Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/54687f-efa5-4620-8619-3155ba8cb74f/1/CuWAlSZbVSPpqxq0hKpUKfvUJlg.roa
File: CuWAlSZbVSPpqxq0hKpUKfvUJlg.roa (raw, json)
Hash identifier: t/EHAA4X237/6NArQWhmx/thyQXshiFlkiARJ9RMS7A=
Subject key identifier: 0A:E5:80:95:26:5B:55:23:E9:AB:1A:B4:84:AA:54:29:FB:D4:26:58
Certificate issuer: /CN=7c6dc7395815af045048f4ce3910d04008ff3a7c
Certificate serial: 0185CF6ABDE42DB382ED47E00442DD99A8B5
Authority key identifier: 7C:6D:C7:39:58:15:AF:04:50:48:F4:CE:39:10:D0:40:08:FF:3A:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fG3HOVgVrwRQSPTOORDQQAj_Onw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/54687f-efa5-4620-8619-3155ba8cb74f/1/CuWAlSZbVSPpqxq0hKpUKfvUJlg.roa
Signing time: Fri 20 Jan 2023 13:42:37 +0000
ROA not before: Fri 20 Jan 2023 13:42:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8560
IP address blocks: 82.223.0.0/16 maxlen: 24
217.76.128.0/19 maxlen: 24
185.132.44.0/22 maxlen: 24
94.143.136.0/21 maxlen: 24
93.93.112.0/21 maxlen: 24
62.151.160.0/21 maxlen: 24
62.151.176.0/21 maxlen: 24
2001:ba0::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:cf:6a:bd:e4:2d:b3:82:ed:47:e0:04:42:dd:99:a8:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c6dc7395815af045048f4ce3910d04008ff3a7c
Validity
Not Before: Jan 20 13:42:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ae58095265b5523e9ab1ab484aa5429fbd42658
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:71:e8:03:93:dc:ce:d6:68:59:06:5c:ec:4f:
0e:c9:f6:cc:7d:4d:46:86:4c:6c:80:73:5d:56:3f:
4a:16:fa:96:d5:12:92:c2:87:c6:94:73:c8:3f:cb:
12:7c:4b:99:8f:40:65:38:1a:c1:4f:21:e7:3f:05:
23:6d:41:e2:45:33:bf:cb:0e:2d:fa:4d:4a:2f:23:
b0:94:e8:c6:e7:4b:d3:31:61:67:bb:d2:13:a6:55:
23:5d:d6:6d:51:44:45:77:ae:73:a2:29:d7:d9:9e:
2a:8c:50:d4:49:3f:cb:3a:3a:37:0a:1e:fc:03:e6:
6d:5b:bc:a6:f9:4b:c7:0f:0b:a4:04:8d:69:a2:a6:
d1:6e:cf:38:ab:84:31:b5:ce:52:54:a6:ed:f8:0a:
ab:75:10:cd:97:86:2f:b9:60:a0:27:4a:cd:e1:af:
4b:4b:60:13:00:05:a8:97:f4:f9:38:42:51:ac:a7:
ec:8b:7a:de:0e:8f:a9:fe:ad:a8:ad:f7:76:db:0d:
8e:5d:fd:f6:21:ba:64:21:c0:60:95:41:50:e7:51:
ab:0f:cb:68:97:34:a4:60:1e:50:3a:42:d6:b2:1e:
0f:85:d9:55:e9:c7:da:05:34:4f:0c:df:30:e8:61:
48:89:28:a8:ba:e6:32:63:79:19:e8:c9:a5:4c:4d:
9c:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:E5:80:95:26:5B:55:23:E9:AB:1A:B4:84:AA:54:29:FB:D4:26:58
X509v3 Authority Key Identifier:
keyid:7C:6D:C7:39:58:15:AF:04:50:48:F4:CE:39:10:D0:40:08:FF:3A:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fG3HOVgVrwRQSPTOORDQQAj_Onw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/54687f-efa5-4620-8619-3155ba8cb74f/1/CuWAlSZbVSPpqxq0hKpUKfvUJlg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/54687f-efa5-4620-8619-3155ba8cb74f/1/fG3HOVgVrwRQSPTOORDQQAj_Onw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.151.160.0/21
