Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/_638Zibd0YoxCZdyYQmCk2p1zw0.roa
File: _638Zibd0YoxCZdyYQmCk2p1zw0.roa (raw, json)
Hash identifier: eOF8tWF7nIvbpYL2213+APnL0Ea3A5bk306II2ku0JM=
Subject key identifier: FF:AD:FC:66:26:DD:D1:8A:31:09:97:72:61:09:82:93:6A:75:CF:0D
Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Certificate serial: 018572BA629F3E3F8839A2AF1A99B91900BD
Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/_638Zibd0YoxCZdyYQmCk2p1zw0.roa
Signing time: Mon 02 Jan 2023 13:44:55 +0000
ROA not before: Mon 02 Jan 2023 13:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199527
IP address blocks: 213.252.242.0/24 maxlen: 24
213.252.251.0/24 maxlen: 24
213.252.253.0/24 maxlen: 24
213.252.250.0/24 maxlen: 24
213.252.210.0/24 maxlen: 24
213.252.209.0/24 maxlen: 24
213.252.208.0/24 maxlen: 24
2a00:f501:a001::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:62:9f:3e:3f:88:39:a2:af:1a:99:b9:19:00:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Validity
Not Before: Jan 2 13:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ffadfc6626ddd18a31099772610982936a75cf0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:4e:1c:44:8b:3c:fd:a2:40:46:82:09:27:9a:
ba:c1:77:cb:90:b3:d8:e3:ac:94:43:24:52:5a:35:
c8:f2:00:ba:8f:6d:71:e5:a2:ba:90:5a:1e:52:56:
fe:60:51:44:f1:b9:b5:6c:a5:e7:76:3e:ef:cc:a3:
3f:11:7c:ed:58:a7:90:b9:27:23:c2:9e:19:d7:c3:
6e:9f:8a:e2:0e:ae:b8:05:0e:45:d5:bf:09:83:7f:
4d:ff:62:ec:ec:5a:29:2a:29:06:3a:d0:af:d0:c8:
4d:d3:57:b0:f3:8a:69:57:4a:38:fa:15:7c:cf:17:
43:39:ff:8f:ab:5e:ed:33:de:4b:ae:07:61:65:c0:
8a:e7:d2:17:6c:18:66:23:20:ba:08:ab:15:21:78:
8e:7b:87:22:79:cc:36:c4:4e:09:15:7e:87:7e:1b:
42:0b:84:ef:0f:e9:c8:e4:e0:82:24:58:d1:56:d9:
bd:8b:d7:b6:b9:67:0a:4b:d3:33:e6:cd:4d:2d:62:
7a:60:27:a7:74:14:20:39:b5:b6:6f:e8:0b:4c:7c:
67:91:de:4b:cd:f1:2e:c9:1f:d0:3e:6b:03:4a:64:
e7:36:ad:93:0b:36:0f:36:02:47:bd:01:0e:ff:44:
8b:45:60:30:9d:31:96:69:8d:6b:5a:59:55:d0:33:
d2:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:AD:FC:66:26:DD:D1:8A:31:09:97:72:61:09:82:93:6A:75:CF:0D
X509v3 Authority Key Identifier:
keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/_638Zibd0YoxCZdyYQmCk2p1zw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.252.208.0-213.252.210.255
213.252.242.0/24
213.252.250.0/23
213.252.253.0/24
IPv6:
2a00:f501:a001::/48
Signature Algorithm: sha256WithRSAEncryption
66:55:7b:54:03:5c:87:bc:9e:18:fe:ca:69:f4:5b:b3:36:da:
e5:58:8c:db:7d:71:0f:c3:c4:ad:c1:42:52:2d:7c:c3:a8:cb:
99:bb:44:b0:88:ee:d4:98:75:47:93:02:d3:4a:e3:b7:cd:8a:
47:48:50:b8:b9:73:00:f0:7e:8e:86:bb:79:0d:fa:f5:e5:cc:
94:5c:c3:d1:f2:89:36:44:07:21:36:13:92:b0:d2:bb:75:fb:
19:2f:19:09:c9:ae:04:71:6a:25:a4:aa:6e:bd:77:23:38:65:
80:f3:70:6e:43:c8:9c:08:2f:7f:b6:35:30:5f:3d:5a:cf:af:
28:93:19:57:ee:a5:26:19:3f:53:e3:27:74:f3:fe:c6:c8:07:
5a:ec:a2:15:59:f2:c5:80:df:07:94:99:ee:3b:0a:39:9a:95:
0f:93:1e:d7:f1:32:36:49:d4:ec:ea:9f:63:d6:45:da:0a:c5:
62:aa:7a:c0:73:4b:da:af:6a:40:37:db:09:35:00:33:1c:e4:
aa:7f:8d:33:bf:58:61:c0:6c:dc:00:60:e9:f3:57:09:7d:b7:
a8:44:3a:ec:73:9c:ba:5d:d6:a6:af:36:a1:fa:14:1b:22:79:
5d:91:a1:1b:cc:5e:3e:39:0c:b2:eb:fd:b5:ef:54:68:7e:eb:
8e:08:93:75
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYVyumKfPj+IOaKvGpm5GQC9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3
MTE4MGQwHhcNMjMwMTAyMTM0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmFkZmM2NjI2ZGRkMThhMzEwOTk3NzI2MTA5ODI5MzZhNzVjZjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqE4cRIs8/aJARoIJJ5q6wXfLkLPY
46yUQyRSWjXI8gC6j21x5aK6kFoeUlb+YFFE8bm1bKXndj7vzKM/EXztWKeQuScj
wp4Z18Nun4riDq64BQ5F1b8Jg39N/2Ls7FopKikGOtCv0MhN01ew84ppV0o4+hV8
zxdDOf+Pq17tM95LrgdhZcCK59IXbBhmIyC6CKsVIXiOe4ciecw2xE4JFX6HfhtC
C4TvD+nI5OCCJFjRVtm9i9e2uWcKS9Mz5s1NLWJ6YCendBQgObW2b+gLTHxnkd5L
zfEuyR/QPmsDSmTnNq2TCzYPNgJHvQEO/0SLRWAwnTGWaY1rWllV0DPSmwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFP+t/GYm3dGKMQmXcmEJgpNqdc8NMB8GA1UdIwQY
MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt
MDQ2ODA0MjQ4NmRjLzEvXzYzOFppYmQwWW94Q1pkeVlRbUNrMnAxencwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj
LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAmBAIAATAgMAwDBATV/NAD
BADV/NIDBADV/PIDBAHV/PoDBADV/P0wDwQCAAIwCQMHACoA9QGgATANBgkqhkiG
9w0BAQsFAAOCAQEAZlV7VANch7yeGP7KafRbszba5ViM231xD8PErcFCUi18w6jL
mbtEsIju1Jh1R5MC00rjt82KR0hQuLlzAPB+joa7eQ369eXMlFzD0fKJNkQHITYT
krDSu3X7GS8ZCcmuBHFqJaSqbr13IzhlgPNwbkPInAgvf7Y1MF89Ws+vKJMZV+6l
Jhk/U+MndPP+xsgHWuyiFVnyxYDfB5SZ7jsKOZqVD5Me1/EyNknU7OqfY9ZF2grF
Yqp6wHNL2q9qQDfbCTUAMxzkqn+NM79YYcBs3ABg6fNXCX23qEQ67HOcul3Wpq82
ofoUGyJ5XZGhG8xePjkMsuv9te9UaH7rjgiTdQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 07:23:47 2023 by rpki-client on console-ams.rpki-client.org