Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/92256d-b875-4762-b743-05b15f5ee8c3/1/CBy6y1uTghnN4rNN3Nyvqg7Nv68.roa
File: CBy6y1uTghnN4rNN3Nyvqg7Nv68.roa (raw, json)
Hash identifier: ouva/P+RiSUjz2UCByyPIqPjJJBJyeEUHTQn+t6mBSM=
Subject key identifier: 08:1C:BA:CB:5B:93:82:19:CD:E2:B3:4D:DC:DC:AF:AA:0E:CD:BF:AF
Certificate issuer: /CN=ce1c5bea595d890f21307c1b336519fb0edc089c
Certificate serial: 018573BABC7DC1AD750ABA1BCD5C54BB076D
Authority key identifier: CE:1C:5B:EA:59:5D:89:0F:21:30:7C:1B:33:65:19:FB:0E:DC:08:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zhxb6lldiQ8hMHwbM2UZ-w7cCJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/92256d-b875-4762-b743-05b15f5ee8c3/1/CBy6y1uTghnN4rNN3Nyvqg7Nv68.roa
Signing time: Mon 02 Jan 2023 18:24:55 +0000
ROA not before: Mon 02 Jan 2023 18:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49605
IP address blocks: 185.87.240.0/22 maxlen: 22
217.112.96.0/20 maxlen: 20
31.13.136.0/21 maxlen: 21
185.8.148.0/22 maxlen: 22
2a05:c6c0::/29 maxlen: 29
2a02:e50::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:ba:bc:7d:c1:ad:75:0a:ba:1b:cd:5c:54:bb:07:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce1c5bea595d890f21307c1b336519fb0edc089c
Validity
Not Before: Jan 2 18:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=081cbacb5b938219cde2b34ddcdcafaa0ecdbfaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:50:09:c0:83:04:ac:e7:ba:20:b3:af:51:5e:
3b:a9:42:8e:99:d1:c1:c6:69:e6:7c:c6:d6:e4:94:
96:67:2c:6a:c0:55:66:7c:66:a4:20:fb:0c:a6:d6:
d5:8a:be:55:6a:91:6e:ac:c6:1a:da:94:01:21:3a:
7d:ce:3b:1d:71:cf:82:a9:0c:30:93:39:24:38:64:
c8:d4:21:f0:60:78:65:8e:9b:8e:a2:06:0f:83:80:
23:22:66:1a:89:1e:db:e1:b5:9f:3f:04:91:be:5a:
17:80:bc:5e:75:5e:32:f9:c6:49:4c:b9:f7:08:31:
b5:88:28:50:1d:56:a2:48:9e:ad:58:07:a8:c8:bf:
57:eb:c4:28:ce:a2:b3:74:f9:ac:41:50:da:c1:a9:
c5:e4:d7:be:72:cd:db:d5:b3:e4:fe:d2:67:73:57:
f0:12:8f:e5:77:87:f4:cd:09:79:9b:20:eb:77:ed:
7f:0e:ba:86:7e:4d:e2:31:c1:e6:9c:11:b1:73:9c:
bf:da:3e:5b:62:8f:5d:63:a4:db:6a:76:c0:3c:4f:
3f:8b:ad:1b:c9:9d:03:58:47:39:3b:f8:73:2a:c3:
17:19:d8:f4:0f:5c:17:28:aa:fb:05:f3:49:6b:eb:
95:61:f6:ac:10:12:05:2e:79:f8:ff:7e:17:00:6c:
88:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:1C:BA:CB:5B:93:82:19:CD:E2:B3:4D:DC:DC:AF:AA:0E:CD:BF:AF
X509v3 Authority Key Identifier:
keyid:CE:1C:5B:EA:59:5D:89:0F:21:30:7C:1B:33:65:19:FB:0E:DC:08:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zhxb6lldiQ8hMHwbM2UZ-w7cCJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/92256d-b875-4762-b743-05b15f5ee8c3/1/CBy6y1uTghnN4rNN3Nyvqg7Nv68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/92256d-b875-4762-b743-05b15f5ee8c3/1/zhxb6lldiQ8hMHwbM2UZ-w7cCJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.136.0/21
