Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/BxHVUfikYlbsbtsFRvg7zXw6DF0.roa
File: BxHVUfikYlbsbtsFRvg7zXw6DF0.roa (raw, json)
Hash identifier: MtFq2GTy+PvQFbPrhzn+iO0sf4U+lJL5aXRD5ck6uOM=
Subject key identifier: 07:11:D5:51:F8:A4:62:56:EC:6E:DB:05:46:F8:3B:CD:7C:3A:0C:5D
Certificate issuer: /CN=c592786ced6ce597585468bb4f36b31cf6acec6e
Certificate serial: 0188B3811D0A59B9DFA77605C9EBEF491717
Authority key identifier: C5:92:78:6C:ED:6C:E5:97:58:54:68:BB:4F:36:B3:1C:F6:AC:EC:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xZJ4bO1s5ZdYVGi7TzazHPas7G4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/BxHVUfikYlbsbtsFRvg7zXw6DF0.roa
Signing time: Tue 13 Jun 2023 06:46:03 +0000
ROA not before: Tue 13 Jun 2023 06:46:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7155
IP address blocks: 81.88.67.0/24 maxlen: 24
81.88.68.0/23 maxlen: 23
81.88.68.0/24 maxlen: 24
81.88.69.0/24 maxlen: 24
81.88.70.0/24 maxlen: 24
81.88.76.0/24 maxlen: 24
81.88.78.0/24 maxlen: 24
81.88.73.0/24 maxlen: 24
81.88.74.0/23 maxlen: 23
81.88.79.0/24 maxlen: 24
84.247.142.0/24 maxlen: 24
84.247.146.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b3:81:1d:0a:59:b9:df:a7:76:05:c9:eb:ef:49:17:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c592786ced6ce597585468bb4f36b31cf6acec6e
Validity
Not Before: Jun 13 06:46:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0711d551f8a46256ec6edb0546f83bcd7c3a0c5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:d2:c9:be:c7:17:a9:17:95:61:9d:b4:3d:80:
45:c5:f0:31:60:c0:00:6a:71:28:ca:f7:4a:20:d6:
7c:4e:38:1c:a7:7c:81:4f:d1:f5:de:1d:d0:4a:d0:
fe:03:b1:ed:e4:d6:cc:73:11:8a:9a:a9:bf:09:ad:
f4:70:9c:99:33:c4:4a:39:12:9c:06:4a:f4:f0:d3:
a0:d8:7a:fd:aa:36:ba:e6:72:2b:d6:c6:ec:48:7a:
c0:50:4d:6d:ba:16:6b:3f:8e:53:32:9c:a3:bd:44:
ef:7f:c8:dc:ba:09:fd:09:c5:31:43:7b:d4:15:87:
84:62:33:7c:1f:4b:84:c8:c6:a5:37:d1:b6:a7:fd:
ab:2f:6b:24:d9:d7:1f:88:02:8e:5e:4b:e5:2c:f9:
f8:3c:d7:9d:e4:57:e4:b7:1e:f7:3e:a8:22:6e:6d:
b6:81:d5:58:9b:1b:e6:46:7a:37:23:b8:e3:d1:1d:
cb:95:7a:b1:72:9f:07:b2:54:e3:6c:5e:ff:ab:ec:
16:a9:d8:a1:62:76:56:f6:cb:d4:cc:89:ba:c3:b0:
50:34:15:ca:51:3f:0a:eb:37:52:03:97:60:b6:17:
40:7a:35:00:01:86:f6:80:3a:85:b9:d6:c7:78:4e:
2e:45:01:4e:22:e7:73:fa:13:c3:9d:4e:e9:bf:cd:
9e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:11:D5:51:F8:A4:62:56:EC:6E:DB:05:46:F8:3B:CD:7C:3A:0C:5D
X509v3 Authority Key Identifier:
keyid:C5:92:78:6C:ED:6C:E5:97:58:54:68:BB:4F:36:B3:1C:F6:AC:EC:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZJ4bO1s5ZdYVGi7TzazHPas7G4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/BxHVUfikYlbsbtsFRvg7zXw6DF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/xZJ4bO1s5ZdYVGi7TzazHPas7G4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.88.67.0-81.88.70.255
