Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/j0Rbd05LddZU2IhBPhsR1nGRlPY.roa
File: j0Rbd05LddZU2IhBPhsR1nGRlPY.roa (raw, json)
Hash identifier: wtT3/7j86sCf3z+Ss9bsqvEP44jGOs1/b3hw122EJ8k=
Subject key identifier: 8F:44:5B:77:4E:4B:75:D6:54:D8:88:41:3E:1B:11:D6:71:91:94:F6
Certificate issuer: /CN=08fcaaf8d17dd1a65795f714b267f1bce21938b9
Certificate serial: 0186C0E5A9E13C6B4D2DC322AC3A14F86682
Authority key identifier: 08:FC:AA:F8:D1:7D:D1:A6:57:95:F7:14:B2:67:F1:BC:E2:19:38:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPyq-NF90aZXlfcUsmfxvOIZOLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/j0Rbd05LddZU2IhBPhsR1nGRlPY.roa
Signing time: Wed 08 Mar 2023 11:05:22 +0000
ROA not before: Wed 08 Mar 2023 11:05:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205929
IP address blocks: 185.221.61.0/24 maxlen: 24
2a06:89c4:c000::/48 maxlen: 48
2a06:89c3:5010::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c0:e5:a9:e1:3c:6b:4d:2d:c3:22:ac:3a:14:f8:66:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fcaaf8d17dd1a65795f714b267f1bce21938b9
Validity
Not Before: Mar 8 11:05:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8f445b774e4b75d654d888413e1b11d6719194f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:7b:50:aa:f4:e0:34:17:5b:63:b6:68:c9:10:
13:37:2c:77:92:2a:4c:5a:5a:13:e4:c5:33:f4:94:
52:9a:a5:e6:8b:55:47:de:54:9a:a0:a3:5d:1e:64:
eb:05:74:86:5d:95:86:1f:c0:9c:f1:3c:07:60:19:
6b:19:2b:1c:53:b7:e0:61:99:e9:25:d1:f8:1b:e7:
c5:cd:7b:89:f5:79:ea:b7:d9:11:ad:9d:70:fd:de:
39:5f:26:bb:43:2c:31:76:6f:11:ac:f4:0b:8e:81:
b6:a5:f4:93:7d:98:bb:4f:7a:19:2c:64:a2:6e:8f:
32:78:f1:d1:e6:d6:94:53:42:37:2c:e4:2e:f5:72:
ff:df:23:97:04:ad:d2:33:65:d4:77:cd:27:d0:fe:
dd:9a:64:74:5e:c8:e0:03:ff:f8:da:56:95:c0:b0:
8c:df:2e:7b:3f:bb:50:e5:2d:d4:05:44:1d:3d:fd:
05:13:81:b6:1c:6c:35:70:ee:d4:95:2e:dd:af:35:
eb:78:0a:d0:ab:ec:8a:b1:06:b7:cb:0a:02:e9:c8:
35:36:1e:7e:43:34:e7:83:2a:10:c1:49:f1:da:e6:
4b:bf:64:de:41:36:fc:86:f2:2a:f7:57:bf:fc:35:
af:ff:85:f0:8f:fd:d3:f7:f4:f8:cf:c0:46:d3:b6:
9d:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:44:5B:77:4E:4B:75:D6:54:D8:88:41:3E:1B:11:D6:71:91:94:F6
X509v3 Authority Key Identifier:
keyid:08:FC:AA:F8:D1:7D:D1:A6:57:95:F7:14:B2:67:F1:BC:E2:19:38:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPyq-NF90aZXlfcUsmfxvOIZOLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/j0Rbd05LddZU2IhBPhsR1nGRlPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/CPyq-NF90aZXlfcUsmfxvOIZOLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.61.0/24
IPv6:
2a06:89c3:5010::/48
2a06:89c4:c000::/48
