Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/c8nXGOphAEL1V_1LsOw2wDk-fL8.roa
File: c8nXGOphAEL1V_1LsOw2wDk-fL8.roa (raw, json)
Hash identifier: DpPKvz7TxnJAgtktc8G07jB7wmi3MtKTiAxHzAsoD7E=
Subject key identifier: 73:C9:D7:18:EA:61:00:42:F5:57:FD:4B:B0:EC:36:C0:39:3E:7C:BF
Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Certificate serial: 018BECEA0549E1C686D0A476BF2789225D00
Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/c8nXGOphAEL1V_1LsOw2wDk-fL8.roa
Signing time: Mon 20 Nov 2023 13:27:21 +0000
ROA not before: Mon 20 Nov 2023 13:27:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12663
IP address blocks: 46.108.0.0/16 maxlen: 24
37.25.128.0/17 maxlen: 24
188.240.84.0/22 maxlen: 22
92.114.8.0/21 maxlen: 21
176.125.0.0/19 maxlen: 24
85.205.0.0/16 maxlen: 24
130.195.96.0/19 maxlen: 19
195.232.128.0/17 maxlen: 24
130.195.128.0/18 maxlen: 24
89.32.48.0/21 maxlen: 21
46.190.128.0/17 maxlen: 24
130.195.64.0/19 maxlen: 19
108.179.64.0/18 maxlen: 19
130.195.200.0/21 maxlen: 21
86.104.216.0/22 maxlen: 22
208.53.128.0/18 maxlen: 18
62.213.128.0/19 maxlen: 19
195.233.0.0/16 maxlen: 24
130.195.32.0/20 maxlen: 20
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ec:ea:05:49:e1:c6:86:d0:a4:76:bf:27:89:22:5d:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Validity
Not Before: Nov 20 13:27:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=73c9d718ea610042f557fd4bb0ec36c0393e7cbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:3a:6c:99:2b:81:c7:8c:1f:a2:65:64:28:c3:
b7:1f:88:ff:5b:3b:e3:23:8c:85:e0:89:03:ad:68:
01:cf:85:a0:4d:88:fc:d9:6f:2b:0e:19:52:c7:ba:
41:a3:33:91:ca:a1:60:8a:e9:51:2f:6e:2f:9e:aa:
88:7b:cb:bf:e2:ae:ba:d0:2a:41:6e:eb:5d:41:5d:
41:41:6d:28:b0:76:77:82:b6:90:ca:f7:24:82:38:
54:cb:d4:42:14:ea:ee:47:60:ea:1e:01:0b:6a:6a:
35:22:bf:55:68:ae:f6:14:53:5c:e3:d1:a4:ba:ea:
88:de:e4:8c:0e:8b:8a:0d:d0:43:1d:49:85:43:72:
07:4f:fc:40:9a:a3:a6:46:e3:82:05:37:dd:15:66:
b3:bb:ec:47:1f:e9:b4:f5:7c:74:1d:85:32:4e:8e:
67:ce:56:b0:c1:c5:85:36:68:85:e8:ad:ed:03:f4:
33:42:73:d7:8d:90:e4:f7:be:61:72:c1:69:cd:c3:
f9:d2:90:73:90:df:1c:96:9c:2c:30:c5:cf:64:46:
47:b6:e4:e4:12:56:c1:42:68:1e:f9:e1:39:28:d1:
8f:48:00:61:cb:ec:06:b3:fd:aa:25:21:f9:87:f3:
91:cb:50:74:9e:bd:76:79:98:81:c7:06:b9:35:79:
f4:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:C9:D7:18:EA:61:00:42:F5:57:FD:4B:B0:EC:36:C0:39:3E:7C:BF
X509v3 Authority Key Identifier:
keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/c8nXGOphAEL1V_1LsOw2wDk-fL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.25.128.0/17
46.108.0.0/16
46.190.128.0/17
62.213.128.0/19
85.205.0.0/16
86.104.216.0/22
