Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/f9a8ec-f582-475c-8cc9-d5c8635bec88/1/i_cCxSiwNrd0aHZc3mMzjoSbBPA.roa
File: i_cCxSiwNrd0aHZc3mMzjoSbBPA.roa (raw, json)
Hash identifier: GHUwFaXeUas39pZcZQUFdv4Qf510KTikKg4XTAe3lF4=
Subject key identifier: 8B:F7:02:C5:28:B0:36:B7:74:68:76:5C:DE:63:33:8E:84:9B:04:F0
Certificate issuer: /CN=bd6aa7362d36792cbcfa83609b5d75cc965f3faf
Certificate serial: 0189A5E8DE14B767D70665B0DFD0E139FD67
Authority key identifier: BD:6A:A7:36:2D:36:79:2C:BC:FA:83:60:9B:5D:75:CC:96:5F:3F:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vWqnNi02eSy8-oNgm111zJZfP68.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/f9a8ec-f582-475c-8cc9-d5c8635bec88/1/i_cCxSiwNrd0aHZc3mMzjoSbBPA.roa
Signing time: Sun 30 Jul 2023 08:27:29 +0000
ROA not before: Sun 30 Jul 2023 08:27:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208669
IP address blocks: 85.202.93.0/24 maxlen: 24
85.202.92.0/24 maxlen: 24
85.202.94.0/24 maxlen: 24
2a10:1900::/32 maxlen: 32
2a10:1906::/32 maxlen: 32
2a10:1905::/32 maxlen: 32
2a10:1902::/32 maxlen: 32
2a10:1901::/32 maxlen: 32
2a10:1903::/32 maxlen: 32
2a10:1904::/32 maxlen: 32
2a10:1907::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:a5:e8:de:14:b7:67:d7:06:65:b0:df:d0:e1:39:fd:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd6aa7362d36792cbcfa83609b5d75cc965f3faf
Validity
Not Before: Jul 30 08:27:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8bf702c528b036b77468765cde63338e849b04f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:96:76:c8:d0:62:16:7c:2e:67:d8:95:73:ed:
a3:21:ce:ed:ae:57:e0:66:d9:b1:37:33:63:65:43:
b6:a5:69:dc:3f:1b:7d:42:6d:89:a7:7d:2e:2d:a9:
7e:a9:e1:89:78:55:8c:07:15:34:2b:27:c7:d5:4f:
51:65:71:fb:92:ec:b6:75:17:bb:0d:71:eb:64:f9:
d8:a8:53:17:e2:dd:d0:f1:29:f6:7b:7c:91:6d:80:
f8:2f:81:f4:54:aa:9a:a9:f1:9d:13:f1:1e:87:31:
43:e9:a0:a1:12:b0:cf:97:bc:20:c0:c1:0f:15:cc:
28:3a:14:22:4b:f7:79:a4:ba:06:db:69:57:03:c4:
ca:6d:1f:4f:a6:cd:cd:94:f6:15:80:cd:0e:7c:a3:
a5:0d:63:c3:11:79:a4:f2:17:a3:2c:90:bf:e8:ef:
e0:2d:77:7a:a2:98:81:97:5d:d9:07:44:44:4a:c9:
ea:68:1e:73:7a:c7:31:23:41:9d:43:22:fc:5d:e4:
fd:b1:2e:66:66:aa:f0:4f:01:64:36:c5:31:d1:20:
60:ea:01:b9:29:0a:74:4c:57:76:f1:50:70:39:7d:
55:e5:ae:13:ba:b1:47:db:9a:aa:84:14:c8:23:c4:
c9:68:77:5f:86:02:1d:5c:ed:1c:74:12:7a:ac:09:
f2:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:F7:02:C5:28:B0:36:B7:74:68:76:5C:DE:63:33:8E:84:9B:04:F0
X509v3 Authority Key Identifier:
keyid:BD:6A:A7:36:2D:36:79:2C:BC:FA:83:60:9B:5D:75:CC:96:5F:3F:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vWqnNi02eSy8-oNgm111zJZfP68.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f9a8ec-f582-475c-8cc9-d5c8635bec88/1/i_cCxSiwNrd0aHZc3mMzjoSbBPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f9a8ec-f582-475c-8cc9-d5c8635bec88/1/vWqnNi02eSy8-oNgm111zJZfP68.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.92.0-85.202.94.255
