Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/8BvWI8lUKjZLJsh5Sn8vuQAKiZc.roa
File: 8BvWI8lUKjZLJsh5Sn8vuQAKiZc.roa (raw, json)
Hash identifier: MzaIt6Sw769jKgWifl0YkMfb9ofB5rQzrH0bpk2xymM=
Subject key identifier: F0:1B:D6:23:C9:54:2A:36:4B:26:C8:79:4A:7F:2F:B9:00:0A:89:97
Certificate issuer: /CN=cc2eb5b38bb62ede5c98cbfbcff9532852180516
Certificate serial: 018837C0884B40C3AE8A8A76BB16E19C813D
Authority key identifier: CC:2E:B5:B3:8B:B6:2E:DE:5C:98:CB:FB:CF:F9:53:28:52:18:05:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zC61s4u2Lt5cmMv7z_lTKFIYBRY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/8BvWI8lUKjZLJsh5Sn8vuQAKiZc.roa
Signing time: Sat 20 May 2023 06:02:24 +0000
ROA not before: Sat 20 May 2023 06:02:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210083
IP address blocks: 199.231.235.0/24 maxlen: 24
121.127.33.0/24 maxlen: 24
185.130.44.0/24 maxlen: 24
185.130.47.0/24 maxlen: 24
185.130.45.0/24 maxlen: 24
185.130.46.0/24 maxlen: 24
2a07:e04::/36 maxlen: 36
2a07:e00:a::/48 maxlen: 48
2a07:e00::/48 maxlen: 48
2a07:e00:b::/48 maxlen: 48
2a07:e00:bb::/48 maxlen: 48
2a07:e03::/32 maxlen: 48
2a07:e02:41::/48 maxlen: 48
2a07:e00:19f::/48 maxlen: 48
2a07:e00:ff::/48 maxlen: 48
2a07:e02:a00::/40 maxlen: 40
2a07:e02:1000::/36 maxlen: 40
2a07:e02:b00::/40 maxlen: 56
2a07:e00:bc::/48 maxlen: 48
2a07:e00:c::/48 maxlen: 48
2a07:e00:ac::/48 maxlen: 48
2a07:e01::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:37:c0:88:4b:40:c3:ae:8a:8a:76:bb:16:e1:9c:81:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc2eb5b38bb62ede5c98cbfbcff9532852180516
Validity
Not Before: May 20 06:02:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f01bd623c9542a364b26c8794a7f2fb9000a8997
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:3d:d1:ee:9e:61:af:21:09:24:c3:2a:d5:ae:
4b:a4:7e:60:26:17:06:92:bd:50:49:3f:15:c4:2d:
0f:eb:16:76:d7:fb:5f:46:fb:39:e0:e0:d4:7b:29:
1c:25:fd:31:bf:7a:4a:ba:df:8a:f6:3f:b3:59:3b:
a1:85:fa:66:e1:bd:a7:a7:e4:50:f2:b0:40:06:21:
d5:cc:2a:95:17:34:e5:8a:46:16:69:42:d8:f0:18:
1c:af:86:5d:d6:06:40:f3:fe:45:15:09:ff:15:8c:
3c:96:41:c3:ca:f2:d7:d5:bd:9c:64:52:52:b8:03:
9a:08:ad:65:23:9f:74:c8:b5:89:8a:94:64:99:c6:
7a:43:29:86:e7:76:f0:13:24:b6:b8:25:c3:b4:d5:
a9:93:a5:37:aa:e5:cf:c7:7f:2c:22:32:d4:94:21:
4b:58:e4:dc:cd:8d:c6:01:c1:a8:71:b2:b2:23:75:
c5:b8:92:34:37:61:e5:06:a7:49:cb:d0:42:14:e8:
ba:89:38:48:82:61:f2:ec:4a:96:58:2f:d3:a4:a9:
30:04:9e:5e:76:90:63:87:7b:35:c3:ef:63:7d:37:
a3:cd:04:a6:7e:67:6d:85:e5:f2:14:48:f1:ab:f9:
54:28:1e:be:46:8f:d2:2d:50:ec:b5:f4:d7:95:d3:
c0:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:1B:D6:23:C9:54:2A:36:4B:26:C8:79:4A:7F:2F:B9:00:0A:89:97
X509v3 Authority Key Identifier:
keyid:CC:2E:B5:B3:8B:B6:2E:DE:5C:98:CB:FB:CF:F9:53:28:52:18:05:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zC61s4u2Lt5cmMv7z_lTKFIYBRY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/8BvWI8lUKjZLJsh5Sn8vuQAKiZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/zC61s4u2Lt5cmMv7z_lTKFIYBRY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.127.33.0/24