185.8.148.0/22
185.87.240.0/22
217.112.96.0/20
IPv6:
2a02:e50::/32
2a05:c6c0::/29
Signature Algorithm: sha256WithRSAEncryption
6d:51:77:ff:ab:07:40:f0:ea:c8:65:e7:b6:b9:21:56:08:09:
46:a0:6d:63:1e:f8:d6:c0:73:6b:04:73:5c:86:48:d8:15:6c:
dc:61:49:79:9a:0c:cd:8b:29:73:13:35:59:f0:0b:ad:84:71:
87:b1:89:46:00:1a:8a:06:fe:65:0f:cc:60:63:33:d3:72:b7:
bd:93:83:01:2f:0c:8b:00:72:23:90:36:a1:90:58:6c:41:1a:
3c:67:e9:87:d8:28:3e:d5:86:fe:ff:69:82:29:fe:17:04:88:
81:d0:6c:bf:ee:7d:8e:7f:81:5c:ff:ea:f8:2a:cc:77:00:fb:
36:1b:58:57:9a:49:de:9a:8d:f8:95:9f:12:4c:1e:b8:63:00:
ac:3e:3c:fd:88:84:9e:c2:28:ef:3c:54:34:e8:aa:e6:7b:9d:
6b:0a:1a:10:c7:4c:45:89:00:9e:00:6b:2f:0f:29:10:e9:60:
45:75:ae:d4:2a:d6:08:54:30:01:d0:d8:cf:3c:1e:98:e4:82:
f0:e5:15:b4:a8:f0:b8:e4:2b:60:34:a1:22:2e:b7:09:c0:0d:
c5:b4:2c:0f:a1:18:89:2d:8b:b3:f6:57:87:d3:77:e4:a1:e0:
9c:f6:1d:46:0e:76:19:d8:fb:c0:83:7c:35:08:43:bd:cc:df:
68:d3:48:af
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVzurx9wa11CrobzVxUuwdtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlMWM1YmVhNTk1ZDg5MGYyMTMwN2MxYjMzNjUxOWZiMGVk
YzA4OWMwHhcNMjMwMTAyMTgyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODFjYmFjYjViOTM4MjE5Y2RlMmIzNGRkY2RjYWZhYTBlY2RiZmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3FAJwIMErOe6ILOvUV47qUKOmdHB
xmnmfMbW5JSWZyxqwFVmfGakIPsMptbVir5VapFurMYa2pQBITp9zjsdcc+CqQww
kzkkOGTI1CHwYHhljpuOogYPg4AjImYaiR7b4bWfPwSRvloXgLxedV4y+cZJTLn3
CDG1iChQHVaiSJ6tWAeoyL9X68QozqKzdPmsQVDawanF5Ne+cs3b1bPk/tJnc1fw
Eo/ld4f0zQl5myDrd+1/DrqGfk3iMcHmnBGxc5y/2j5bYo9dY6TbanbAPE8/i60b
yZ0DWEc5O/hzKsMXGdj0D1wXKKr7BfNJa+uVYfasEBIFLnn4/34XAGyIIwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFAgcustbk4IZzeKzTdzcr6oOzb+vMB8GA1UdIwQY
MBaAFM4cW+pZXYkPITB8GzNlGfsO3AicMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemh4YjZsbGRpUThoTUh3Yk0yVVotdzdjQ0p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi85MjI1NmQtYjg3NS00NzYyLWI3NDMt
MDViMTVmNWVlOGMzLzEvQ0J5NnkxdVRnaG5ONHJOTjNOeXZxZzdOdjY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi85MjI1NmQtYjg3NS00NzYyLWI3NDMtMDViMTVmNWVlOGMz
LzEvemh4YjZsbGRpUThoTUh3Yk0yVVotdzdjQ0p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQDHw2IAwQC
uQiUAwQCuVfwAwQE2XBgMBQEAgACMA4DBQAqAg5QAwUDKgXGwDANBgkqhkiG9w0B
AQsFAAOCAQEAbVF3/6sHQPDqyGXntrkhVggJRqBtYx741sBzawRzXIZI2BVs3GFJ
eZoMzYspcxM1WfALrYRxh7GJRgAaigb+ZQ/MYGMz03K3vZODAS8MiwByI5A2oZBY
bEEaPGfph9goPtWG/v9pgin+FwSIgdBsv+59jn+BXP/q+CrMdwD7NhtYV5pJ3pqN
+JWfEkweuGMArD48/YiEnsIo7zxUNOiq5nudawoaEMdMRYkAngBrLw8pEOlgRXWu
1CrWCFQwAdDYzzwemOSC8OUVtKjwuOQrYDShIi63CcANxbQsD6EYiS2Ls/ZXh9N3
5KHgnPYdRg52Gdj7wIN8NQhDvczfaNNIrw==
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:41:19 2024 by rpki-client on console-ams.rpki-client.org