Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/ZOmQtmOlhGi9Q474VHDbg1GaH9E.roa
File: ZOmQtmOlhGi9Q474VHDbg1GaH9E.roa (raw, json)
Hash identifier: FCYTJuyjkFMUR2BOhDmsfliQB4Do4ncjNwoZNVz270o=
Subject key identifier: 64:E9:90:B6:63:A5:84:68:BD:43:8E:F8:54:70:DB:83:51:9A:1F:D1
Certificate issuer: /CN=e801f23ce821c264d67727536ec183537594c5f2
Certificate serial: 01856E01C306C91454C084AC12824978639F
Authority key identifier: E8:01:F2:3C:E8:21:C2:64:D6:77:27:53:6E:C1:83:53:75:94:C5:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6AHyPOghwmTWdydTbsGDU3WUxfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/ZOmQtmOlhGi9Q474VHDbg1GaH9E.roa
Signing time: Sun 01 Jan 2023 15:44:47 +0000
ROA not before: Sun 01 Jan 2023 15:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2603
IP address blocks: 193.10.95.0/24 maxlen: 24
193.10.94.0/24 maxlen: 24
193.10.252.0/24 maxlen: 24
193.11.3.0/24 maxlen: 24
193.10.255.0/24 maxlen: 24
193.10.254.0/24 maxlen: 24
193.10.68.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:01:c3:06:c9:14:54:c0:84:ac:12:82:49:78:63:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e801f23ce821c264d67727536ec183537594c5f2
Validity
Not Before: Jan 1 15:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64e990b663a58468bd438ef85470db83519a1fd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:5d:7b:0c:50:87:1f:a2:24:4a:99:8b:19:33:
11:8f:ac:f0:ae:06:63:3d:0e:91:f1:59:ac:5b:dd:
66:4f:14:51:8a:a5:4d:63:4e:8c:6d:1d:71:3d:2a:
7c:1b:d4:fe:5a:40:05:9c:64:c4:e5:33:63:3b:88:
42:6d:b0:5c:6b:74:47:7c:e1:48:5d:b4:4b:e1:d6:
d6:64:09:5d:9c:04:0e:1e:d1:59:27:19:da:3b:66:
5a:b3:00:9e:52:a1:8b:27:96:28:a5:44:5d:14:6f:
34:94:79:a3:da:49:c8:32:76:e4:39:e6:17:50:6f:
e3:51:4e:65:e7:e4:52:e5:12:87:00:90:6e:54:b5:
03:3e:37:4d:a5:24:49:d0:49:e4:00:c3:a1:6d:f2:
cb:59:00:b1:d1:77:3e:b8:59:6c:e2:b0:11:48:64:
96:1c:93:4e:7a:62:6f:03:5e:d9:03:67:a0:47:80:
8c:98:be:c6:42:2b:50:1f:79:51:1e:e5:db:2a:3e:
e3:42:e7:56:3e:de:91:f0:16:08:eb:f4:10:12:d9:
55:ed:f6:61:1f:8d:85:53:2d:fc:76:04:0a:76:62:
af:06:24:ac:29:17:54:5a:cf:ac:ee:67:ff:17:1e:
ba:a8:ad:1c:61:c5:97:cf:a9:11:c2:b0:fe:77:f2:
02:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:E9:90:B6:63:A5:84:68:BD:43:8E:F8:54:70:DB:83:51:9A:1F:D1
X509v3 Authority Key Identifier:
keyid:E8:01:F2:3C:E8:21:C2:64:D6:77:27:53:6E:C1:83:53:75:94:C5:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6AHyPOghwmTWdydTbsGDU3WUxfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/ZOmQtmOlhGi9Q474VHDbg1GaH9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/6AHyPOghwmTWdydTbsGDU3WUxfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.10.68.0/24
193.10.94.0/23
