Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/392ea5-9ca8-4b0f-9388-093961d38c86/1/CvxmQSStuKVSGsjDbnrBZ4h54D8.roa
File: CvxmQSStuKVSGsjDbnrBZ4h54D8.roa (raw, json)
Hash identifier: vCB3ipjqOZEyvskh3KvETmg1CzlK+aUckYXiqbP+p24=
Subject key identifier: 0A:FC:66:41:24:AD:B8:A5:52:1A:C8:C3:6E:7A:C1:67:88:79:E0:3F
Certificate issuer: /CN=046ca7b604ec08f6f54b0e748906547dd375674d
Certificate serial: 018899E8D27E3EC3683F1333A4E8969D7D54
Authority key identifier: 04:6C:A7:B6:04:EC:08:F6:F5:4B:0E:74:89:06:54:7D:D3:75:67:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BGyntgTsCPb1Sw50iQZUfdN1Z00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/392ea5-9ca8-4b0f-9388-093961d38c86/1/CvxmQSStuKVSGsjDbnrBZ4h54D8.roa
Signing time: Thu 08 Jun 2023 07:29:12 +0000
ROA not before: Thu 08 Jun 2023 07:29:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206436
IP address blocks: 193.202.96.0/21 maxlen: 21
193.202.104.0/24 maxlen: 24
185.223.52.0/24 maxlen: 24
2a10:8581::/48 maxlen: 48
2a10:8581:1::/48 maxlen: 48
2a10:8580::/48 maxlen: 48
2a10:8580:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:99:e8:d2:7e:3e:c3:68:3f:13:33:a4:e8:96:9d:7d:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=046ca7b604ec08f6f54b0e748906547dd375674d
Validity
Not Before: Jun 8 07:29:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0afc664124adb8a5521ac8c36e7ac1678879e03f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ca:7d:d2:c7:7b:f4:a2:08:6c:e3:8d:0e:aa:
ef:ee:74:50:46:f4:cf:61:26:1c:74:95:b0:03:8d:
7a:25:0c:eb:1d:42:3c:1a:35:2d:14:bc:a8:26:b4:
3f:d1:f1:9f:b9:f5:de:eb:20:ef:89:e9:42:96:c0:
54:49:f8:12:d7:bc:ff:e7:33:0a:66:56:c4:35:ee:
d7:97:65:4d:05:2f:94:3b:4b:0f:1f:2a:34:96:0e:
57:4e:21:74:04:15:0a:8e:25:ac:61:ab:e9:70:ce:
10:7d:26:66:a0:67:e4:54:22:a4:f5:16:e9:88:cd:
e2:ed:b6:83:16:37:3d:e4:58:49:cd:f8:8b:93:aa:
3e:4c:06:d1:21:51:80:4f:bc:a4:1a:92:67:c7:64:
86:e2:ae:ad:df:c6:8a:29:23:86:52:12:3f:30:98:
91:2f:8e:a2:9f:a2:63:e1:b2:2e:83:75:fb:d1:a6:
7a:f7:65:aa:c1:5b:37:a6:8e:56:35:8a:be:75:8d:
dd:5d:f1:df:0a:38:9e:8b:30:7d:7d:c2:88:f1:05:
b7:cf:63:f5:92:34:b8:ab:13:ed:13:61:8e:18:b8:
41:9c:f7:24:e8:37:ca:32:67:98:2f:ea:27:59:ca:
ca:7c:b8:21:3d:c1:48:ae:09:33:cd:55:5c:2b:ed:
0b:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:FC:66:41:24:AD:B8:A5:52:1A:C8:C3:6E:7A:C1:67:88:79:E0:3F
X509v3 Authority Key Identifier:
keyid:04:6C:A7:B6:04:EC:08:F6:F5:4B:0E:74:89:06:54:7D:D3:75:67:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BGyntgTsCPb1Sw50iQZUfdN1Z00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/392ea5-9ca8-4b0f-9388-093961d38c86/1/CvxmQSStuKVSGsjDbnrBZ4h54D8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/392ea5-9ca8-4b0f-9388-093961d38c86/1/BGyntgTsCPb1Sw50iQZUfdN1Z00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.223.52.0/24
