Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/b3a576-50cb-4866-be81-f4827800b0c8/1/cVgdb02zuLFVKmxCc2RWlxFw6G8.roa
File: cVgdb02zuLFVKmxCc2RWlxFw6G8.roa (raw, json)
Hash identifier: QoFG64HCe4Qvxwv2Ge1Ui+F3Npe4kcn+0TZ+S7FuhhI=
Subject key identifier: 71:58:1D:6F:4D:B3:B8:B1:55:2A:6C:42:73:64:56:97:11:70:E8:6F
Certificate issuer: /CN=a885cdbddfd7d1316845beb4f7398f3ce64facd0
Certificate serial: 018866571B726B5A1677D3944457154878B3
Authority key identifier: A8:85:CD:BD:DF:D7:D1:31:68:45:BE:B4:F7:39:8F:3C:E6:4F:AC:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qIXNvd_X0TFoRb609zmPPOZPrNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/b3a576-50cb-4866-be81-f4827800b0c8/1/cVgdb02zuLFVKmxCc2RWlxFw6G8.roa
Signing time: Mon 29 May 2023 07:09:24 +0000
ROA not before: Mon 29 May 2023 07:09:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39684
IP address blocks: 81.88.80.0/22 maxlen: 22
81.88.84.0/24 maxlen: 24
81.88.85.0/24 maxlen: 24
81.88.87.0/24 maxlen: 24
81.88.88.0/24 maxlen: 24
81.88.86.0/24 maxlen: 24
81.88.95.0/24 maxlen: 24
185.200.140.0/24 maxlen: 24
185.200.141.0/24 maxlen: 24
185.200.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:66:57:1b:72:6b:5a:16:77:d3:94:44:57:15:48:78:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a885cdbddfd7d1316845beb4f7398f3ce64facd0
Validity
Not Before: May 29 07:09:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71581d6f4db3b8b1552a6c42736456971170e86f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:11:84:7f:4f:57:26:f0:34:45:aa:02:f7:62:
18:f7:61:71:0c:a1:f1:a5:f2:6d:5c:9b:3a:ad:62:
a8:ec:64:44:28:09:39:7a:b4:99:e0:96:41:b3:28:
45:b5:40:a9:65:b7:d8:17:06:f8:05:0f:36:f1:32:
f4:bd:d3:06:fb:bc:b8:40:22:10:de:a6:7e:51:32:
f5:dd:c5:59:41:01:4d:64:b8:2d:da:88:c9:27:f3:
ce:d4:b3:fd:22:ae:37:44:68:cd:e8:38:6d:3d:16:
5c:24:63:92:63:10:a2:cc:00:61:af:07:e4:d0:e1:
00:12:21:5e:3a:a5:75:58:3c:e9:80:81:6a:ae:6c:
de:90:f8:55:91:d6:0d:b3:e4:7e:83:60:cc:88:61:
c7:b1:81:d0:d1:bb:a4:7c:cd:b1:a2:4c:a9:1f:32:
f0:f1:75:ba:f2:2d:7b:74:69:7b:ba:cb:70:8e:10:
77:e3:a7:7b:67:0d:a0:a6:08:17:9b:67:5a:95:11:
27:ce:d3:4c:c5:bf:6f:57:bf:6d:c4:5d:a2:c6:c0:
9d:48:49:2a:c7:f0:a8:d9:ae:69:5a:fb:ce:5e:4f:
f4:78:a5:21:37:c5:79:2b:75:48:71:60:6a:91:b3:
a4:f1:c9:d8:51:b1:5d:6e:c2:6c:26:75:a0:7d:ee:
68:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:58:1D:6F:4D:B3:B8:B1:55:2A:6C:42:73:64:56:97:11:70:E8:6F
X509v3 Authority Key Identifier:
keyid:A8:85:CD:BD:DF:D7:D1:31:68:45:BE:B4:F7:39:8F:3C:E6:4F:AC:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qIXNvd_X0TFoRb609zmPPOZPrNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/b3a576-50cb-4866-be81-f4827800b0c8/1/cVgdb02zuLFVKmxCc2RWlxFw6G8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/b3a576-50cb-4866-be81-f4827800b0c8/1/qIXNvd_X0TFoRb609zmPPOZPrNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.88.80.0-81.88.88.255