193.10.252.0/24
193.10.254.0/23
193.11.3.0/24
Signature Algorithm: sha256WithRSAEncryption
15:07:d3:80:09:55:cd:f4:5c:cd:b1:3f:60:c8:0e:16:33:aa:
2b:25:65:88:68:d2:0e:48:8b:83:c6:a7:97:74:03:38:ba:7e:
1d:ac:ce:14:16:5d:37:58:1d:0d:df:7a:b2:39:ee:5b:58:1c:
66:16:9b:61:96:8e:d4:0d:14:d3:1c:3b:ae:42:a7:64:51:59:
d0:ec:ef:15:ed:a0:81:26:0e:bf:c5:ce:c8:52:2d:b3:c4:d6:
f7:4b:19:7d:3a:c8:2e:ea:69:7f:c2:9b:12:a5:e9:9c:8f:a0:
a3:e1:f5:3f:65:e6:48:a5:2a:45:cb:b7:00:2e:26:24:69:64:
ed:af:41:bb:3d:71:14:25:7c:bf:09:ca:19:59:2d:ea:cf:62:
e9:21:76:b7:28:45:7a:1b:81:71:5e:5f:d1:7c:45:6a:5d:11:
66:8f:74:5f:dc:ac:71:a7:1a:c7:d9:a3:4a:04:18:3b:c3:27:
4d:ca:6f:88:17:11:94:2f:bd:dd:7a:fd:38:f2:88:55:87:41:
ac:d6:45:22:11:a8:65:99:fc:96:d0:65:05:e7:0b:d4:53:c8:
34:a1:ba:c1:e9:6c:ea:6f:bf:b2:59:64:8b:a8:5e:bc:75:16:
7a:70:70:93:b3:5c:20:9f:fb:a1:c1:d8:2e:fb:05:f3:d5:48:
53:81:66:2e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVuAcMGyRRUwISsEoJJeGOfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4MDFmMjNjZTgyMWMyNjRkNjc3Mjc1MzZlYzE4MzUzNzU5
NGM1ZjIwHhcNMjMwMTAxMTU0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGU5OTBiNjYzYTU4NDY4YmQ0MzhlZjg1NDcwZGI4MzUxOWExZmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnl17DFCHH6IkSpmLGTMRj6zwrgZj
PQ6R8VmsW91mTxRRiqVNY06MbR1xPSp8G9T+WkAFnGTE5TNjO4hCbbBca3RHfOFI
XbRL4dbWZAldnAQOHtFZJxnaO2ZaswCeUqGLJ5YopURdFG80lHmj2knIMnbkOeYX
UG/jUU5l5+RS5RKHAJBuVLUDPjdNpSRJ0EnkAMOhbfLLWQCx0Xc+uFls4rARSGSW
HJNOemJvA17ZA2egR4CMmL7GQitQH3lRHuXbKj7jQudWPt6R8BYI6/QQEtlV7fZh
H42FUy38dgQKdmKvBiSsKRdUWs+s7mf/Fx66qK0cYcWXz6kRwrD+d/ICCwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGTpkLZjpYRovUOO+FRw24NRmh/RMB8GA1UdIwQY
MBaAFOgB8jzoIcJk1ncnU27Bg1N1lMXyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkFIeVBPZ2h3bVRXZHlkVGJzR0RVM1dVeGZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9lYWI0ZDgtNmFmZC00ZjgxLWFiMTAt
NDY0ZWIxODNiNTY4LzEvWk9tUXRtT2xoR2k5UTQ3NFZIRGJnMUdhSDlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9lYWI0ZDgtNmFmZC00ZjgxLWFiMTAtNDY0ZWIxODNiNTY4
LzEvNkFIeVBPZ2h3bVRXZHlkVGJzR0RVM1dVeGZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwQpEAwQB
wQpeAwQAwQr8AwQBwQr+AwQAwQsDMA0GCSqGSIb3DQEBCwUAA4IBAQAVB9OACVXN
9FzNsT9gyA4WM6orJWWIaNIOSIuDxqeXdAM4un4drM4UFl03WB0N33qyOe5bWBxm
Fpthlo7UDRTTHDuuQqdkUVnQ7O8V7aCBJg6/xc7IUi2zxNb3Sxl9Osgu6ml/wpsS
pemcj6Cj4fU/ZeZIpSpFy7cALiYkaWTtr0G7PXEUJXy/CcoZWS3qz2LpIXa3KEV6
G4FxXl/RfEVqXRFmj3Rf3KxxpxrH2aNKBBg7wydNym+IFxGUL73dev048ohVh0Gs
1kUiEahlmfyW0GUF5wvUU8g0obrB6Wzqb7+yWWSLqF68dRZ6cHCTs1wgn/uhwdgu
+wXz1UhTgWYu
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:10 2024 by rpki-client on console-fra.rpki-client.org