89.32.48.0/21
92.114.8.0/21
108.179.64.0/18
130.195.32.0/20
130.195.64.0-130.195.191.255
130.195.200.0/21
176.125.0.0/19
188.240.84.0/22
195.232.128.0-195.233.255.255
208.53.128.0/18
Signature Algorithm: sha256WithRSAEncryption
52:2e:83:57:65:52:c4:5b:64:11:2f:71:40:ae:4b:03:9b:ee:
14:cd:8b:63:e1:da:51:02:8a:94:90:e6:d8:00:8f:70:79:fd:
7b:c4:72:d9:f8:15:d9:8c:4f:d9:b7:52:c7:f7:6a:7d:64:b8:
fb:a6:0f:19:f2:40:ed:e9:aa:39:12:da:9f:79:6d:a2:d6:2a:
6f:1b:50:f3:f3:52:56:fa:2b:d6:40:3b:83:98:ef:98:8e:6b:
75:2c:bb:f2:b7:dc:b9:95:be:9c:b0:7d:ab:f0:6a:ed:d7:7d:
73:b2:d8:fb:cd:b8:87:0c:67:d0:83:b1:a0:44:fd:a5:dc:61:
d3:04:ce:37:52:7a:bf:6b:70:4a:23:55:c6:c3:79:22:3f:86:
a2:58:19:2e:f3:54:5c:bd:84:40:31:56:cb:11:b2:65:d3:ab:
63:86:2a:38:f4:8b:4e:d8:c4:9e:88:61:50:c6:1b:7a:a5:1d:
83:31:d5:ec:cb:cd:91:0a:86:e1:e7:06:36:5a:9a:4b:d1:84:
a1:50:b6:5f:59:39:cf:06:11:24:5f:1c:e2:df:f6:67:79:69:
19:b0:e8:f6:1a:73:14:54:61:b8:9c:56:56:08:36:b5:d6:fe:
b1:83:e7:b4:1f:0f:d8:53:59:6e:92:0b:2f:40:c5:d4:f7:61:
7f:5b:b0:b9
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgISAYvs6gVJ4caG0KR2vyeJIl0AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3
NTE1ZDIwHhcNMjMxMTIwMTMyNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2M5ZDcxOGVhNjEwMDQyZjU1N2ZkNGJiMGVjMzZjMDM5M2U3Y2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDpsmSuBx4wfomVkKMO3H4j/Wzvj
I4yF4IkDrWgBz4WgTYj82W8rDhlSx7pBozORyqFgiulRL24vnqqIe8u/4q660CpB
butdQV1BQW0osHZ3graQyvckgjhUy9RCFOruR2DqHgELamo1Ir9VaK72FFNc49Gk
uuqI3uSMDouKDdBDHUmFQ3IHT/xAmqOmRuOCBTfdFWazu+xHH+m09Xx0HYUyTo5n
zlawwcWFNmiF6K3tA/QzQnPXjZDk975hcsFpzcP50pBzkN8clpwsMMXPZEZHtuTk
ElbBQmge+eE5KNGPSABhy+wGs/2qJSH5h/ORy1B0nr12eZiBxwa5NXn0uwIDAQAB
o4ICcTCCAm0wHQYDVR0OBBYEFHPJ1xjqYQBC9Vf9S7DsNsA5Pny/MB8GA1UdIwQY
MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt
ZWVjNWQ1MGVmYTk0LzEvYzhuWEdPcGhBRUwxVl8xTHNPdzJ3RGstZkw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0
LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGGBggrBgEFBQcBBwEB/wR3MHUwcwQCAAEwbQMEByUZgAMD
AC5sAwQHLr6AAwQFPtWAAwMAVc0DBAJWaNgDBANZIDADBANccggDBAZss0ADBASC
wyAwDAMEBoLDQAMEBoLDgAMEA4LDyAMEBbB9AAMEArzwVDALAwQHw+iAAwMBw+gD
BAbQNYAwDQYJKoZIhvcNAQELBQADggEBAFIug1dlUsRbZBEvcUCuSwOb7hTNi2Ph
2lECipSQ5tgAj3B5/XvEctn4FdmMT9m3Usf3an1kuPumDxnyQO3pqjkS2p95baLW
Km8bUPPzUlb6K9ZAO4OY75iOa3Usu/K33LmVvpywfavwau3XfXOy2PvNuIcMZ9CD
saBE/aXcYdMEzjdSer9rcEojVcbDeSI/hqJYGS7zVFy9hEAxVssRsmXTq2OGKjj0
i07YxJ6IYVDGG3qlHYMx1ezLzZEKhuHnBjZamkvRhKFQtl9ZOc8GESRfHOLf9md5
aRmw6PYacxRUYbicVlYINrXW/rGD57QfD9hTWW6SCy9AxdT3YX9bsLk=
-----END CERTIFICATE-----
Generated at Fri Nov 24 16:21:33 2023 by rpki-client on console-fra.rpki-client.org