Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/9V1O2bTaQVinLaximZutkBHJKPQ.roa
File: 9V1O2bTaQVinLaximZutkBHJKPQ.roa (raw, json)
Hash identifier: BQ9HEFFD+1Jz3+2erzMxa9Tne3IX1kwi6EcH7ck7AmE=
Subject key identifier: F5:5D:4E:D9:B4:DA:41:58:A7:2D:AC:62:99:9B:AD:90:11:C9:28:F4
Certificate issuer: /CN=08fcaaf8d17dd1a65795f714b267f1bce21938b9
Certificate serial: 018A1BDCBBFF33D3EA2583C0629260396876
Authority key identifier: 08:FC:AA:F8:D1:7D:D1:A6:57:95:F7:14:B2:67:F1:BC:E2:19:38:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPyq-NF90aZXlfcUsmfxvOIZOLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/9V1O2bTaQVinLaximZutkBHJKPQ.roa
Signing time: Tue 22 Aug 2023 06:09:25 +0000
ROA not before: Tue 22 Aug 2023 06:09:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205929
IP address blocks: 185.221.61.0/24 maxlen: 24
2a06:89c4:c000::/36 maxlen: 48
2a06:89c4:a000::/48 maxlen: 48
2a06:89c3:5010::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1b:dc:bb:ff:33:d3:ea:25:83:c0:62:92:60:39:68:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fcaaf8d17dd1a65795f714b267f1bce21938b9
Validity
Not Before: Aug 22 06:09:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f55d4ed9b4da4158a72dac62999bad9011c928f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:49:6c:22:b9:78:4e:46:2a:3d:c2:fe:ca:56:
8d:cd:21:ed:de:f6:f5:10:6e:96:d5:18:9d:b0:4e:
8b:c0:ee:5d:68:4d:db:6f:85:97:71:bf:77:92:97:
ee:35:95:2f:ca:77:8f:c1:1c:b8:31:ab:bd:21:25:
76:24:7a:a0:a8:3d:34:38:84:bd:ba:8e:a7:ae:c6:
b2:64:d0:82:6d:12:d6:24:bc:d1:1d:74:9d:bf:7a:
b4:ae:86:c3:c5:f7:e5:27:4f:1f:fb:27:d8:35:81:
8b:c3:87:6f:77:98:af:d1:dd:a4:81:8c:98:30:b4:
27:08:22:d3:16:58:6c:ad:3c:73:cb:5e:c8:59:9c:
02:5e:0f:d9:d0:87:cc:a5:f9:61:a0:26:11:9a:c6:
a1:8f:5a:08:1a:ec:82:1d:ce:89:0b:c0:70:f3:ae:
50:3e:71:a6:9e:87:3c:c4:7a:98:1c:23:b0:c7:48:
b1:57:a0:79:2a:75:b9:3d:82:91:71:e3:07:50:5a:
bf:ab:98:92:ff:6d:5f:04:0f:d2:b4:ef:b2:db:52:
58:80:69:b4:18:27:4b:37:37:bb:fd:51:19:5a:10:
7f:38:37:56:9f:4f:2d:88:3f:c1:f2:ae:d5:91:a9:
34:43:a2:d4:47:82:31:8b:67:25:28:89:76:5b:cb:
cc:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:5D:4E:D9:B4:DA:41:58:A7:2D:AC:62:99:9B:AD:90:11:C9:28:F4
X509v3 Authority Key Identifier:
keyid:08:FC:AA:F8:D1:7D:D1:A6:57:95:F7:14:B2:67:F1:BC:E2:19:38:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPyq-NF90aZXlfcUsmfxvOIZOLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/9V1O2bTaQVinLaximZutkBHJKPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/CPyq-NF90aZXlfcUsmfxvOIZOLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.61.0/24
IPv6:
2a06:89c3:5010::/48
2a06:89c4:a000::/48
2a06:89c4:c000::/36
