Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/1d4cfc-8e5c-457c-9620-135c91ec199e/1/8Td_-wKHKuCVO_sFGb84wUbp9ik.roa
File: 8Td_-wKHKuCVO_sFGb84wUbp9ik.roa (raw, json)
Hash identifier: 5n6OiXFO5dfcbpBK/yf96pNxxiC7Wd4EWRBHbS/bKCg=
Subject key identifier: F1:37:7F:FB:02:87:2A:E0:95:3B:FB:05:19:BF:38:C1:46:E9:F6:29
Certificate issuer: /CN=a0dbd5d1f86dd9dd66606a14d31d64cb0eaac83b
Certificate serial: 01889A4D877EBDBFA187E8B579258A58674F
Authority key identifier: A0:DB:D5:D1:F8:6D:D9:DD:66:60:6A:14:D3:1D:64:CB:0E:AA:C8:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNvV0fht2d1mYGoU0x1kyw6qyDs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/1d4cfc-8e5c-457c-9620-135c91ec199e/1/8Td_-wKHKuCVO_sFGb84wUbp9ik.roa
Signing time: Thu 08 Jun 2023 09:19:12 +0000
ROA not before: Thu 08 Jun 2023 09:19:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 185.200.209.0/24 maxlen: 24
185.200.211.0/24 maxlen: 24
185.200.208.0/24 maxlen: 24
185.200.210.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9a:4d:87:7e:bd:bf:a1:87:e8:b5:79:25:8a:58:67:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0dbd5d1f86dd9dd66606a14d31d64cb0eaac83b
Validity
Not Before: Jun 8 09:19:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1377ffb02872ae0953bfb0519bf38c146e9f629
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:0f:46:51:dd:59:bc:df:96:ff:81:f1:66:99:
66:4b:2e:96:e1:6c:23:18:28:32:c9:de:5d:63:60:
a8:9d:96:40:36:8a:d8:64:66:e2:f0:92:b9:af:40:
8b:79:59:c2:65:16:72:28:80:29:0b:5f:f5:73:26:
25:92:67:92:52:68:9c:d2:e5:75:93:1f:0c:83:a3:
3b:06:63:4f:fa:73:7c:e2:aa:1c:a2:3c:b6:56:bb:
d7:9d:ad:b7:71:79:a5:02:7e:09:1b:12:3b:6e:a9:
55:d9:0f:62:9c:61:54:d4:b9:4d:13:96:64:d3:48:
16:ff:a5:42:27:22:94:ab:e8:0e:a1:5b:b8:16:f2:
a9:b0:5e:68:e1:72:ce:5f:64:bd:95:41:de:2f:75:
7a:78:9f:2a:2e:86:4b:87:6c:cc:b7:77:ff:b7:96:
14:6b:f2:1d:2d:f5:4d:83:eb:5d:9e:31:57:84:18:
a2:03:40:b6:b5:93:69:1b:4c:81:16:bc:75:5e:1a:
77:eb:e9:43:55:5c:68:44:e9:ba:b9:cb:bf:66:b3:
6d:dc:e1:25:72:4f:5d:dd:db:9a:60:5e:b5:49:e5:
7b:65:50:74:73:94:e1:d1:80:42:ea:94:d5:8f:1e:
f0:fd:e3:9c:04:cf:a3:d0:70:03:58:89:45:fc:7a:
94:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:37:7F:FB:02:87:2A:E0:95:3B:FB:05:19:BF:38:C1:46:E9:F6:29
X509v3 Authority Key Identifier:
keyid:A0:DB:D5:D1:F8:6D:D9:DD:66:60:6A:14:D3:1D:64:CB:0E:AA:C8:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNvV0fht2d1mYGoU0x1kyw6qyDs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/1d4cfc-8e5c-457c-9620-135c91ec199e/1/8Td_-wKHKuCVO_sFGb84wUbp9ik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/1d4cfc-8e5c-457c-9620-135c91ec199e/1/oNvV0fht2d1mYGoU0x1kyw6qyDs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.208.0/22
