Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/BxXC5jxl3ZYG2TMNxT0pDdRlqZ4.roa
File: BxXC5jxl3ZYG2TMNxT0pDdRlqZ4.roa (raw, json)
Hash identifier: XZAqik0kckG7sRu1dO+ZSOtBMrF29jpRd1GtEwbaiyU=
Subject key identifier: 07:15:C2:E6:3C:65:DD:96:06:D9:33:0D:C5:3D:29:0D:D4:65:A9:9E
Certificate issuer: /CN=0d87142bdc2b3f0d0848a0d800b6930b1abb34bc
Certificate serial: 0185DF60BF843CEAC6B5EC5C78C41F53BC5A
Authority key identifier: 0D:87:14:2B:DC:2B:3F:0D:08:48:A0:D8:00:B6:93:0B:1A:BB:34:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DYcUK9wrPw0ISKDYALaTCxq7NLw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/BxXC5jxl3ZYG2TMNxT0pDdRlqZ4.roa
Signing time: Mon 23 Jan 2023 16:05:37 +0000
ROA not before: Mon 23 Jan 2023 16:05:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24685
IP address blocks: 80.92.224.0/24 maxlen: 32
80.92.226.0/24 maxlen: 32
212.110.152.0/23 maxlen: 32
80.92.231.0/24 maxlen: 32
80.92.233.0/24 maxlen: 32
80.92.235.0/24 maxlen: 32
80.92.234.0/24 maxlen: 32
82.117.229.0/24 maxlen: 32
193.111.48.0/23 maxlen: 32
92.60.179.0/24 maxlen: 32
92.60.178.0/24 maxlen: 32
92.60.178.0/23 maxlen: 32
82.117.244.0/24 maxlen: 32
185.38.208.0/24 maxlen: 32
185.38.209.0/24 maxlen: 32
185.39.196.0/24 maxlen: 32
128.0.172.0/24 maxlen: 32
193.111.0.0/24 maxlen: 32
85.90.211.0/24 maxlen: 32
31.172.136.0/23 maxlen: 32
31.172.140.0/23 maxlen: 32
85.90.223.0/24 maxlen: 32
2a01:6b0:7::/48 maxlen: 128
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:df:60:bf:84:3c:ea:c6:b5:ec:5c:78:c4:1f:53:bc:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d87142bdc2b3f0d0848a0d800b6930b1abb34bc
Validity
Not Before: Jan 23 16:05:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0715c2e63c65dd9606d9330dc53d290dd465a99e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:72:3c:a3:a6:9a:f8:a6:6c:1e:c7:d2:78:b2:
57:1d:ea:91:2e:cc:43:0c:f1:c3:54:5e:77:6b:02:
a4:fa:c4:37:23:bf:98:e5:c7:e7:1c:78:2a:c4:03:
9f:6d:57:ef:fc:c1:1c:a9:66:7d:b3:ee:39:58:f0:
65:94:b3:d8:04:06:88:7e:7b:a5:ac:df:36:e1:6a:
62:6b:d8:5d:5d:df:78:b9:c2:76:f1:6b:bc:21:fe:
5c:16:5b:69:37:02:6d:6b:b1:87:ca:60:9b:42:32:
96:ea:bd:13:4d:31:ce:54:c8:81:bb:39:e7:a7:5d:
ea:6a:a7:95:82:6f:8e:50:65:2d:93:2a:7c:bf:03:
3b:5c:33:e7:bb:ac:63:3c:bd:64:12:8d:94:95:28:
ff:49:7f:14:38:67:51:98:b7:e3:1c:90:d7:51:c0:
83:d2:a0:c1:48:68:c7:9b:5a:f6:39:ce:fc:2a:00:
4a:34:68:2d:f4:d2:57:2e:bd:c6:6c:1d:1e:a5:a2:
1b:f9:60:7e:34:49:08:90:65:d0:86:bb:f2:4d:4e:
ee:90:78:74:b9:ec:58:9e:5b:76:82:18:40:10:7c:
19:ff:66:74:03:f2:66:8f:02:31:97:ba:8f:34:04:
08:b8:a3:b7:1b:07:bd:54:62:d8:f0:b0:65:00:c2:
44:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:15:C2:E6:3C:65:DD:96:06:D9:33:0D:C5:3D:29:0D:D4:65:A9:9E
X509v3 Authority Key Identifier:
keyid:0D:87:14:2B:DC:2B:3F:0D:08:48:A0:D8:00:B6:93:0B:1A:BB:34:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DYcUK9wrPw0ISKDYALaTCxq7NLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/BxXC5jxl3ZYG2TMNxT0pDdRlqZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/DYcUK9wrPw0ISKDYALaTCxq7NLw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.136.0/23