185.130.44.0/22
199.231.235.0/24
IPv6:
2a07:e00::/48
2a07:e00:a::-2a07:e00:c:ffff:ffff:ffff:ffff:ffff
2a07:e00:ac::/48
2a07:e00:bb::-2a07:e00:bc:ffff:ffff:ffff:ffff:ffff
2a07:e00:ff::/48
2a07:e00:19f::/48
2a07:e01::/32
2a07:e02:41::/48
2a07:e02:a00::/39
2a07:e02:1000::/36
2a07:e03::-2a07:e04:fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0a:2d:30:8a:43:15:e7:6c:23:7b:d1:81:4e:59:74:bd:aa:93:
51:b3:e2:05:f7:8d:51:a2:5c:5e:1e:58:86:71:9e:4f:f5:fd:
64:60:a2:ae:f1:00:f6:bd:38:ca:ac:98:a4:9e:f7:94:34:c5:
c1:64:d2:43:51:81:ac:bf:04:c0:b7:d5:48:95:b9:8d:4c:e0:
5c:d8:c8:da:18:80:6f:e5:6b:30:75:92:7d:d9:5a:b3:1d:ea:
9f:a0:eb:13:fd:b4:02:c3:8e:76:70:69:5a:56:2e:af:49:f3:
ef:e5:be:e9:49:41:32:61:38:23:9f:eb:0f:36:9f:3b:59:79:
f9:38:16:d9:b5:d2:a9:b4:5b:27:9a:f9:7d:35:4f:39:b1:72:
bb:4c:d1:1b:fc:2c:fc:ca:c0:e8:ef:34:ae:51:95:0b:ce:db:
bf:31:a7:ea:03:d5:c1:e8:81:76:15:62:fa:bf:a6:c0:ac:81:
27:95:76:e1:97:d6:d0:c2:4d:46:72:7d:ed:5a:2c:c4:28:80:
17:ed:94:c2:64:08:21:54:13:4a:e8:99:69:79:ac:71:0b:1d:
03:18:51:86:20:16:c8:1e:7f:2a:9c:21:9b:2a:5a:ed:83:22:
dc:de:3b:6c:8b:e0:d2:6f:e3:21:aa:f1:80:fd:5a:13:73:20:
fe:de:8b:42
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAYg3wIhLQMOuiop2uxbhnIE9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjMmViNWIzOGJiNjJlZGU1Yzk4Y2JmYmNmZjk1MzI4NTIx
ODA1MTYwHhcNMjMwNTIwMDYwMjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDFiZDYyM2M5NTQyYTM2NGIyNmM4Nzk0YTdmMmZiOTAwMGE4OTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiT3R7p5hryEJJMMq1a5LpH5gJhcG
kr1QST8VxC0P6xZ21/tfRvs54ODUeykcJf0xv3pKut+K9j+zWTuhhfpm4b2np+RQ
8rBABiHVzCqVFzTlikYWaULY8Bgcr4Zd1gZA8/5FFQn/FYw8lkHDyvLX1b2cZFJS
uAOaCK1lI590yLWJipRkmcZ6QymG53bwEyS2uCXDtNWpk6U3quXPx38sIjLUlCFL
WOTczY3GAcGocbKyI3XFuJI0N2HlBqdJy9BCFOi6iThIgmHy7EqWWC/TpKkwBJ5e
dpBjh3s1w+9jfTejzQSmfmdtheXyFEjxq/lUKB6+Ro/SLVDstfTXldPAqwIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFPAb1iPJVCo2SybIeUp/L7kAComXMB8GA1UdIwQY
MBaAFMwutbOLti7eXJjL+8/5UyhSGAUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekM2MXM0dTJMdDVjbU12N3pfbFRLRklZQlJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC82ZjAyNjktODM0ZS00N2M1LTk4ZTEt
ZjFmODAyZTY2MTNiLzEvOEJ2V0k4bFVLalpMSnNoNVNuOHZ1UUFLaVpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC82ZjAyNjktODM0ZS00N2M1LTk4ZTEtZjFmODAyZTY2MTNi
LzEvekM2MXM0dTJMdDVjbU12N3pfbFRLRklZQlJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDAYBAIAATASAwQAeX8h
AwQCuYIsAwQAx+frMIGDBAIAAjB9AwcAKgcOAAAAMBIDBwEqBw4AAAoDBwAqBw4A
AAwDBwAqBw4AAKwwEgMHACoHDgAAuwMHACoHDgAAvAMHACoHDgAA/wMHACoHDgAB
nwMFACoHDgEDBwAqBw4CAEEDBgEqBw4CCgMGBCoHDgIQMA8DBQAqBw4DAwYEKgcO
BAAwDQYJKoZIhvcNAQELBQADggEBAAotMIpDFedsI3vRgU5ZdL2qk1Gz4gX3jVGi
XF4eWIZxnk/1/WRgoq7xAPa9OMqsmKSe95Q0xcFk0kNRgay/BMC31UiVuY1M4FzY
yNoYgG/lazB1kn3ZWrMd6p+g6xP9tALDjnZwaVpWLq9J8+/lvulJQTJhOCOf6w82
nztZefk4Ftm10qm0Wyea+X01TzmxcrtM0Rv8LPzKwOjvNK5RlQvO278xp+oD1cHo
gXYVYvq/psCsgSeVduGX1tDCTUZyfe1aLMQogBftlMJkCCFUE0romWl5rHELHQMY
UYYgFsgefyqcIZsqWu2DItzeO2yL4NJv4yGq8YD9WhNzIP7ei0I=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:35:45 2024 by rpki-client on console-ams.rpki-client.org