Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/b3a576-50cb-4866-be81-f4827800b0c8/1/bBCycO0CdSwil7awfbnz2auYC7g.roa
File: bBCycO0CdSwil7awfbnz2auYC7g.roa (raw, json)
Hash identifier: +nQtwDj9Q8MevQoUFiFvDlg2+qMzibg9LMUX1h+IRHw=
Subject key identifier: 6C:10:B2:70:ED:02:75:2C:22:97:B6:B0:7D:B9:F3:D9:AB:98:0B:B8
Certificate issuer: /CN=a885cdbddfd7d1316845beb4f7398f3ce64facd0
Certificate serial: 018CC8011FA7E4EFC823B7C125753E0CC95E
Authority key identifier: A8:85:CD:BD:DF:D7:D1:31:68:45:BE:B4:F7:39:8F:3C:E6:4F:AC:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qIXNvd_X0TFoRb609zmPPOZPrNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/b3a576-50cb-4866-be81-f4827800b0c8/1/bBCycO0CdSwil7awfbnz2auYC7g.roa
Signing time: Tue 02 Jan 2024 02:29:26 +0000
ROA not before: Tue 02 Jan 2024 02:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39684
IP address blocks: 81.88.80.0/22 maxlen: 22
81.88.84.0/24 maxlen: 24
81.88.85.0/24 maxlen: 24
81.88.87.0/24 maxlen: 24
81.88.88.0/24 maxlen: 24
81.88.86.0/24 maxlen: 24
81.88.95.0/24 maxlen: 24
185.200.140.0/24 maxlen: 24
185.200.141.0/24 maxlen: 24
185.200.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Jun 2024 11:47:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:1f:a7:e4:ef:c8:23:b7:c1:25:75:3e:0c:c9:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a885cdbddfd7d1316845beb4f7398f3ce64facd0
Validity
Not Before: Jan 2 02:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c10b270ed02752c2297b6b07db9f3d9ab980bb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:27:bc:fb:c8:6b:f6:bb:ef:9e:44:6a:2f:35:
a2:a6:97:42:dd:5d:9e:aa:47:65:4f:03:b1:16:d9:
7c:94:fa:24:bf:0d:8b:8f:95:92:cb:ee:f0:3b:69:
b8:aa:57:4d:03:94:ad:e4:05:ce:9b:b2:4d:bd:25:
7b:1a:92:d4:26:c9:41:1e:d4:c6:21:51:97:bd:52:
6f:2d:f2:dd:bf:b5:9c:70:01:74:ad:da:56:a7:fc:
c1:b6:e8:d7:1e:f4:3d:f7:fa:33:6b:d5:e4:ad:2e:
ff:0e:63:56:d5:01:e4:0b:db:9a:f0:a2:dc:b3:72:
97:e8:ff:54:fe:a8:23:c6:86:dd:f4:96:83:9a:b3:
f8:cd:b4:78:74:8c:59:c8:57:e3:c4:3a:05:a4:4c:
b3:7a:cf:1d:26:70:48:1c:c4:35:d9:c6:37:0e:09:
2a:86:0a:7a:56:80:40:45:2d:d4:26:46:3a:e6:d0:
44:36:db:82:c0:ca:ce:44:9a:6d:db:3e:55:40:9d:
3b:75:27:fb:c0:72:94:d7:4a:18:3a:76:de:cd:55:
a5:75:0e:76:2d:7e:e3:4b:9e:5b:1d:db:2a:f1:b6:
0b:53:c1:8a:80:26:89:44:20:b5:b4:71:a5:fd:95:
d9:d7:a8:6e:01:ec:5b:55:5c:62:e4:ef:9c:7c:2c:
67:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:10:B2:70:ED:02:75:2C:22:97:B6:B0:7D:B9:F3:D9:AB:98:0B:B8
X509v3 Authority Key Identifier:
keyid:A8:85:CD:BD:DF:D7:D1:31:68:45:BE:B4:F7:39:8F:3C:E6:4F:AC:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qIXNvd_X0TFoRb609zmPPOZPrNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/b3a576-50cb-4866-be81-f4827800b0c8/1/bBCycO0CdSwil7awfbnz2auYC7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/b3a576-50cb-4866-be81-f4827800b0c8/1/qIXNvd_X0TFoRb609zmPPOZPrNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.88.80.0-81.88.88.255
