70:7F:30:85:56:A1:DE:7D:76:A4:13:99:7D
X509v3 Authority Key Identifier:
keyid:60:0E:85:F5:81:C7:51:39:08:EA:04:66:5F:D2:37:26:FD:70:E6:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YA6F9YHHUTkI6gRmX9I3Jv1w5is.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/25c017-86e2-4cc3-a202-4cda788fe899/1/oAKHt80KJHB_MIVWod59dqQTmX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/25c017-86e2-4cc3-a202-4cda788fe899/1/YA6F9YHHUTkI6gRmX9I3Jv1w5is.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.228.3.0/24
193.228.60.0/24
193.228.101.0/24
IPv6:
2001:67c:201c::/48
Signature Algorithm: sha256WithRSAEncryption
8e:4b:b7:ea:bc:eb:6a:f6:37:72:07:ee:8f:62:27:7e:63:e6:
00:3a:c4:d5:ad:cd:f4:35:a5:a6:9d:0b:ef:4f:3a:a0:96:a7:
c4:33:f8:14:9f:09:6b:62:a8:e3:37:26:52:27:3a:6e:1e:af:
27:45:0a:a8:db:58:3d:a3:0f:bd:db:1d:de:3b:63:a2:31:73:
69:1f:23:84:69:6f:9b:d7:43:8b:30:25:87:1b:d4:ba:3f:2d:
7b:20:a9:a9:95:3f:3c:5b:d2:49:64:a7:94:f9:bc:b0:ad:6c:
ac:73:12:e0:61:9a:99:16:f4:08:42:4d:ee:56:00:8e:b9:e5:
f1:f0:cf:a4:3e:1c:ba:21:52:e1:39:81:44:b5:27:b9:76:5b:
7f:d1:0d:50:1f:0a:30:36:8b:d4:ff:13:cf:20:b1:0c:59:65:
55:da:12:ec:25:d4:5b:e4:69:2e:1e:e1:44:0d:f6:3c:0d:57:
e8:a4:b7:98:54:63:c2:5f:8b:66:04:4e:fe:6e:fb:e0:f6:7d:
eb:31:86:ea:af:75:37:b2:24:07:ed:f2:23:49:85:b2:d8:58:
4a:3e:7a:fd:ac:64:dc:89:5a:26:48:55:cb:de:d6:55:0f:0a:
56:44:fe:1e:74:47:28:a4:d4:e6:62:87:d2:e3:fb:d0:29:57:
b9:9e:a9:6f
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYcIT3ZW8lXAuBLE98Pw+5l5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMGU4NWY1ODFjNzUxMzkwOGVhMDQ2NjVmZDIzNzI2ZmQ3
MGU2MmIwHhcNMjMwMzIyMDc1MzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDAyODdiN2NkMGEyNDcwN2YzMDg1NTZhMWRlN2Q3NmE0MTM5OTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wCmcVk+tVtMkN0NGHw0mKq7wU8D
Chdu2JDn4/xMHuzlgOHABk6+4+edJ4LpKPh+U4WlJA/1ucOLO+5KCuQzWhxGoyfC
h1ZtfcyrB4Eksg41z/eQh04UCQdOzj0h94NLcGAXVZqZa2yu3g2TwNlbhE/bOnIP
PY1bmP4IACCnk2BvK4OOslXvTfJhauKa3xoy/m1NkJ8H3fS+ftEWHILA38CgKNVs
QAnYemP4BfiwoEi3GSmryS8oPdf2UKpzV00/cBAjTVXMwqntcDA7hXzhJX484mvU
DHk0htKrsWS+xfkquydpe5jA/E75ppVUn7zg3Ic3KmVy2g6qV7/70ntUdwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFKACh7fNCiRwfzCFVqHefXakE5l9MB8GA1UdIwQY
MBaAFGAOhfWBx1E5COoEZl/SNyb9cOYrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUE2RjlZSEhVVGtJNmdSbVg5STNKdjF3NWlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8yNWMwMTctODZlMi00Y2MzLWEyMDIt
NGNkYTc4OGZlODk5LzEvb0FLSHQ4MEtKSEJfTUlWV29kNTlkcVFUbVgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8yNWMwMTctODZlMi00Y2MzLWEyMDItNGNkYTc4OGZlODk5
LzEvWUE2RjlZSEhVVGtJNmdSbVg5STNKdjF3NWlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAweQDAwQA
weQ8AwQAweRlMA8EAgACMAkDBwAgAQZ8IBwwDQYJKoZIhvcNAQELBQADggEBAI5L
t+q862r2N3IH7o9iJ35j5gA6xNWtzfQ1paadC+9POqCWp8Qz+BSfCWtiqOM3JlIn
Om4erydFCqjbWD2jD73bHd47Y6Ixc2kfI4Rpb5vXQ4swJYcb1Lo/LXsgqamVPzxb
0klkp5T5vLCtbKxzEuBhmpkW9AhCTe5WAI655fHwz6Q+HLohUuE5gUS1J7l2W3/R
DVAfCjA2i9T/E88gsQxZZVXaEuwl1FvkaS4e4UQN9jwNV+ikt5hUY8Jfi2YETv5u
++D2fesxhuqvdTeyJAft8iNJhbLYWEo+ev2sZNyJWiZIVcve1lUPClZE/h50Ryik
1OZih9Lj+9ApV7meqW8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:49 2024 by rpki-client on console-fra.rpki-client.org