Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/CwklbJG4HdYLqOXba1urrnX3KGg.roa
File: CwklbJG4HdYLqOXba1urrnX3KGg.roa (raw, json)
Hash identifier: SEb+2J9GEwAcxwzh37P//YBpIJK4UuGGg+odjF9vMlU=
Subject key identifier: 0B:09:25:6C:91:B8:1D:D6:0B:A8:E5:DB:6B:5B:AB:AE:75:F7:28:68
Certificate issuer: /CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Certificate serial: 0186B6EDC2A1212E95D17163A2E9D2E2EA21
Authority key identifier: F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/CwklbJG4HdYLqOXba1urrnX3KGg.roa
Signing time: Mon 06 Mar 2023 12:38:00 +0000
ROA not before: Mon 06 Mar 2023 12:38:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39608
IP address blocks: 91.216.165.0/24 maxlen: 24
185.53.76.0/23 maxlen: 24
185.53.78.0/24 maxlen: 24
176.39.0.0/16 maxlen: 16
176.39.34.0/23 maxlen: 24
176.39.36.0/23 maxlen: 24
194.33.189.0/24 maxlen: 24
86.111.64.0/19 maxlen: 19
193.107.224.0/22 maxlen: 22
176.38.0.0/16 maxlen: 17
193.93.160.0/22 maxlen: 22
86.111.88.0/21 maxlen: 22
194.50.85.0/24 maxlen: 24
91.194.81.0/24 maxlen: 24
176.36.0.0/16 maxlen: 17
176.36.0.0/14 maxlen: 14
176.37.0.0/16 maxlen: 17
176.36.160.0/24 maxlen: 24
194.60.69.0/24 maxlen: 24
2a01:bf20::/32 maxlen: 32
2a01:5800::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b6:ed:c2:a1:21:2e:95:d1:71:63:a2:e9:d2:e2:ea:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Validity
Not Before: Mar 6 12:38:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b09256c91b81dd60ba8e5db6b5babae75f72868
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2e:cf:65:2b:72:97:bd:ac:0d:08:9b:ad:8d:
3d:23:13:21:c1:d3:61:36:d6:de:e0:c2:8f:0e:e6:
c7:87:00:a3:4d:de:9d:4c:63:62:7d:8e:db:cc:94:
b6:bf:40:7b:3b:b8:db:35:70:ec:94:99:80:32:ae:
5c:9c:75:46:33:7b:3c:92:a6:7e:91:33:23:86:29:
70:a1:14:ae:82:15:b3:2d:4b:4d:c4:88:fb:07:de:
78:77:85:86:13:8e:5e:b2:98:4e:16:09:aa:6b:d0:
56:66:6e:20:fb:73:1a:53:0f:ba:76:63:30:d2:d3:
61:02:c6:24:44:5f:ec:51:c3:50:75:2e:7c:19:e3:
9d:df:20:b1:b6:46:86:75:3e:1a:27:34:b1:71:72:
f2:e4:dd:32:55:f7:1e:aa:3b:9e:07:24:01:7b:b8:
36:eb:59:61:ee:20:cd:72:5b:19:bf:fb:27:dd:2a:
1c:17:78:c4:6e:cd:7a:f6:bc:53:96:28:ee:dd:80:
bb:a5:c9:8e:32:64:81:0f:f9:e8:03:e4:c0:3e:a8:
58:c1:1f:f7:d0:bd:4e:05:02:4e:61:28:4c:c9:97:
ba:24:d9:97:89:be:60:2b:32:6b:78:35:3e:db:3c:
e8:50:04:fc:2c:dc:73:83:9a:d4:2d:59:c3:53:55:
8a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:09:25:6C:91:B8:1D:D6:0B:A8:E5:DB:6B:5B:AB:AE:75:F7:28:68
X509v3 Authority Key Identifier:
keyid:F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/CwklbJG4HdYLqOXba1urrnX3KGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/1-EEoFGt77IvRGFu-DDuTQKr1txQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.111.64.0/19
91.194.81.0/24
91.216.165.0/24
176.36.0.0/14
185.53.76.0-185.53.78.255
193.93.160.0/22
193.107.224.0/22