81.88.73.0-81.88.76.255
81.88.78.0/23
84.247.142.0/24
84.247.146.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:d9:6c:d7:85:15:7e:4a:f1:79:09:88:97:33:8c:bd:53:c8:
70:1b:f7:ef:b0:6b:2c:16:84:3b:40:2d:2b:22:94:f5:46:d5:
18:2b:a3:02:7a:0b:9d:21:4d:8e:86:5b:3f:97:d9:15:e1:f0:
25:23:0b:71:51:33:84:91:3c:b9:b2:a3:45:b0:84:2c:4b:d1:
54:9d:13:39:9c:12:d6:e9:01:f8:62:a4:ce:3d:a2:7b:11:ba:
17:b1:b7:0d:73:ee:43:b7:a3:25:33:e4:68:39:60:31:d5:6a:
ac:72:7d:4a:aa:6f:62:4b:5b:69:27:f8:74:84:15:c7:90:bf:
0c:54:0d:9b:57:33:5f:0f:07:df:c2:63:d9:4c:ba:07:ad:5c:
27:ac:6d:e1:b7:48:c8:05:da:10:8f:f8:e5:f7:b7:f6:e1:3a:
d5:61:44:7c:6d:9c:ea:cc:c1:4d:70:fb:79:7e:39:69:d1:f6:
60:15:55:31:70:91:ba:64:24:37:b3:38:43:de:9c:d4:0a:a7:
69:2d:21:56:12:27:e6:1d:4b:ba:bd:89:1f:01:84:8c:3d:3a:
d6:f0:33:1b:be:ff:61:d3:de:8a:3d:d6:e0:b9:33:20:4f:9d:
f1:85:13:a0:da:d6:b3:44:14:c1:cc:dd:ac:24:e4:d3:19:8e:
bd:dd:1b:95
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYizgR0KWbnfp3YFyevvSRcXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OTI3ODZjZWQ2Y2U1OTc1ODU0NjhiYjRmMzZiMzFjZjZh
Y2VjNmUwHhcNMjMwNjEzMDY0NjAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzExZDU1MWY4YTQ2MjU2ZWM2ZWRiMDU0NmY4M2JjZDdjM2EwYzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6NLJvscXqReVYZ20PYBFxfAxYMAA
anEoyvdKINZ8Tjgcp3yBT9H13h3QStD+A7Ht5NbMcxGKmqm/Ca30cJyZM8RKORKc
Bkr08NOg2Hr9qja65nIr1sbsSHrAUE1tuhZrP45TMpyjvUTvf8jcugn9CcUxQ3vU
FYeEYjN8H0uEyMalN9G2p/2rL2sk2dcfiAKOXkvlLPn4PNed5Ffktx73Pqgibm22
gdVYmxvmRno3I7jj0R3LlXqxcp8HslTjbF7/q+wWqdihYnZW9svUzIm6w7BQNBXK
UT8K6zdSA5dgthdAejUAAYb2gDqFudbHeE4uRQFOIudz+hPDnU7pv82eYQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFAcR1VH4pGJW7G7bBUb4O818OgxdMB8GA1UdIwQY
MBaAFMWSeGztbOWXWFRou082sxz2rOxuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFpKNGJPMXM1WmRZVkdpN1R6YXpIUGFzN0c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9hOWMwYjctYTIzYS00NThmLThmNjQt
YmEzNzUxMTQwNGMyLzEvQnhIVlVmaWtZbGJzYnRzRlJ2Zzd6WHc2REYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9hOWMwYjctYTIzYS00NThmLThmNjQtYmEzNzUxMTQwNGMy
LzEveFpKNGJPMXM1WmRZVkdpN1R6YXpIUGFzN0c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBABRWEMD
BABRWEYwDAMEAFFYSQMEAFFYTAMEAVFYTgMEAFT3jgMEAFT3kjANBgkqhkiG9w0B
AQsFAAOCAQEAnNls14UVfkrxeQmIlzOMvVPIcBv377BrLBaEO0AtKyKU9UbVGCuj
AnoLnSFNjoZbP5fZFeHwJSMLcVEzhJE8ubKjRbCELEvRVJ0TOZwS1ukB+GKkzj2i
exG6F7G3DXPuQ7ejJTPkaDlgMdVqrHJ9SqpvYktbaSf4dIQVx5C/DFQNm1czXw8H
38Jj2Uy6B61cJ6xt4bdIyAXaEI/45fe39uE61WFEfG2c6szBTXD7eX45adH2YBVV
MXCRumQkN7M4Q96c1AqnaS0hVhIn5h1Lur2JHwGEjD061vAzG77/YdPeij3W4Lkz
IE+d8YUToNrWs0QUwczdrCTk0xmOvd0blQ==
-----END CERTIFICATE-----
Generated at Fri Aug 11 12:36:46 2023 by rpki-client on console-fra.rpki-client.org