IPv6:
2a10:1900::/29
Signature Algorithm: sha256WithRSAEncryption
78:8f:29:68:01:0f:a5:90:e5:0e:4e:53:aa:13:66:c2:c3:b1:
ec:89:20:1f:39:1e:60:1a:00:c5:d3:03:21:65:4d:2e:0a:38:
49:75:a0:fe:73:22:78:f3:b1:83:ef:9e:cd:af:78:96:cc:01:
c3:2e:5e:d6:c9:24:90:74:0f:42:e7:e2:fd:73:70:6b:e6:31:
16:65:e5:d3:36:77:d8:43:28:d8:e9:1d:e6:08:e7:f5:b6:01:
c6:5a:2d:b8:dc:5d:bd:3b:b6:e9:44:1f:11:fd:db:4e:c0:81:
72:b7:46:8b:cb:12:0d:d9:71:d9:57:24:57:7f:7a:d6:36:67:
77:31:ca:f1:29:3f:5b:bf:1d:a1:26:fd:cc:3e:0c:02:98:d7:
13:be:34:9b:26:60:17:fa:a2:e5:25:4d:e5:0f:09:61:51:4f:
6c:f6:94:2b:3e:33:0d:18:91:21:ef:54:f8:f2:11:93:33:fc:
43:ae:0d:2e:fc:c7:39:5d:7e:53:15:fc:6c:d7:b2:15:7b:e8:
35:93:89:15:cd:a4:8d:fa:e3:ba:aa:0b:9c:4b:fe:c3:60:93:
50:23:c1:22:a5:a7:a7:ac:af:e3:d4:bb:9f:d8:9b:93:1f:26:
26:a8:58:f5:12:3d:40:7b:23:80:69:45:d8:80:47:ef:4f:46:
cc:c0:ea:31
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYml6N4Ut2fXBmWw39DhOf1nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNmFhNzM2MmQzNjc5MmNiY2ZhODM2MDliNWQ3NWNjOTY1
ZjNmYWYwHhcNMjMwNzMwMDgyNzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmY3MDJjNTI4YjAzNmI3NzQ2ODc2NWNkZTYzMzM4ZTg0OWIwNGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpZ2yNBiFnwuZ9iVc+2jIc7trlfg
ZtmxNzNjZUO2pWncPxt9Qm2Jp30uLal+qeGJeFWMBxU0KyfH1U9RZXH7kuy2dRe7
DXHrZPnYqFMX4t3Q8Sn2e3yRbYD4L4H0VKqaqfGdE/EehzFD6aChErDPl7wgwMEP
FcwoOhQiS/d5pLoG22lXA8TKbR9Pps3NlPYVgM0OfKOlDWPDEXmk8hejLJC/6O/g
LXd6opiBl13ZB0RESsnqaB5zescxI0GdQyL8XeT9sS5mZqrwTwFkNsUx0SBg6gG5
KQp0TFd28VBwOX1V5a4TurFH25qqhBTII8TJaHdfhgIdXO0cdBJ6rAnyPwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFIv3AsUosDa3dGh2XN5jM46EmwTwMB8GA1UdIwQY
MBaAFL1qpzYtNnksvPqDYJtddcyWXz+vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdldxbk5pMDJlU3k4LW9OZ20xMTF6SlpmUDY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9mOWE4ZWMtZjU4Mi00NzVjLThjYzkt
ZDVjODYzNWJlYzg4LzEvaV9jQ3hTaXdOcmQwYUhaYzNtTXpqb1NiQlBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9mOWE4ZWMtZjU4Mi00NzVjLThjYzktZDVjODYzNWJlYzg4
LzEvdldxbk5pMDJlU3k4LW9OZ20xMTF6SlpmUDY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAJVylwD
BABVyl4wDQQCAAIwBwMFAyoQGQAwDQYJKoZIhvcNAQELBQADggEBAHiPKWgBD6WQ
5Q5OU6oTZsLDseyJIB85HmAaAMXTAyFlTS4KOEl1oP5zInjzsYPvns2veJbMAcMu
XtbJJJB0D0Ln4v1zcGvmMRZl5dM2d9hDKNjpHeYI5/W2AcZaLbjcXb07tulEHxH9
207AgXK3RovLEg3ZcdlXJFd/etY2Z3cxyvEpP1u/HaEm/cw+DAKY1xO+NJsmYBf6
ouUlTeUPCWFRT2z2lCs+Mw0YkSHvVPjyEZMz/EOuDS78xzldflMV/GzXshV76DWT
iRXNpI3647qqC5xL/sNgk1AjwSKlp6esr+PUu5/Ym5MfJiaoWPUSPUB7I4BpRdiA
R+9PRszA6jE=
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:00:04 2024 by rpki-client on console-ams.rpki-client.org