Signature Algorithm: sha256WithRSAEncryption
1b:aa:df:aa:6a:c3:f2:80:8a:42:c5:2c:72:00:c7:d5:91:00:
f1:1a:6c:0a:df:1b:10:e6:58:30:06:68:90:01:e4:29:5a:da:
21:32:65:a7:d2:5b:c2:4e:7a:e2:e5:de:79:af:24:3f:93:c6:
2c:82:08:fa:96:14:65:68:fb:8e:c4:f5:80:f4:a0:78:17:73:
11:4f:69:ac:06:65:d3:f4:bd:51:12:a0:c7:9d:58:15:80:e7:
b9:9b:10:92:c1:62:0d:04:8f:bd:6f:80:ee:10:31:8a:81:43:
47:21:f4:3f:ed:82:b5:b4:64:a8:26:53:e1:5d:43:95:e2:4e:
7b:4d:e4:a3:80:e9:f1:f2:bd:35:df:c3:4d:f7:8e:ff:83:99:
0f:f6:c8:c8:e4:bc:bd:df:45:0e:39:f5:ac:34:44:3c:3e:a5:
55:95:ba:36:0f:78:34:f2:29:4c:73:d6:ce:f1:46:a3:4a:b3:
3c:1a:6c:45:ed:9b:8e:63:10:c7:c2:b8:f1:cb:c2:b4:c7:e7:
eb:10:0c:3c:f4:09:d3:6e:46:d8:39:99:71:04:f3:e1:bb:7b:
fe:fb:17:ad:40:e9:d1:d7:37:0d:76:4e:6a:8a:37:11:7e:bd:
08:f8:d8:13:e5:a5:70:01:60:fa:32:09:6b:f5:b7:6b:1a:97:
1a:39:8c:77
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYbA5anhPGtNLcMirDoU+GaCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZmNhYWY4ZDE3ZGQxYTY1Nzk1ZjcxNGIyNjdmMWJjZTIx
OTM4YjkwHhcNMjMwMzA4MTEwNTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjQ0NWI3NzRlNGI3NWQ2NTRkODg4NDEzZTFiMTFkNjcxOTE5NGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXtQqvTgNBdbY7ZoyRATNyx3kipM
WloT5MUz9JRSmqXmi1VH3lSaoKNdHmTrBXSGXZWGH8Cc8TwHYBlrGSscU7fgYZnp
JdH4G+fFzXuJ9Xnqt9kRrZ1w/d45Xya7Qywxdm8RrPQLjoG2pfSTfZi7T3oZLGSi
bo8yePHR5taUU0I3LOQu9XL/3yOXBK3SM2XUd80n0P7dmmR0XsjgA//42laVwLCM
3y57P7tQ5S3UBUQdPf0FE4G2HGw1cO7UlS7drzXreArQq+yKsQa3ywoC6cg1Nh5+
QzTngyoQwUnx2uZLv2TeQTb8hvIq91e//DWv/4Xwj/3T9/T4z8BG07adpwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFI9EW3dOS3XWVNiIQT4bEdZxkZT2MB8GA1UdIwQY
MBaAFAj8qvjRfdGmV5X3FLJn8bziGTi5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1B5cS1ORjkwYVpYbGZjVXNtZnh2T0laT0xrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8wNjgwYWUtMjJmOS00M2JlLTkwYTgt
NzdlZWVhZjcxZDA4LzEvajBSYmQwNUxkZFpVMkloQlBoc1IxbkdSbFBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8wNjgwYWUtMjJmOS00M2JlLTkwYTgtNzdlZWVhZjcxZDA4
LzEvQ1B5cS1ORjkwYVpYbGZjVXNtZnh2T0laT0xrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAud09MBgE
AgACMBIDBwAqBonDUBADBwAqBonEwAAwDQYJKoZIhvcNAQELBQADggEBABuq36pq
w/KAikLFLHIAx9WRAPEabArfGxDmWDAGaJAB5Cla2iEyZafSW8JOeuLl3nmvJD+T
xiyCCPqWFGVo+47E9YD0oHgXcxFPaawGZdP0vVESoMedWBWA57mbEJLBYg0Ej71v
gO4QMYqBQ0ch9D/tgrW0ZKgmU+FdQ5XiTntN5KOA6fHyvTXfw033jv+DmQ/2yMjk
vL3fRQ459aw0RDw+pVWVujYPeDTyKUxz1s7xRqNKszwabEXtm45jEMfCuPHLwrTH
5+sQDDz0CdNuRtg5mXEE8+G7e/77F61A6dHXNw12TmqKNxF+vQj42BPlpXABYPoy
CWv1t2salxo5jHc=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:58 2023 by rpki-client on console-ams.rpki-client.org