81.88.95.0/24
185.200.140.0-185.200.142.255
Signature Algorithm: sha256WithRSAEncryption
2e:ed:69:37:a2:71:53:0c:20:1c:07:5b:81:97:63:7a:17:3c:
6a:d9:3a:4c:c8:14:f5:55:70:fd:13:ce:88:d5:76:0a:4d:2d:
87:b8:aa:c0:34:6b:dc:5f:76:95:f5:0a:28:4b:a4:12:e8:06:
ee:21:5c:91:b9:36:84:ab:64:66:5c:b3:95:13:1d:5c:af:32:
75:a6:a7:9d:0c:85:f0:e8:01:65:10:67:60:34:b4:44:5a:50:
1b:71:09:9c:a7:18:e3:ef:e2:63:2c:f6:39:bc:75:e9:53:01:
07:79:be:ff:b1:7e:7a:c0:fb:87:9d:b3:b9:4c:a3:de:3a:4f:
c6:e7:ea:c3:26:2d:3f:1c:1b:97:74:ec:36:02:1a:ba:25:b3:
d2:74:c5:c0:f1:ca:3e:f6:b8:67:ba:61:27:fd:4a:80:35:8a:
bb:5a:57:52:66:b1:2e:09:39:6d:36:eb:21:a4:56:ce:a6:09:
fb:0d:63:80:a3:e4:e4:b7:14:5a:9a:81:ba:a4:96:34:c2:a5:
c1:00:4b:82:b9:7d:0c:5e:51:9e:1a:b1:92:06:a9:e6:e7:4f:
82:0e:d0:ab:41:00:88:d2:d5:e5:71:86:07:d5:1c:67:ef:27:
b2:d4:5d:9b:fc:0b:80:73:3e:4e:02:e1:43:d8:82:14:ce:97:
5b:bf:52:46
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYhmVxtya1oWd9OURFcVSHizMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4ODVjZGJkZGZkN2QxMzE2ODQ1YmViNGY3Mzk4ZjNjZTY0
ZmFjZDAwHhcNMjMwNTI5MDcwOTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTU4MWQ2ZjRkYjNiOGIxNTUyYTZjNDI3MzY0NTY5NzExNzBlODZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhGEf09XJvA0RaoC92IY92FxDKHx
pfJtXJs6rWKo7GREKAk5erSZ4JZBsyhFtUCpZbfYFwb4BQ828TL0vdMG+7y4QCIQ
3qZ+UTL13cVZQQFNZLgt2ojJJ/PO1LP9Iq43RGjN6DhtPRZcJGOSYxCizABhrwfk
0OEAEiFeOqV1WDzpgIFqrmzekPhVkdYNs+R+g2DMiGHHsYHQ0bukfM2xokypHzLw
8XW68i17dGl7ustwjhB346d7Zw2gpggXm2dalREnztNMxb9vV79txF2ixsCdSEkq
x/Co2a5pWvvOXk/0eKUhN8V5K3VIcWBqkbOk8cnYUbFdbsJsJnWgfe5o+QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFHFYHW9Ns7ixVSpsQnNkVpcRcOhvMB8GA1UdIwQY
MBaAFKiFzb3f19ExaEW+tPc5jzzmT6zQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUlYTnZkX1gwVEZvUmI2MDl6bVBQT1pQck5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9iM2E1NzYtNTBjYi00ODY2LWJlODEt
ZjQ4Mjc4MDBiMGM4LzEvY1ZnZGIwMnp1TEZWS214Q2MyUldseEZ3Nkc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9iM2E1NzYtNTBjYi00ODY2LWJlODEtZjQ4Mjc4MDBiMGM4
LzEvcUlYTnZkX1gwVEZvUmI2MDl6bVBQT1pQck5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBARRWFAD
BABRWFgDBABRWF8wDAMEArnIjAMEALnIjjANBgkqhkiG9w0BAQsFAAOCAQEALu1p
N6JxUwwgHAdbgZdjehc8atk6TMgU9VVw/RPOiNV2Ck0th7iqwDRr3F92lfUKKEuk
EugG7iFckbk2hKtkZlyzlRMdXK8ydaannQyF8OgBZRBnYDS0RFpQG3EJnKcY4+/i
Yyz2Obx16VMBB3m+/7F+esD7h52zuUyj3jpPxufqwyYtPxwbl3TsNgIauiWz0nTF
wPHKPva4Z7phJ/1KgDWKu1pXUmaxLgk5bTbrIaRWzqYJ+w1jgKPk5LcUWpqBuqSW
NMKlwQBLgrl9DF5Rnhqxkgap5udPgg7Qq0EAiNLV5XGGB9UcZ+8nstRdm/wLgHM+
TgLhQ9iCFM6XW79SRg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:58 2024 by rpki-client on console-ams.rpki-client.org