Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/8DJCzhbTRJC6_C5WFpvvU53kraQ.roa
File: 8DJCzhbTRJC6_C5WFpvvU53kraQ.roa (raw, json)
Hash identifier: HfKy5GkDEFM12axeCJcR2D0+B7rmjrm+ymWtD3B6KZY=
Subject key identifier: F0:32:42:CE:16:D3:44:90:BA:FC:2E:56:16:9B:EF:53:9D:E4:AD:A4
Certificate issuer: /CN=08fcaaf8d17dd1a65795f714b267f1bce21938b9
Certificate serial: 018902413D1047A1151F4F49CBB439F67628
Authority key identifier: 08:FC:AA:F8:D1:7D:D1:A6:57:95:F7:14:B2:67:F1:BC:E2:19:38:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPyq-NF90aZXlfcUsmfxvOIZOLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/8DJCzhbTRJC6_C5WFpvvU53kraQ.roa
Signing time: Wed 28 Jun 2023 13:46:17 +0000
ROA not before: Wed 28 Jun 2023 13:46:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205929
IP address blocks: 185.221.61.0/24 maxlen: 24
2a06:89c4:c000::/48 maxlen: 48
2a06:89c4:a000::/48 maxlen: 48
2a06:89c3:5010::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:02:41:3d:10:47:a1:15:1f:4f:49:cb:b4:39:f6:76:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fcaaf8d17dd1a65795f714b267f1bce21938b9
Validity
Not Before: Jun 28 13:46:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f03242ce16d34490bafc2e56169bef539de4ada4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:01:0a:ad:04:05:f1:c2:8f:1b:4c:de:c0:b4:
d5:20:b3:16:2b:18:8d:06:f7:ee:60:8b:c1:f2:d6:
e6:78:28:ec:fe:6f:4f:86:ca:f5:e5:bb:cf:7f:84:
9a:8b:e3:fe:19:a4:7e:e7:26:e9:17:88:66:0d:9f:
51:63:e2:f0:d4:35:0f:25:03:7f:a2:f9:08:c8:15:
37:59:31:4f:d3:6b:8b:db:5f:a3:f9:8a:08:93:6a:
c0:98:6c:72:23:8a:25:2a:19:ac:dc:82:11:32:2d:
de:23:7d:32:a6:5b:62:92:3d:60:b1:d4:8f:2e:df:
d0:12:a3:0e:07:02:cb:d6:2b:b7:31:e3:96:c2:14:
05:0e:6b:ad:f5:0f:56:e3:9a:3a:56:72:62:9a:fa:
50:8d:36:82:59:4e:9e:fc:1c:a8:de:28:30:52:97:
6d:d5:70:e3:8d:09:f8:09:85:2b:73:70:89:41:cf:
84:08:f7:61:58:ca:bd:71:57:87:aa:20:ca:5a:fd:
96:2f:a6:e1:7b:22:55:2c:e7:8b:c8:48:09:95:b7:
b2:e0:c4:fe:67:53:6c:27:8e:cb:6a:3a:24:ba:56:
67:33:ab:f8:62:8f:9f:1d:45:c7:c8:93:1c:6d:ba:
17:0e:6d:51:98:bf:51:a2:a6:21:cf:9c:7a:ec:dd:
a8:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:32:42:CE:16:D3:44:90:BA:FC:2E:56:16:9B:EF:53:9D:E4:AD:A4
X509v3 Authority Key Identifier:
keyid:08:FC:AA:F8:D1:7D:D1:A6:57:95:F7:14:B2:67:F1:BC:E2:19:38:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPyq-NF90aZXlfcUsmfxvOIZOLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/8DJCzhbTRJC6_C5WFpvvU53kraQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/CPyq-NF90aZXlfcUsmfxvOIZOLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.61.0/24
IPv6:
2a06:89c3:5010::/48
2a06:89c4:a000::/48
2a06:89c4:c000::/48