31.172.140.0/23
80.92.224.0/24
80.92.226.0/24
80.92.231.0/24
80.92.233.0-80.92.235.255
82.117.229.0/24
82.117.244.0/24
85.90.211.0/24
85.90.223.0/24
92.60.178.0/23
128.0.172.0/24
185.38.208.0/23
185.39.196.0/24
193.111.0.0/24
193.111.48.0/23
212.110.152.0/23
IPv6:
2a01:6b0:7::/48
Signature Algorithm: sha256WithRSAEncryption
ce:5f:79:68:20:d2:08:f0:b7:77:c2:04:44:9f:8d:e4:9d:f9:
df:24:17:55:4d:15:e6:87:7d:02:04:88:e7:6f:9e:1a:ff:42:
65:07:fe:cd:03:7a:b6:e7:86:48:c7:7d:96:78:52:b2:61:46:
54:02:4f:ea:40:1a:cc:a8:0a:53:9c:b0:c2:d8:73:c5:a7:10:
2e:08:5c:eb:58:1f:69:0c:2f:16:9d:1d:20:78:2d:07:ef:21:
51:f6:66:f6:e0:e0:f7:aa:64:df:29:af:c0:1c:23:98:ad:c6:
72:90:b4:95:ac:76:ea:d6:eb:0b:d7:4e:5a:5c:8d:16:67:2f:
50:e3:28:78:59:d6:89:48:42:93:5f:a8:a2:b0:b9:6f:74:b0:
4e:6d:fb:24:96:55:c7:98:4f:26:bb:52:70:9d:36:c4:ee:0d:
0b:e4:8f:cb:b5:a4:94:10:ef:c0:96:a2:e4:ec:2a:6d:c8:7e:
8a:54:56:6e:60:c5:34:1c:ab:14:91:7e:db:ff:d2:22:cd:cb:
e2:43:ae:f8:fe:2a:aa:31:e8:78:44:97:29:3c:fa:cb:31:67:
e6:d9:55:0b:04:d8:fd:5e:b3:fd:6d:83:a1:44:f9:8f:75:d1:
84:63:2b:2f:86:d3:60:3b:1d:10:cd:c8:d5:35:fe:59:93:97:
c7:89:19:c9
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYXfYL+EPOrGtexceMQfU7xaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkODcxNDJiZGMyYjNmMGQwODQ4YTBkODAwYjY5MzBiMWFi
YjM0YmMwHhcNMjMwMTIzMTYwNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzE1YzJlNjNjNjVkZDk2MDZkOTMzMGRjNTNkMjkwZGQ0NjVhOTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHI8o6aa+KZsHsfSeLJXHeqRLsxD
DPHDVF53awKk+sQ3I7+Y5cfnHHgqxAOfbVfv/MEcqWZ9s+45WPBllLPYBAaIfnul
rN824Wpia9hdXd94ucJ28Wu8If5cFltpNwJta7GHymCbQjKW6r0TTTHOVMiBuznn
p13qaqeVgm+OUGUtkyp8vwM7XDPnu6xjPL1kEo2UlSj/SX8UOGdRmLfjHJDXUcCD
0qDBSGjHm1r2Oc78KgBKNGgt9NJXLr3GbB0epaIb+WB+NEkIkGXQhrvyTU7ukHh0
uexYnlt2ghhAEHwZ/2Z0A/JmjwIxl7qPNAQIuKO3Gwe9VGLY8LBlAMJEMwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFAcVwuY8Zd2WBtkzDcU9KQ3UZameMB8GA1UdIwQY
MBaAFA2HFCvcKz8NCEig2AC2kwsauzS8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFljVUs5d3JQdzBJU0tEWUFMYVRDeHE3Tkx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC84ZjhjYzAtZjY5My00MjFjLWJjNTQt
YTMxNzA4ZDQwMzkxLzEvQnhYQzVqeGwzWllHMlRNTnhUMHBEZFJscVo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC84ZjhjYzAtZjY5My00MjFjLWJjNTQtYTMxNzA4ZDQwMzkx
LzEvRFljVUs5d3JQdzBJU0tEWUFMYVRDeHE3Tkx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzB0BAIAATBuAwQBH6yI
AwQBH6yMAwQAUFzgAwQAUFziAwQAUFznMAwDBABQXOkDBAJQXOgDBABSdeUDBABS
dfQDBABVWtMDBABVWt8DBAFcPLIDBACAAKwDBAG5JtADBAC5J8QDBADBbwADBAHB
bzADBAHUbpgwDwQCAAIwCQMHACoBBrAABzANBgkqhkiG9w0BAQsFAAOCAQEAzl95
aCDSCPC3d8IERJ+N5J353yQXVU0V5od9AgSI52+eGv9CZQf+zQN6tueGSMd9lnhS
smFGVAJP6kAazKgKU5ywwthzxacQLghc61gfaQwvFp0dIHgtB+8hUfZm9uDg96pk
3ymvwBwjmK3GcpC0lax26tbrC9dOWlyNFmcvUOMoeFnWiUhCk1+oorC5b3SwTm37
JJZVx5hPJrtScJ02xO4NC+SPy7WklBDvwJai5Owqbch+ilRWbmDFNByrFJF+2//S
Is3L4kOu+P4qqjHoeESXKTz6yzFn5tlVCwTY/V6z/W2DoUT5j3XRhGMrL4bTYDsd
EM3I1TX+WZOXx4kZyQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:38 2023 by rpki-client on console-ams.rpki-client.org