Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/htjO5Ns35uP98PLJQTy86gHYUS0.roa
File: htjO5Ns35uP98PLJQTy86gHYUS0.roa (raw, json)
Hash identifier: LejtT66N9Jw9tC6OZuuwThsFvXEpUrwo6HX8tkR29pI=
Subject key identifier: 86:D8:CE:E4:DB:37:E6:E3:FD:F0:F2:C9:41:3C:BC:EA:01:D8:51:2D
Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Certificate serial: 01897215EC85EEA70389DC483AEB860F766C
Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/htjO5Ns35uP98PLJQTy86gHYUS0.roa
Signing time: Thu 20 Jul 2023 06:56:26 +0000
ROA not before: Thu 20 Jul 2023 06:56:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199527
IP address blocks: 213.252.242.0/24 maxlen: 24
213.252.251.0/24 maxlen: 24
213.252.253.0/24 maxlen: 24
213.252.250.0/24 maxlen: 24
185.189.152.0/24 maxlen: 24
213.252.210.0/24 maxlen: 24
213.252.209.0/24 maxlen: 24
213.252.208.0/24 maxlen: 24
2a00:f501:a001::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:72:15:ec:85:ee:a7:03:89:dc:48:3a:eb:86:0f:76:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Validity
Not Before: Jul 20 06:56:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86d8cee4db37e6e3fdf0f2c9413cbcea01d8512d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:5d:8c:0f:5d:21:e4:ed:81:16:c6:66:b1:62:
14:d1:53:6d:eb:f2:27:13:00:01:95:df:04:19:a0:
3d:89:bd:56:f6:d7:76:94:0b:79:b7:3e:2f:91:66:
1c:2e:b5:ff:8a:1b:55:94:09:bb:0e:14:93:35:d1:
9d:54:54:77:37:2b:ff:77:ff:a6:d5:74:34:a2:a9:
46:64:b9:a8:3b:cb:8c:d1:45:10:39:50:90:04:df:
61:8f:5d:b4:f2:ae:37:1b:34:36:66:a9:dc:05:38:
f5:0e:96:c5:aa:7a:74:5f:65:7f:37:d1:33:a7:aa:
df:f0:da:66:af:4d:1d:fa:6a:7e:77:5a:8b:a9:cd:
a5:e9:7e:3a:29:7a:fc:56:4e:49:0e:81:d8:72:c0:
d7:6e:55:ab:b2:ea:9d:78:13:40:70:63:69:84:c3:
14:9c:df:27:c2:7d:37:1d:6b:96:68:17:4e:fc:17:
c6:3b:9c:6d:6e:f4:8f:7a:85:ab:01:e6:d5:ff:ca:
86:d5:4f:2d:b6:9a:c5:b8:8b:41:c3:a5:25:37:7e:
9c:26:80:3d:ec:13:dc:21:86:cd:87:9d:0d:a4:d9:
d0:9f:94:5c:09:c9:73:68:e4:68:52:a7:a0:76:1c:
e3:7b:c9:06:83:df:7c:ca:cb:8f:7c:8d:23:1b:0f:
16:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:D8:CE:E4:DB:37:E6:E3:FD:F0:F2:C9:41:3C:BC:EA:01:D8:51:2D
X509v3 Authority Key Identifier:
keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/htjO5Ns35uP98PLJQTy86gHYUS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.152.0/24
213.252.208.0-213.252.210.255
213.252.242.0/24
213.252.250.0/23
213.252.253.0/24
IPv6:
2a00:f501:a001::/48