Signature Algorithm: sha256WithRSAEncryption
17:b1:42:ba:d5:d6:8b:f0:5b:c6:41:79:9e:a7:09:ce:c7:16:
28:1a:e3:1d:6d:95:16:a4:46:11:4e:a4:02:0e:c7:44:4f:d6:
56:69:1b:bb:3e:2d:76:0f:a5:10:70:6b:c8:9d:42:f4:e4:10:
a8:da:d2:10:41:bd:89:d5:eb:3e:38:2b:89:14:a1:26:96:64:
51:46:a1:29:9a:67:07:52:30:29:7d:36:33:2c:ed:43:e9:fb:
89:de:fb:9d:46:5a:70:66:b5:ce:27:70:a6:33:c4:5b:cd:e0:
d2:9e:80:06:02:99:ca:ef:8d:18:01:a0:04:17:f7:2c:be:f6:
dd:ca:48:b7:a6:23:99:fc:ac:c2:22:8e:7d:49:93:a9:61:a8:
d5:b4:35:fe:7b:e5:6f:ba:d4:2a:71:84:2f:bc:18:b3:54:db:
f4:05:e6:a0:3a:c3:90:8d:76:ac:84:de:49:dd:d1:4f:49:a6:
9b:27:24:af:cd:46:fa:a9:5b:69:f4:9c:ee:f1:2b:17:ba:63:
f5:f4:aa:91:8e:0d:36:f5:55:35:61:e4:89:29:17:b0:91:c6:
af:be:61:c1:95:7d:b7:0a:b8:76:45:26:c5:89:5c:8e:ae:f6:
a0:6f:09:85:85:36:9c:d1:c2:b1:6c:05:4f:0e:1c:db:17:c9:
e5:54:8d:72
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYkCQT0QR6EVH09Jy7Q59nYoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZmNhYWY4ZDE3ZGQxYTY1Nzk1ZjcxNGIyNjdmMWJjZTIx
OTM4YjkwHhcNMjMwNjI4MTM0NjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDMyNDJjZTE2ZDM0NDkwYmFmYzJlNTYxNjliZWY1MzlkZTRhZGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwEKrQQF8cKPG0zewLTVILMWKxiN
BvfuYIvB8tbmeCjs/m9Phsr15bvPf4Sai+P+GaR+5ybpF4hmDZ9RY+Lw1DUPJQN/
ovkIyBU3WTFP02uL21+j+YoIk2rAmGxyI4olKhms3IIRMi3eI30ypltikj1gsdSP
Lt/QEqMOBwLL1iu3MeOWwhQFDmut9Q9W45o6VnJimvpQjTaCWU6e/Byo3igwUpdt
1XDjjQn4CYUrc3CJQc+ECPdhWMq9cVeHqiDKWv2WL6bheyJVLOeLyEgJlbey4MT+
Z1NsJ47LajokulZnM6v4Yo+fHUXHyJMcbboXDm1RmL9RoqYhz5x67N2oFQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFPAyQs4W00SQuvwuVhab71Od5K2kMB8GA1UdIwQY
MBaAFAj8qvjRfdGmV5X3FLJn8bziGTi5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1B5cS1ORjkwYVpYbGZjVXNtZnh2T0laT0xrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8wNjgwYWUtMjJmOS00M2JlLTkwYTgt
NzdlZWVhZjcxZDA4LzEvOERKQ3poYlRSSkM2X0M1V0ZwdnZVNTNrcmFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8wNjgwYWUtMjJmOS00M2JlLTkwYTgtNzdlZWVhZjcxZDA4
LzEvQ1B5cS1ORjkwYVpYbGZjVXNtZnh2T0laT0xrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAMBAIAATAGAwQAud09MCEE
AgACMBsDBwAqBonDUBADBwAqBonEoAADBwAqBonEwAAwDQYJKoZIhvcNAQELBQAD
ggEBABexQrrV1ovwW8ZBeZ6nCc7HFiga4x1tlRakRhFOpAIOx0RP1lZpG7s+LXYP
pRBwa8idQvTkEKja0hBBvYnV6z44K4kUoSaWZFFGoSmaZwdSMCl9NjMs7UPp+4ne
+51GWnBmtc4ncKYzxFvN4NKegAYCmcrvjRgBoAQX9yy+9t3KSLemI5n8rMIijn1J
k6lhqNW0Nf575W+61CpxhC+8GLNU2/QF5qA6w5CNdqyE3knd0U9JppsnJK/NRvqp
W2n0nO7xKxe6Y/X0qpGODTb1VTVh5IkpF7CRxq++YcGVfbcKuHZFJsWJXI6u9qBv
CYWFNpzRwrFsBU8OHNsXyeVUjXI=
-----END CERTIFICATE-----
Generated at Tue Aug 22 06:28:30 2023 by rpki-client on console-fra.rpki-client.org