Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/0Va-fYazfz-Y6Xx7sDrk15--eIM.roa
File: 0Va-fYazfz-Y6Xx7sDrk15--eIM.roa (raw, json)
Hash identifier: AfebxzF4FLRw40ufa1ZSIdYKEzbTp9uuOmWEC1yOGR0=
Subject key identifier: D1:56:BE:7D:86:B3:7F:3F:98:E9:7C:7B:B0:3A:E4:D7:9F:BE:78:83
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018C40527473C429C93B28DE8545245A0244
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/0Va-fYazfz-Y6Xx7sDrk15--eIM.roa
Signing time: Wed 06 Dec 2023 18:09:54 +0000
ROA not before: Wed 06 Dec 2023 18:09:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 24
89.185.24.0/22 maxlen: 24
81.22.140.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
109.72.123.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 08 Dec 2023 23:24:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:40:52:74:73:c4:29:c9:3b:28:de:85:45:24:5a:02:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Dec 6 18:09:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d156be7d86b37f3f98e97c7bb03ae4d79fbe7883
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:a5:58:3e:de:e5:2b:29:01:91:1e:d6:6a:0e:
87:57:85:95:7f:73:99:cf:49:9c:eb:62:6b:6c:93:
34:e7:56:73:e9:24:68:ba:db:f2:19:39:68:fc:f8:
b3:a1:67:de:d5:d6:20:8c:2c:8e:db:8c:88:51:fd:
45:24:8f:db:06:73:14:71:1e:74:58:83:52:2f:65:
46:90:74:a9:60:f7:7a:b8:26:dd:fa:37:29:72:19:
3f:ec:ea:66:f3:61:ae:7f:ec:5b:3c:bb:05:dc:49:
79:c3:b6:21:41:75:53:74:e2:d9:ac:be:db:25:cb:
5a:30:fd:e8:80:87:54:72:9a:2b:e4:10:38:18:2c:
6b:cb:4c:b5:f3:c6:4d:7b:ae:d4:fc:54:40:84:7e:
7c:3c:e8:95:18:dc:1c:f9:0e:44:07:2a:2c:e8:0e:
de:32:66:c9:ec:91:2a:f8:73:87:2d:52:63:4c:59:
0d:c7:b0:0e:f4:eb:df:af:39:be:fe:8a:27:7b:61:
eb:de:32:bf:1a:be:9d:8c:a6:f0:f7:7f:4a:d4:62:
36:a0:38:7c:bb:5f:61:1e:8f:6c:d0:9c:34:18:5e:
ed:12:58:7d:f8:8e:7d:4f:4b:07:0e:20:42:17:60:
b4:5d:3d:25:07:74:df:71:9d:87:18:58:66:de:cd:
b5:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:56:BE:7D:86:B3:7F:3F:98:E9:7C:7B:B0:3A:E4:D7:9F:BE:78:83
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/0Va-fYazfz-Y6Xx7sDrk15--eIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
89.185.24.0/22
109.72.116.0/22
109.72.123.0/24
Signature Algorithm: sha256WithRSAEncryption
04:05:a4:7a:73:d0:5c:e3:8c:11:45:07:21:92:6e:dc:93:8d:
6e:31:e9:51:6f:c8:65:c3:8c:3f:11:1b:3c:bf:a2:98:3d:15:
23:25:9d:a1:33:8f:ba:55:94:97:27:32:ca:4f:00:56:b5:9f:
8c:8a:4e:55:d6:e9:3c:f7:d4:fe:d5:27:ea:d4:2f:bc:86:12:
8e:ab:c7:91:95:94:6f:a2:13:0e:27:3b:ff:cb:dd:6d:84:fd:
b4:ac:eb:33:c2:12:19:a2:c2:7c:87:03:16:8d:83:62:4c:9b:
f2:98:d2:39:94:92:98:f7:cb:76:6a:dc:5e:30:a3:43:da:89:
d0:88:3b:f9:42:76:cf:43:4d:e2:96:ef:fa:bd:6a:70:ea:33:
ec:ee:f6:43:73:00:b4:1b:9f:76:16:97:bb:2b:7f:00:6e:a7:
b8:41:c7:e2:30:c5:b6:e6:20:f3:1a:03:42:53:dc:37:d7:8f:
5a:a8:0a:96:db:b8:b5:fb:77:f7:2b:60:df:63:8c:de:7b:99:
6d:5b:38:f1:a2:56:d0:51:f8:26:8b:dc:d2:21:fc:8f:a7:46:
17:39:49:77:ea:6c:8c:52:ce:9c:6c:23:34:ee:43:17:a4:25:
c0:2a:c2:30:3f:f4:5a:49:83:6b:02:88:c0:32:0c:e8:3e:ba:
2d:bd:92:b6
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYxAUnRzxCnJOyjehUUkWgJEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMxMjA2MTgwOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTU2YmU3ZDg2YjM3ZjNmOThlOTdjN2JiMDNhZTRkNzlmYmU3ODgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA16VYPt7lKykBkR7Wag6HV4WVf3OZ
z0mc62JrbJM051Zz6SRoutvyGTlo/PizoWfe1dYgjCyO24yIUf1FJI/bBnMUcR50
WINSL2VGkHSpYPd6uCbd+jcpchk/7Opm82Guf+xbPLsF3El5w7YhQXVTdOLZrL7b
JctaMP3ogIdUcpor5BA4GCxry0y188ZNe67U/FRAhH58POiVGNwc+Q5EByos6A7e
MmbJ7JEq+HOHLVJjTFkNx7AO9Ovfrzm+/oone2Hr3jK/Gr6djKbw939K1GI2oDh8
u19hHo9s0Jw0GF7tElh9+I59T0sHDiBCF2C0XT0lB3TfcZ2HGFhm3s213QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNFWvn2Gs38/mOl8e7A65NefvniDMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvMFZhLWZZYXpmei1ZNlh4N3NEcmsxNS0tZUlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDURaIAwQC
WbkAAwQCWbkYAwQCbUh0AwQAbUh7MA0GCSqGSIb3DQEBCwUAA4IBAQAEBaR6c9Bc
44wRRQchkm7ck41uMelRb8hlw4w/ERs8v6KYPRUjJZ2hM4+6VZSXJzLKTwBWtZ+M
ik5V1uk899T+1Sfq1C+8hhKOq8eRlZRvohMOJzv/y91thP20rOszwhIZosJ8hwMW
jYNiTJvymNI5lJKY98t2atxeMKND2onQiDv5QnbPQ03ilu/6vWpw6jPs7vZDcwC0
G592Fpe7K38Abqe4QcfiMMW25iDzGgNCU9w3149aqAqW27i1+3f3K2DfY4zee5lt
WzjxolbQUfgmi9zSIfyPp0YXOUl36myMUs6cbCM07kMXpCXAKsIwP/RaSYNrAojA
MgzoProtvZK2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:14 2024 by rpki-client on console-fra.rpki-client.org