Signature Algorithm: sha256WithRSAEncryption
23:f0:6b:28:41:ca:a8:6c:3c:e6:99:02:14:a0:9c:36:6e:54:
c7:78:3a:f6:12:26:60:7a:61:13:d8:92:41:d2:92:0f:82:5f:
49:31:c5:da:4d:fc:0d:e5:55:d2:36:4a:19:ff:92:f4:55:cc:
1d:56:6f:dc:5e:ec:96:75:72:e1:06:c8:38:35:a6:88:5d:a4:
dc:36:bf:21:fc:11:43:89:98:25:39:3a:f7:54:35:11:2a:aa:
cf:cb:7f:5c:c1:31:66:45:0c:47:4a:06:d4:c4:65:52:6c:db:
6e:c1:e2:bc:5d:04:1c:c9:9c:1b:ab:1f:81:31:4b:a1:4a:ab:
e9:34:c1:5b:b2:99:e4:33:0b:3f:f0:25:86:b0:2e:bb:11:53:
a3:45:c3:8e:be:45:4b:0d:93:2e:82:7b:32:a9:39:2b:0e:90:
95:44:6f:92:ff:fe:ec:ae:e1:d7:69:71:58:d8:34:ed:0b:a9:
c9:8a:50:f9:89:e8:c5:16:2b:31:f9:cb:e7:21:0f:81:63:60:
5b:1e:29:ad:fd:6c:70:d1:4f:32:8f:dd:d5:5d:3c:91:76:6d:
74:2d:f1:e7:3a:c9:ac:29:67:df:cb:ef:e9:8c:08:4a:36:2a:
71:80:87:41:78:4e:00:a1:9b:3e:b6:98:7a:67:fd:dc:0b:0e:
83:87:3d:1b
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYlyFeyF7qcDidxIOuuGD3ZsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3
MTE4MGQwHhcNMjMwNzIwMDY1NjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmQ4Y2VlNGRiMzdlNmUzZmRmMGYyYzk0MTNjYmNlYTAxZDg1MTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr12MD10h5O2BFsZmsWIU0VNt6/In
EwABld8EGaA9ib1W9td2lAt5tz4vkWYcLrX/ihtVlAm7DhSTNdGdVFR3Nyv/d/+m
1XQ0oqlGZLmoO8uM0UUQOVCQBN9hj1208q43GzQ2ZqncBTj1DpbFqnp0X2V/N9Ez
p6rf8Npmr00d+mp+d1qLqc2l6X46KXr8Vk5JDoHYcsDXblWrsuqdeBNAcGNphMMU
nN8nwn03HWuWaBdO/BfGO5xtbvSPeoWrAebV/8qG1U8ttprFuItBw6UlN36cJoA9
7BPcIYbNh50NpNnQn5RcCclzaORoUqegdhzje8kGg998ysuPfI0jGw8WiwIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFIbYzuTbN+bj/fDyyUE8vOoB2FEtMB8GA1UdIwQY
MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt
MDQ2ODA0MjQ4NmRjLzEvaHRqTzVOczM1dVA5OFBMSlFUeTg2Z0hZVVMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj
LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAsBAIAATAmAwQAub2YMAwD
BATV/NADBADV/NIDBADV/PIDBAHV/PoDBADV/P0wDwQCAAIwCQMHACoA9QGgATAN
BgkqhkiG9w0BAQsFAAOCAQEAI/BrKEHKqGw85pkCFKCcNm5Ux3g69hImYHphE9iS
QdKSD4JfSTHF2k38DeVV0jZKGf+S9FXMHVZv3F7slnVy4QbIODWmiF2k3Da/IfwR
Q4mYJTk691Q1ESqqz8t/XMExZkUMR0oG1MRlUmzbbsHivF0EHMmcG6sfgTFLoUqr
6TTBW7KZ5DMLP/AlhrAuuxFTo0XDjr5FSw2TLoJ7Mqk5Kw6QlURvkv/+7K7h12lx
WNg07QupyYpQ+YnoxRYrMfnL5yEPgWNgWx4prf1scNFPMo/d1V08kXZtdC3x5zrJ
rCln38vv6YwISjYqcYCHQXhOAKGbPraYemf93AsOg4c9Gw==
-----END CERTIFICATE-----
Generated at Wed Oct 25 14:56:23 2023 by rpki-client on console-ams.rpki-client.org