62.151.176.0/21
82.223.0.0/16
93.93.112.0/21
94.143.136.0/21
185.132.44.0/22
217.76.128.0/19
IPv6:
2001:ba0::/32
Signature Algorithm: sha256WithRSAEncryption
d0:f4:e4:14:3a:f0:87:7f:42:45:86:88:34:98:c8:24:86:92:
15:9d:5b:c9:54:4f:9d:31:c9:0d:b1:de:1d:0f:f1:75:4a:7f:
a7:db:fe:1f:95:40:fe:5c:31:97:bc:0b:07:64:d9:c1:b7:0c:
9f:f2:d6:ac:2f:c5:83:c7:a5:6d:b1:84:d6:82:7c:90:5e:48:
ea:b5:2f:70:56:88:ac:e5:e3:0b:aa:eb:05:7c:e3:49:65:0a:
ef:1e:70:8f:7e:7d:7c:2c:76:28:a1:1b:fa:a1:9e:d0:e3:8f:
ac:62:0c:e6:81:50:aa:d2:45:b6:88:91:1f:a6:d2:24:35:cf:
93:c9:2c:b8:e0:14:80:32:8e:16:fd:94:2a:a2:14:c3:4d:6c:
35:71:2f:f1:b6:eb:9a:5e:f1:72:91:95:6a:0c:91:b1:05:8b:
36:8a:9b:a1:7a:26:cd:80:47:e8:8f:6e:35:00:4d:10:3b:0e:
ed:2d:1e:af:85:02:17:43:55:ee:cc:0c:fa:b5:3d:e6:25:0b:
c2:09:3b:a6:31:94:cd:9f:6f:2a:df:3a:74:0d:ed:46:96:13:
ea:19:8b:4b:19:cf:ec:90:14:23:50:76:20:9e:d2:01:76:3a:
90:b1:3e:27:64:19:51:2b:19:4f:cf:a0:be:c8:d8:73:e1:5c:
bb:83:dc:80
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYXPar3kLbOC7UfgBELdmai1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjNmRjNzM5NTgxNWFmMDQ1MDQ4ZjRjZTM5MTBkMDQwMDhm
ZjNhN2MwHhcNMjMwMTIwMTM0MjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWU1ODA5NTI2NWI1NTIzZTlhYjFhYjQ4NGFhNTQyOWZiZDQyNjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHHoA5PcztZoWQZc7E8OyfbMfU1G
hkxsgHNdVj9KFvqW1RKSwofGlHPIP8sSfEuZj0BlOBrBTyHnPwUjbUHiRTO/yw4t
+k1KLyOwlOjG50vTMWFnu9ITplUjXdZtUURFd65zoinX2Z4qjFDUST/LOjo3Ch78
A+ZtW7ym+UvHDwukBI1poqbRbs84q4Qxtc5SVKbt+AqrdRDNl4YvuWCgJ0rN4a9L
S2ATAAWol/T5OEJRrKfsi3reDo+p/q2orfd22w2OXf32IbpkIcBglUFQ51GrD8to
lzSkYB5QOkLWsh4PhdlV6cfaBTRPDN8w6GFIiSiouuYyY3kZ6MmlTE2cawIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFArlgJUmW1Uj6asatISqVCn71CZYMB8GA1UdIwQY
MBaAFHxtxzlYFa8EUEj0zjkQ0EAI/zp8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkczSE9WZ1Zyd1JRU1BUT09SRFFRQWpfT253LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81NDY4N2YtZWZhNS00NjIwLTg2MTkt
MzE1NWJhOGNiNzRmLzEvQ3VXQWxTWmJWU1BwcXhxMGhLcFVLZnZVSmxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81NDY4N2YtZWZhNS00NjIwLTg2MTktMzE1NWJhOGNiNzRm
LzEvZkczSE9WZ1Zyd1JRU1BUT09SRFFRQWpfT253LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAvBAIAATApAwQDPpegAwQD
PpewAwMAUt8DBANdXXADBANej4gDBAK5hCwDBAXZTIAwDQQCAAIwBwMFACABC6Aw
DQYJKoZIhvcNAQELBQADggEBAND05BQ68Id/QkWGiDSYyCSGkhWdW8lUT50xyQ2x
3h0P8XVKf6fb/h+VQP5cMZe8Cwdk2cG3DJ/y1qwvxYPHpW2xhNaCfJBeSOq1L3BW
iKzl4wuq6wV840llCu8ecI9+fXwsdiihG/qhntDjj6xiDOaBUKrSRbaIkR+m0iQ1
z5PJLLjgFIAyjhb9lCqiFMNNbDVxL/G265pe8XKRlWoMkbEFizaKm6F6Js2AR+iP
bjUATRA7Du0tHq+FAhdDVe7MDPq1PeYlC8IJO6YxlM2fbyrfOnQN7UaWE+oZi0sZ
z+yQFCNQdiCe0gF2OpCxPidkGVErGU/PoL7I2HPhXLuD3IA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:48 2024 by rpki-client on console-fra.rpki-client.org