194.33.189.0/24
194.50.85.0/24
194.60.69.0/24
IPv6:
2a01:5800::/32
2a01:bf20::/32
Signature Algorithm: sha256WithRSAEncryption
bc:0c:2e:6f:34:66:a3:39:70:45:19:3e:30:7b:72:1d:bc:b9:
fd:12:ee:8e:8e:f6:1a:37:f5:24:3d:b2:f0:35:8f:e0:e2:da:
87:e2:18:ad:f9:aa:12:74:23:3f:32:c9:19:3a:a4:55:a8:eb:
fc:5a:fc:04:4c:d9:28:5f:49:b7:28:ce:f8:94:d5:cc:e7:d0:
f5:8b:b7:7e:4d:15:05:b0:de:a8:54:10:a4:e7:0c:aa:24:16:
8d:53:49:eb:ac:60:02:26:6e:91:23:17:52:d9:92:79:2f:3c:
ba:ad:c3:00:dc:fe:da:01:e2:0c:de:37:cd:4d:fa:89:06:68:
eb:cc:93:5e:d5:b7:66:be:36:b4:2f:b1:6c:41:ce:f0:63:6f:
27:6b:47:d2:17:aa:0a:31:19:7b:d3:5a:1d:65:01:c8:ed:06:
7c:39:97:d5:4a:75:71:fe:23:f7:78:4b:c4:82:da:ab:f9:79:
6f:b7:b1:ec:9a:c4:f2:63:f9:d1:f4:5c:6e:e3:18:4d:9a:bd:
2b:cf:f1:de:d0:79:54:34:7b:0e:25:a0:ec:c7:34:0c:fe:a1:
98:50:9e:c4:e6:5e:b5:c3:26:17:96:9e:f7:13:9a:5b:3b:17:
39:17:36:dd:8b:7d:50:9e:33:50:69:ed:a1:0d:4b:18:70:ee:
17:69:90:b3
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAYa27cKhIS6V0XFjounS4uohMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NDEyODE0NmI3YmVjOGJkMTE4NWJiZTBjM2I5MzQwYWFm
NWI3MTQwHhcNMjMwMzA2MTIzODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjA5MjU2YzkxYjgxZGQ2MGJhOGU1ZGI2YjViYWJhZTc1ZjcyODY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqi7PZStyl72sDQibrY09IxMhwdNh
Ntbe4MKPDubHhwCjTd6dTGNifY7bzJS2v0B7O7jbNXDslJmAMq5cnHVGM3s8kqZ+
kTMjhilwoRSughWzLUtNxIj7B954d4WGE45esphOFgmqa9BWZm4g+3MaUw+6dmMw
0tNhAsYkRF/sUcNQdS58GeOd3yCxtkaGdT4aJzSxcXLy5N0yVfceqjueByQBe7g2
61lh7iDNclsZv/sn3SocF3jEbs169rxTliju3YC7pcmOMmSBD/noA+TAPqhYwR/3
0L1OBQJOYShMyZe6JNmXib5gKzJreDU+2zzoUAT8LNxzg5rULVnDU1WKQQIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFAsJJWyRuB3WC6jl22tbq6519yhoMB8GA1UdIwQY
MBaAFPhBKBRre+yL0Rhbvgw7k0Cq9bcUMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1FRW9GR3Q3N0l2UkdGdS1ERHVUUUtyMXR4US5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIvZmIyNDExLTQ4NWItNDE0My05MjQx
LTEzODM5NjQwYTYwNC8xL0N3a2xiSkc0SGRZTHFPWGJhMXVycm5YM0tHZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjIvZmIyNDExLTQ4NWItNDE0My05MjQxLTEzODM5NjQwYTYw
NC8xLzEtRUVvRkd0NzdJdlJHRnUtRER1VFFLcjF0eFEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwcgYIKwYBBQUHAQcBAf8EYzBhMEkEAgABMEMDBAVWb0AD
BABbwlEDBABb2KUDAwKwJDAMAwQCuTVMAwQAuTVOAwQCwV2gAwQCwWvgAwQAwiG9
AwQAwjJVAwQAwjxFMBQEAgACMA4DBQAqAVgAAwUAKgG/IDANBgkqhkiG9w0BAQsF
AAOCAQEAvAwubzRmozlwRRk+MHtyHby5/RLujo72Gjf1JD2y8DWP4OLah+IYrfmq
EnQjPzLJGTqkVajr/Fr8BEzZKF9JtyjO+JTVzOfQ9Yu3fk0VBbDeqFQQpOcMqiQW
jVNJ66xgAiZukSMXUtmSeS88uq3DANz+2gHiDN43zU36iQZo68yTXtW3Zr42tC+x
bEHO8GNvJ2tH0heqCjEZe9NaHWUByO0GfDmX1Up1cf4j93hLxILaq/l5b7ex7JrE
8mP50fRcbuMYTZq9K8/x3tB5VDR7DiWg7Mc0DP6hmFCexOZetcMmF5ae9xOaWzsX
ORc23Yt9UJ4zUGntoQ1LGHDuF2mQsw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:12 2024 by rpki-client on console-ams.rpki-client.org