Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/0VNDkfYnrGrps8Bw04MHKL6Chk0.roa
File: 0VNDkfYnrGrps8Bw04MHKL6Chk0.roa (raw, json)
Hash identifier: 9Hv2aZoYhtZQKNxep/USCI4jO0m/+qo3VnN6FJl0/rQ=
Subject key identifier: D1:53:43:91:F6:27:AC:6A:E9:B3:C0:70:D3:83:07:28:BE:82:86:4D
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018CEFD67DF6D64425E2740781FF09681A82
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/0VNDkfYnrGrps8Bw04MHKL6Chk0.roa
Signing time: Tue 09 Jan 2024 20:07:40 +0000
ROA not before: Tue 09 Jan 2024 20:07:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 23
81.22.140.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
109.72.123.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 10 Jan 2024 08:28:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ef:d6:7d:f6:d6:44:25:e2:74:07:81:ff:09:68:1a:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 9 20:07:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1534391f627ac6ae9b3c070d3830728be82864d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:1c:7c:bd:91:b7:96:27:32:3d:8c:db:80:56:
29:8e:1e:5a:9a:34:56:4b:ac:e7:33:48:b8:e1:71:
86:f1:43:60:d0:76:c9:d8:f5:6d:75:de:10:38:d7:
02:50:bb:03:ef:6a:db:be:3e:fc:55:38:fd:60:24:
38:9f:a7:43:af:21:4e:45:99:11:28:24:b5:dc:1f:
70:69:69:fd:fc:28:4c:55:be:19:e0:2d:79:3d:a1:
0f:79:e7:1e:36:6c:bc:c7:38:c4:a5:d6:02:8d:4c:
f8:75:7e:ed:b6:78:73:7c:46:ec:d4:ba:6c:60:c2:
69:40:bc:b9:40:72:1c:60:ee:6e:21:96:e1:b0:2f:
bb:c5:e7:04:fe:f0:04:3b:3b:2a:3a:85:98:c1:c0:
86:4e:9e:19:76:0b:36:be:b6:2c:67:a3:72:2d:59:
ce:92:38:6d:0f:d2:25:d2:ab:7a:80:35:4b:f2:fe:
10:07:8a:c3:17:26:d4:40:d2:5b:58:65:35:05:0f:
f4:23:da:e0:1e:36:a9:61:49:8e:b2:54:c2:2d:a5:
64:7a:5d:74:25:15:bd:1a:b1:cc:1b:64:26:50:9d:
67:82:bc:cf:ac:5d:a2:44:f0:c1:6e:c5:4e:9a:a3:
03:e1:d3:84:33:8a:b4:12:5e:20:fd:94:eb:59:4a:
0c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:53:43:91:F6:27:AC:6A:E9:B3:C0:70:D3:83:07:28:BE:82:86:4D
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/0VNDkfYnrGrps8Bw04MHKL6Chk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
109.72.116.0/22
109.72.123.0/24
Signature Algorithm: sha256WithRSAEncryption
76:71:c6:de:1a:6b:73:88:02:95:d8:b9:41:8f:09:d4:61:d4:
8e:ee:26:c1:c2:89:dc:34:b9:b7:5f:38:45:69:ab:f9:4a:33:
0e:f1:88:59:d7:82:82:42:ef:2a:9b:c8:07:93:50:fd:d7:e6:
c9:d1:d1:ff:f0:3b:f4:40:b3:e5:23:cd:dc:2d:6d:47:2a:26:
ba:e5:de:52:e0:f2:8d:22:f2:50:94:a5:83:f4:03:97:d2:b2:
3b:78:3a:dc:3d:81:4d:8b:8a:9f:bb:0c:d4:8b:ad:be:f1:bf:
0e:7e:a6:70:03:90:ce:e3:62:b2:e0:8f:bd:bc:ae:72:31:11:
34:d4:e7:25:48:9d:fb:30:98:35:5b:f4:9d:2a:4f:c4:a5:93:
4e:04:4a:a4:83:34:d9:6b:ad:cc:c0:95:77:8b:d4:ae:ec:8a:
a3:e4:6e:31:7a:98:07:c3:75:76:af:82:8e:52:cc:8f:61:f2:
c2:63:b1:df:fb:6f:ee:59:88:d7:b6:f7:e2:1d:4c:82:0e:ab:
48:fd:54:cd:01:6b:c9:80:6d:3e:00:41:b1:e8:67:fb:a8:ba:
63:f0:4d:7b:af:cb:49:a7:fa:6f:52:7c:b9:1e:cf:60:0d:49:
11:67:78:a5:6f:33:c3:c9:6f:a8:8f:1f:f5:78:9c:48:b7:d7:
8f:34:35:d6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzv1n321kQl4nQHgf8JaBqCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMTA5MjAwNzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTUzNDM5MWY2MjdhYzZhZTliM2MwNzBkMzgzMDcyOGJlODI4NjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxx8vZG3licyPYzbgFYpjh5amjRW
S6znM0i44XGG8UNg0HbJ2PVtdd4QONcCULsD72rbvj78VTj9YCQ4n6dDryFORZkR
KCS13B9waWn9/ChMVb4Z4C15PaEPeeceNmy8xzjEpdYCjUz4dX7ttnhzfEbs1Lps
YMJpQLy5QHIcYO5uIZbhsC+7xecE/vAEOzsqOoWYwcCGTp4Zdgs2vrYsZ6NyLVnO
kjhtD9Il0qt6gDVL8v4QB4rDFybUQNJbWGU1BQ/0I9rgHjapYUmOslTCLaVkel10
JRW9GrHMG2QmUJ1ngrzPrF2iRPDBbsVOmqMD4dOEM4q0El4g/ZTrWUoMdwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNFTQ5H2J6xq6bPAcNODByi+goZNMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvMFZORGtmWW5yR3JwczhCdzA0TUhLTDZDaGswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDURaIAwQC
WbkAAwQCbUh0AwQAbUh7MA0GCSqGSIb3DQEBCwUAA4IBAQB2ccbeGmtziAKV2LlB
jwnUYdSO7ibBwoncNLm3XzhFaav5SjMO8YhZ14KCQu8qm8gHk1D91+bJ0dH/8Dv0
QLPlI83cLW1HKia65d5S4PKNIvJQlKWD9AOX0rI7eDrcPYFNi4qfuwzUi62+8b8O
fqZwA5DO42Ky4I+9vK5yMRE01OclSJ37MJg1W/SdKk/EpZNOBEqkgzTZa63MwJV3
i9Su7Iqj5G4xepgHw3V2r4KOUsyPYfLCY7Hf+2/uWYjXtvfiHUyCDqtI/VTNAWvJ
gG0+AEGx6Gf7qLpj8E17r8tJp/pvUny5Hs9gDUkRZ3ilbzPDyW+ojx/1eJxIt9eP
NDXW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:45 2024 by rpki-client on console-ams.rpki-client.org