Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/0ldkB73k1yqlYVVCFWAwCmO4FkM.roa
File: 0ldkB73k1yqlYVVCFWAwCmO4FkM.roa (raw, json)
Hash identifier: kCLbFiLU7mpsezrFrnpP/b5VH0ZawD372yU2hPko8Kc=
Subject key identifier: D2:57:64:07:BD:E4:D7:2A:A5:61:55:42:15:60:30:0A:63:B8:16:43
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018D03F1972AF46F95DD0EE4C40B3DE82F6C
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/0ldkB73k1yqlYVVCFWAwCmO4FkM.roa
Signing time: Sat 13 Jan 2024 17:49:40 +0000
ROA not before: Sat 13 Jan 2024 17:49:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23470
IP address blocks: 81.22.141.0/24 maxlen: 24
109.72.112.0/24 maxlen: 24
109.72.123.0/24 maxlen: 24
109.72.119.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Feb 2024 18:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:03:f1:97:2a:f4:6f:95:dd:0e:e4:c4:0b:3d:e8:2f:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 13 17:49:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2576407bde4d72aa56155421560300a63b81643
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:fc:23:a9:3a:45:50:32:ba:c3:43:8e:57:66:
43:d7:22:09:d8:ec:b9:26:1f:98:65:95:4f:63:f8:
15:53:91:bd:23:a7:2b:e9:78:b3:ab:60:3c:27:5a:
69:9a:d7:39:2f:fc:4e:a3:e0:9d:c6:34:e7:57:23:
a3:ea:7b:d8:a2:0c:96:f1:83:81:35:76:e6:64:11:
34:b7:1e:6d:9b:c9:dc:72:9c:40:e4:1a:fe:27:23:
af:69:39:06:17:2c:88:ba:56:fa:65:ab:f1:4e:31:
aa:d9:57:24:c5:e9:7f:57:39:34:66:22:63:66:72:
c9:75:98:f3:54:ab:61:5f:00:80:49:98:37:67:68:
10:22:5a:d5:9c:81:79:43:ef:ab:83:dd:1d:b4:97:
56:81:22:fd:2f:22:76:dc:95:d1:ea:5e:d6:18:37:
a4:5d:e8:3a:89:44:a7:e3:18:ab:40:3f:03:ba:72:
d0:ed:c5:05:84:3d:f0:fd:16:c3:6f:0e:8a:c3:9e:
82:a0:42:74:00:96:be:15:3b:a6:0f:be:e5:cf:48:
51:24:d4:80:99:16:01:d5:4b:b9:30:64:0a:49:d3:
57:50:5e:ff:f9:27:44:2b:7f:86:ee:b4:a7:0b:02:
13:57:2c:d2:8b:54:92:22:93:b0:e3:94:eb:37:61:
44:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:57:64:07:BD:E4:D7:2A:A5:61:55:42:15:60:30:0A:63:B8:16:43
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/0ldkB73k1yqlYVVCFWAwCmO4FkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.141.0/24
109.72.112.0/24
109.72.119.0/24
109.72.123.0/24
Signature Algorithm: sha256WithRSAEncryption
03:83:4a:79:a8:ba:07:c9:1e:23:e3:0a:03:25:eb:4b:79:7f:
19:8e:0b:8a:97:fe:ab:c8:24:52:dc:c7:96:5e:ec:13:2d:55:
db:df:18:72:a3:11:e0:10:80:87:97:ad:8d:ab:ea:40:3d:30:
4f:ee:b7:cf:b8:3d:6f:5a:95:52:ed:61:48:3f:74:79:f5:e3:
cf:43:5f:f9:b9:af:04:02:ed:e7:3c:51:1b:4d:0e:90:9f:e0:
f4:34:6c:ce:8f:0e:b1:f7:e8:13:d7:b1:d8:2e:9e:1a:f2:c6:
e5:01:07:82:e2:a8:47:a1:d9:61:d9:6b:0a:73:2e:88:57:74:
03:a0:cc:03:b0:75:f1:09:0d:30:75:d8:93:e0:5a:ce:60:e7:
e5:89:5b:4c:4b:b8:3c:2d:94:e6:9f:31:40:4d:0f:ac:47:64:
58:d5:03:3d:4c:62:7b:56:1e:e9:c3:a4:fe:02:d7:07:f4:8f:
4f:97:8e:54:ee:b1:97:01:39:f9:13:a8:eb:b2:bc:e2:c7:90:
cf:2f:9d:c4:1f:3f:79:a5:4c:59:c6:16:02:09:dd:af:a3:97:
da:4b:03:f8:c8:e4:7d:04:56:71:95:18:e5:ad:62:8c:e2:8b:
e0:1d:f7:e5:ab:08:7e:fb:bb:91:9f:db:49:2f:95:83:71:db:
74:1e:00:b3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY0D8Zcq9G+V3Q7kxAs96C9sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMTEzMTc0OTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjU3NjQwN2JkZTRkNzJhYTU2MTU1NDIxNTYwMzAwYTYzYjgxNjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/wjqTpFUDK6w0OOV2ZD1yIJ2Oy5
Jh+YZZVPY/gVU5G9I6cr6Xizq2A8J1ppmtc5L/xOo+CdxjTnVyOj6nvYogyW8YOB
NXbmZBE0tx5tm8nccpxA5Br+JyOvaTkGFyyIulb6ZavxTjGq2Vckxel/Vzk0ZiJj
ZnLJdZjzVKthXwCASZg3Z2gQIlrVnIF5Q++rg90dtJdWgSL9LyJ23JXR6l7WGDek
Xeg6iUSn4xirQD8DunLQ7cUFhD3w/RbDbw6Kw56CoEJ0AJa+FTumD77lz0hRJNSA
mRYB1Uu5MGQKSdNXUF7/+SdEK3+G7rSnCwITVyzSi1SSIpOw45TrN2FENwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNJXZAe95NcqpWFVQhVgMApjuBZDMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvMGxka0I3M2sxeXFsWVZWQ0ZXQXdDbU80RmtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAURaNAwQA
bUhwAwQAbUh3AwQAbUh7MA0GCSqGSIb3DQEBCwUAA4IBAQADg0p5qLoHyR4j4woD
JetLeX8ZjguKl/6ryCRS3MeWXuwTLVXb3xhyoxHgEICHl62Nq+pAPTBP7rfPuD1v
WpVS7WFIP3R59ePPQ1/5ua8EAu3nPFEbTQ6Qn+D0NGzOjw6x9+gT17HYLp4a8sbl
AQeC4qhHodlh2WsKcy6IV3QDoMwDsHXxCQ0wddiT4FrOYOfliVtMS7g8LZTmnzFA
TQ+sR2RY1QM9TGJ7Vh7pw6T+AtcH9I9Pl45U7rGXATn5E6jrsrzix5DPL53EHz95
pUxZxhYCCd2vo5faSwP4yOR9BFZxlRjlrWKM4ovgHfflqwh++7uRn9tJL5WDcdt0
HgCz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:45 2024 by rpki-client on console-ams.rpki-client.org