193.202.96.0-193.202.104.255
IPv6:
2a10:8580::/47
2a10:8581::/47
Signature Algorithm: sha256WithRSAEncryption
05:38:70:42:0b:eb:1f:cd:9d:16:62:7c:05:a4:ac:d0:e4:99:
12:49:a1:43:e8:ef:02:f7:ca:14:92:2c:00:f2:09:77:1d:01:
0b:f7:d1:3c:bd:84:51:90:51:03:37:a2:68:0c:47:11:cb:53:
e7:50:79:0e:9f:23:25:99:30:0a:10:ed:a3:4c:7a:0d:d1:32:
e7:d5:f4:11:a2:4f:c5:70:18:af:44:4d:83:73:8b:74:91:af:
a7:90:2b:d0:e5:35:e6:bf:75:b0:8d:73:d4:4f:b8:6c:bc:c7:
25:4a:ee:21:9d:cb:a9:63:48:80:f4:82:db:ff:92:f2:c9:b7:
61:2d:47:71:7c:0b:12:70:61:f6:3b:ce:18:5e:0e:12:bf:22:
f0:c2:ee:70:1e:8d:db:24:52:68:c7:70:c4:4d:cf:e9:a8:12:
ad:70:97:69:35:37:21:66:28:6a:c8:11:3b:b7:1a:26:4c:80:
48:5a:34:c2:c6:70:0e:5e:55:c4:31:89:b8:99:e5:05:5d:87:
f4:64:5b:58:a0:40:42:dd:af:86:b8:f3:a4:5a:19:81:50:5a:
21:7a:ea:c6:6a:bb:50:ad:a6:8b:c5:b3:63:86:c1:82:d6:f3:
0f:35:f0:ae:d8:67:ed:c2:8c:bc:00:c5:f3:07:78:3a:5f:e3:
34:91:a7:25
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYiZ6NJ+PsNoPxMzpOiWnX1UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NmNhN2I2MDRlYzA4ZjZmNTRiMGU3NDg5MDY1NDdkZDM3
NTY3NGQwHhcNMjMwNjA4MDcyOTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWZjNjY0MTI0YWRiOGE1NTIxYWM4YzM2ZTdhYzE2Nzg4NzllMDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsp90sd79KIIbOONDqrv7nRQRvTP
YSYcdJWwA416JQzrHUI8GjUtFLyoJrQ/0fGfufXe6yDvielClsBUSfgS17z/5zMK
ZlbENe7Xl2VNBS+UO0sPHyo0lg5XTiF0BBUKjiWsYavpcM4QfSZmoGfkVCKk9Rbp
iM3i7baDFjc95FhJzfiLk6o+TAbRIVGAT7ykGpJnx2SG4q6t38aKKSOGUhI/MJiR
L46in6Jj4bIug3X70aZ692WqwVs3po5WNYq+dY3dXfHfCjieizB9fcKI8QW3z2P1
kjS4qxPtE2GOGLhBnPck6DfKMmeYL+onWcrKfLghPcFIrgkzzVVcK+0L7QIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFAr8ZkEkrbilUhrIw256wWeIeeA/MB8GA1UdIwQY
MBaAFARsp7YE7Aj29UsOdIkGVH3TdWdNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkd5bnRnVHNDUGIxU3c1MGlRWlVmZE4xWjAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zOTJlYTUtOWNhOC00YjBmLTkzODgt
MDkzOTYxZDM4Yzg2LzEvQ3Z4bVFTU3R1S1ZTR3NqRGJuckJaNGg1NEQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zOTJlYTUtOWNhOC00YjBmLTkzODgtMDkzOTYxZDM4Yzg2
LzEvQkd5bnRnVHNDUGIxU3c1MGlRWlVmZE4xWjAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAaBAIAATAUAwQAud80MAwD
BAXBymADBADBymgwGAQCAAIwEgMHASoQhYAAAAMHASoQhYEAADANBgkqhkiG9w0B
AQsFAAOCAQEABThwQgvrH82dFmJ8BaSs0OSZEkmhQ+jvAvfKFJIsAPIJdx0BC/fR
PL2EUZBRAzeiaAxHEctT51B5Dp8jJZkwChDto0x6DdEy59X0EaJPxXAYr0RNg3OL
dJGvp5Ar0OU15r91sI1z1E+4bLzHJUruIZ3LqWNIgPSC2/+S8sm3YS1HcXwLEnBh
9jvOGF4OEr8i8MLucB6N2yRSaMdwxE3P6agSrXCXaTU3IWYoasgRO7caJkyASFo0
wsZwDl5VxDGJuJnlBV2H9GRbWKBAQt2vhrjzpFoZgVBaIXrqxmq7UK2mi8WzY4bB
gtbzDzXwrthn7cKMvADF8wd4Ol/jNJGnJQ==
-----END CERTIFICATE-----
Generated at Tue Oct 31 13:50:54 2023 by rpki-client on console-fra.rpki-client.org