Signature Algorithm: sha256WithRSAEncryption
ad:79:0f:c8:e4:a9:12:f3:d0:08:e0:d6:d9:b6:f1:27:42:c3:
bc:10:7e:be:7d:d8:59:9c:20:1c:7f:1c:89:ab:ee:18:2e:89:
27:5b:19:58:19:90:45:86:3f:ad:5e:55:14:6f:fc:ad:cd:7d:
6e:4c:db:f8:ec:bf:2a:21:94:c4:02:cb:51:a6:ff:d4:29:d0:
a7:92:72:78:58:39:84:ab:be:a0:e4:6f:c0:26:5b:67:6d:8f:
2d:a5:79:30:3f:fc:91:36:a3:49:65:75:63:76:d1:97:a6:31:
14:76:7a:28:74:1f:2b:e1:92:8d:ce:b8:64:c1:66:03:8b:a0:
70:44:e0:26:fe:35:08:3f:dc:71:7c:ae:12:97:0e:be:2e:25:
fa:5f:05:20:09:50:11:19:06:bd:f8:6c:77:46:02:e3:19:8e:
97:e7:45:df:c9:88:27:0c:69:da:5d:dd:80:f4:d7:b2:72:22:
4c:0f:7d:48:5e:43:b2:43:92:f6:f1:52:21:ba:d7:78:3a:36:
c2:37:81:b9:d6:35:84:7b:45:65:2a:fe:88:d4:53:eb:74:69:
14:07:19:d2:1c:c0:bb:f1:56:a3:a5:cd:4a:a4:4c:ac:cb:b8:
6d:90:98:87:bc:46:37:59:5b:b9:d6:3b:3f:ea:d4:6a:df:69:
0f:4c:57:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiaTYd+vb+hh+i1eSWKWGdPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZGJkNWQxZjg2ZGQ5ZGQ2NjYwNmExNGQzMWQ2NGNiMGVh
YWM4M2IwHhcNMjMwNjA4MDkxOTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTM3N2ZmYjAyODcyYWUwOTUzYmZiMDUxOWJmMzhjMTQ2ZTlmNjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhw9GUd1ZvN+W/4HxZplmSy6W4Wwj
GCgyyd5dY2ConZZANorYZGbi8JK5r0CLeVnCZRZyKIApC1/1cyYlkmeSUmic0uV1
kx8Mg6M7BmNP+nN84qocojy2VrvXna23cXmlAn4JGxI7bqlV2Q9inGFU1LlNE5Zk
00gW/6VCJyKUq+gOoVu4FvKpsF5o4XLOX2S9lUHeL3V6eJ8qLoZLh2zMt3f/t5YU
a/IdLfVNg+tdnjFXhBiiA0C2tZNpG0yBFrx1Xhp36+lDVVxoROm6ucu/ZrNt3OEl
ck9d3duaYF61SeV7ZVB0c5Th0YBC6pTVjx7w/eOcBM+j0HADWIlF/HqUQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPE3f/sChyrglTv7BRm/OMFG6fYpMB8GA1UdIwQY
MBaAFKDb1dH4bdndZmBqFNMdZMsOqsg7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb052VjBmaHQyZDFtWUdvVTB4MWt5dzZxeURzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8xZDRjZmMtOGU1Yy00NTdjLTk2MjAt
MTM1YzkxZWMxOTllLzEvOFRkXy13S0hLdUNWT19zRkdiODR3VWJwOWlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8xZDRjZmMtOGU1Yy00NTdjLTk2MjAtMTM1YzkxZWMxOTll
LzEvb052VjBmaHQyZDFtWUdvVTB4MWt5dzZxeURzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucjQMA0G
CSqGSIb3DQEBCwUAA4IBAQCteQ/I5KkS89AI4NbZtvEnQsO8EH6+fdhZnCAcfxyJ
q+4YLoknWxlYGZBFhj+tXlUUb/ytzX1uTNv47L8qIZTEAstRpv/UKdCnknJ4WDmE
q76g5G/AJltnbY8tpXkwP/yRNqNJZXVjdtGXpjEUdnoodB8r4ZKNzrhkwWYDi6Bw
ROAm/jUIP9xxfK4Slw6+LiX6XwUgCVARGQa9+Gx3RgLjGY6X50XfyYgnDGnaXd2A
9NeyciJMD31IXkOyQ5L28VIhutd4OjbCN4G51jWEe0VlKv6I1FPrdGkUBxnSHMC7
8Vajpc1KpEysy7htkJiHvEY3WVu51js/6tRq32kPTFfu
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:27:52 2024 by rpki-client on console-fra.rpki-client.org