81.88.95.0/24
185.200.140.0-185.200.142.255
Signature Algorithm: sha256WithRSAEncryption
53:eb:20:20:31:72:97:9b:77:35:53:10:a4:62:13:c6:80:d6:
95:18:cf:e1:e3:3b:f9:8d:75:34:e3:6a:3c:b9:3b:99:94:27:
2c:a8:b8:50:05:9d:71:1c:0c:ea:d2:d4:d6:fa:48:53:81:23:
52:2e:0d:0c:26:04:93:2a:1e:33:47:f7:2e:b1:24:e4:ce:db:
2e:6b:c8:b0:7b:7c:8b:b4:d4:20:fb:41:bf:8a:fb:4d:70:46:
71:8c:8d:43:5a:50:b4:28:3e:d1:47:cd:0f:8d:22:83:00:13:
57:f5:7c:19:41:36:52:7c:6b:11:e0:3b:b7:fe:a2:db:8e:1e:
90:95:05:96:90:28:08:0a:e9:0f:1c:74:77:eb:a8:c5:87:f7:
a2:91:b6:da:f7:e4:ac:0e:dd:b5:9c:db:cc:44:6e:2e:38:04:
f8:1b:73:b7:0c:09:f5:1b:5a:1e:31:c1:f0:79:6d:a6:58:de:
96:8d:80:54:9e:5d:de:85:c9:e1:5d:5d:c7:c3:f9:e1:88:9b:
63:5e:c1:9d:c3:94:c7:b1:81:30:e7:5b:6d:3f:8c:4e:bc:67:
06:0a:39:be:02:5d:3b:ba:c4:35:6c:58:c6:08:6c:8a:d7:0e:
31:9d:f1:a6:9d:12:aa:65:05:de:f2:89:3f:a5:1c:b1:8e:c5:
58:12:ca:c1
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzIAR+n5O/II7fBJXU+DMleMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4ODVjZGJkZGZkN2QxMzE2ODQ1YmViNGY3Mzk4ZjNjZTY0
ZmFjZDAwHhcNMjQwMTAyMDIyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzEwYjI3MGVkMDI3NTJjMjI5N2I2YjA3ZGI5ZjNkOWFiOTgwYmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSe8+8hr9rvvnkRqLzWippdC3V2e
qkdlTwOxFtl8lPokvw2Lj5WSy+7wO2m4qldNA5St5AXOm7JNvSV7GpLUJslBHtTG
IVGXvVJvLfLdv7WccAF0rdpWp/zBtujXHvQ99/oza9XkrS7/DmNW1QHkC9ua8KLc
s3KX6P9U/qgjxobd9JaDmrP4zbR4dIxZyFfjxDoFpEyzes8dJnBIHMQ12cY3Dgkq
hgp6VoBARS3UJkY65tBENtuCwMrORJpt2z5VQJ07dSf7wHKU10oYOnbezVWldQ52
LX7jS55bHdsq8bYLU8GKgCaJRCC1tHGl/ZXZ16huAexbVVxi5O+cfCxnswIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFGwQsnDtAnUsIpe2sH2589mrmAu4MB8GA1UdIwQY
MBaAFKiFzb3f19ExaEW+tPc5jzzmT6zQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUlYTnZkX1gwVEZvUmI2MDl6bVBQT1pQck5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9iM2E1NzYtNTBjYi00ODY2LWJlODEt
ZjQ4Mjc4MDBiMGM4LzEvYkJDeWNPMENkU3dpbDdhd2ZibnoyYXVZQzdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9iM2E1NzYtNTBjYi00ODY2LWJlODEtZjQ4Mjc4MDBiMGM4
LzEvcUlYTnZkX1gwVEZvUmI2MDl6bVBQT1pQck5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBARRWFAD
BABRWFgDBABRWF8wDAMEArnIjAMEALnIjjANBgkqhkiG9w0BAQsFAAOCAQEAU+sg
IDFyl5t3NVMQpGITxoDWlRjP4eM7+Y11NONqPLk7mZQnLKi4UAWdcRwM6tLU1vpI
U4EjUi4NDCYEkyoeM0f3LrEk5M7bLmvIsHt8i7TUIPtBv4r7TXBGcYyNQ1pQtCg+
0UfND40igwATV/V8GUE2UnxrEeA7t/6i244ekJUFlpAoCArpDxx0d+uoxYf3opG2
2vfkrA7dtZzbzERuLjgE+BtztwwJ9RtaHjHB8Hltpljelo2AVJ5d3oXJ4V1dx8P5
4YibY17BncOUx7GBMOdbbT+MTrxnBgo5vgJdO7rENWxYxghsitcOMZ3xpp0SqmUF
3vKJP6UcsY7FWBLKwQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:58 2024 by rpki-client on console-ams.rpki-client.org