Signature Algorithm: sha256WithRSAEncryption
2c:ab:f6:23:13:29:3f:d0:52:73:cc:1c:e3:0a:ab:87:01:2a:
7a:88:ea:cf:05:33:b4:ed:ff:b7:17:5b:e4:8b:08:46:8c:95:
3d:81:b8:65:d4:50:d3:14:b7:f0:4f:da:ba:d0:50:c1:68:c8:
6b:96:4a:4c:de:72:15:4f:5b:80:53:de:15:95:ee:a2:75:c7:
38:af:b7:65:2f:4f:ca:93:7d:7f:60:65:28:70:ef:bd:9c:4b:
10:01:e4:22:bd:cd:bc:c2:17:32:64:37:44:db:1a:cd:b2:9d:
a0:72:f7:76:fb:ad:ab:5b:1a:b2:fa:a0:d4:7e:af:e3:56:78:
dd:5f:5e:87:0d:49:d3:22:b0:3c:6d:6d:55:2f:cc:a7:b1:9b:
e1:90:21:ab:23:3a:62:12:f4:ed:fe:ea:b3:eb:1a:98:31:25:
67:4d:7c:17:c1:e9:4d:96:99:68:1b:0c:3e:da:f5:e2:db:d7:
8d:7a:cf:8c:d8:3b:f5:40:35:c5:9f:a0:bb:65:cd:7d:dc:be:
6a:29:d0:bd:cd:4d:b1:2f:00:72:f2:22:b6:54:c6:fe:4c:78:
92:80:be:a7:c1:8c:47:cc:e1:98:16:59:a7:be:0c:14:fd:5c:
7a:db:62:a0:45:1c:73:b1:9f:36:b6:42:a2:e4:97:1f:83:9b:
23:4a:ae:24
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYob3Lv/M9PqJYPAYpJgOWh2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZmNhYWY4ZDE3ZGQxYTY1Nzk1ZjcxNGIyNjdmMWJjZTIx
OTM4YjkwHhcNMjMwODIyMDYwOTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTVkNGVkOWI0ZGE0MTU4YTcyZGFjNjI5OTliYWQ5MDExYzkyOGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0lsIrl4TkYqPcL+ylaNzSHt3vb1
EG6W1RidsE6LwO5daE3bb4WXcb93kpfuNZUvynePwRy4Mau9ISV2JHqgqD00OIS9
uo6nrsayZNCCbRLWJLzRHXSdv3q0robDxfflJ08f+yfYNYGLw4dvd5iv0d2kgYyY
MLQnCCLTFlhsrTxzy17IWZwCXg/Z0IfMpflhoCYRmsahj1oIGuyCHc6JC8Bw865Q
PnGmnoc8xHqYHCOwx0ixV6B5KnW5PYKRceMHUFq/q5iS/21fBA/StO+y21JYgGm0
GCdLNze7/VEZWhB/ODdWn08tiD/B8q7Vkak0Q6LUR4Ixi2clKIl2W8vMsQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFPVdTtm02kFYpy2sYpmbrZARySj0MB8GA1UdIwQY
MBaAFAj8qvjRfdGmV5X3FLJn8bziGTi5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1B5cS1ORjkwYVpYbGZjVXNtZnh2T0laT0xrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8wNjgwYWUtMjJmOS00M2JlLTkwYTgt
NzdlZWVhZjcxZDA4LzEvOVYxTzJiVGFRVmluTGF4aW1adXRrQkhKS1BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8wNjgwYWUtMjJmOS00M2JlLTkwYTgtNzdlZWVhZjcxZDA4
LzEvQ1B5cS1ORjkwYVpYbGZjVXNtZnh2T0laT0xrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAMBAIAATAGAwQAud09MCAE
AgACMBoDBwAqBonDUBADBwAqBonEoAADBgQqBonEwDANBgkqhkiG9w0BAQsFAAOC
AQEALKv2IxMpP9BSc8wc4wqrhwEqeojqzwUztO3/txdb5IsIRoyVPYG4ZdRQ0xS3
8E/autBQwWjIa5ZKTN5yFU9bgFPeFZXuonXHOK+3ZS9PypN9f2BlKHDvvZxLEAHk
Ir3NvMIXMmQ3RNsazbKdoHL3dvutq1sasvqg1H6v41Z43V9ehw1J0yKwPG1tVS/M
p7Gb4ZAhqyM6YhL07f7qs+samDElZ018F8HpTZaZaBsMPtr14tvXjXrPjNg79UA1
xZ+gu2XNfdy+ainQvc1NsS8AcvIitlTG/kx4koC+p8GMR8zhmBZZp74MFP1cetti
oEUcc7GfNrZCouSXH4ObI0quJA==
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:27:33 2024 by rpki-client on console-fra.rpki-client.org