Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/0uqR2WxhpbdMFLjfDdzT5jh6uBs.roa
File: 0uqR2WxhpbdMFLjfDdzT5jh6uBs.roa (raw, json)
Hash identifier: lvPpTeT0k+rVyXLVogsKSXHqN4EnKU8OiVXmoROIy8U=
Subject key identifier: D2:EA:91:D9:6C:61:A5:B7:4C:14:B8:DF:0D:DC:D3:E6:38:7A:B8:1B
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018CC649C97FE25339DDD42F5BD6D1FCA33E
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/0uqR2WxhpbdMFLjfDdzT5jh6uBs.roa
Signing time: Mon 01 Jan 2024 18:29:33 +0000
ROA not before: Mon 01 Jan 2024 18:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60528
IP address blocks: 81.22.131.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Apr 2024 08:18:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:c9:7f:e2:53:39:dd:d4:2f:5b:d6:d1:fc:a3:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 1 18:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2ea91d96c61a5b74c14b8df0ddcd3e6387ab81b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:5f:64:8a:29:7a:2e:4c:97:0c:40:5d:54:d5:
c2:82:63:e2:af:bc:54:32:94:24:33:e8:68:02:3a:
6c:48:29:c5:3f:e2:39:c9:5c:f8:61:39:88:61:d6:
6b:45:3f:91:10:53:b7:c8:ab:6e:a5:ab:16:02:35:
b8:63:83:a3:d5:ad:92:29:66:93:79:8e:12:7d:db:
33:1c:82:b9:68:95:bf:8a:a9:38:7a:bd:09:d8:f9:
32:3d:66:dc:32:20:d2:23:2f:60:1f:57:0a:96:cf:
d2:cf:82:7a:a3:70:9d:5e:e7:1d:14:f0:be:c9:ad:
dc:9c:68:05:c1:e6:0f:96:b0:7b:2b:c8:11:d7:52:
fc:c7:43:58:b0:7a:63:70:df:7a:55:e9:bc:18:a1:
ed:5d:25:eb:88:fa:86:2f:90:dc:8a:fb:da:6f:cc:
e6:64:3c:23:a2:96:5a:54:e8:ab:45:ad:d6:29:e0:
6d:ab:66:15:cc:2e:ff:77:a7:da:b7:83:35:d9:9d:
29:fd:d7:22:84:e5:d6:c4:37:89:e0:2a:e6:04:bc:
7d:7a:59:45:f1:0d:b4:0d:99:9a:d5:ec:70:8c:bd:
51:1c:34:d7:a6:79:c6:b3:cf:a2:b2:ee:09:97:13:
58:a6:ae:92:49:55:45:a7:62:06:45:b5:2b:ec:2f:
b0:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:EA:91:D9:6C:61:A5:B7:4C:14:B8:DF:0D:DC:D3:E6:38:7A:B8:1B
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/0uqR2WxhpbdMFLjfDdzT5jh6uBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.131.0/24
Signature Algorithm: sha256WithRSAEncryption
34:b9:b7:e2:04:3f:04:aa:53:9a:f9:37:77:75:b8:92:0a:e9:
6c:5e:ca:33:3e:64:68:92:cc:00:26:fa:9b:21:da:09:a9:db:
cd:e6:7f:8a:84:5b:a7:78:3c:f5:80:bd:cc:89:1a:76:97:e0:
66:b6:61:ba:66:f6:35:41:e7:ab:80:8d:b7:ca:f6:2a:46:fe:
9b:7c:52:86:9c:60:df:5a:5a:32:46:26:bd:13:8b:79:18:03:
25:8b:ad:f6:4e:82:4a:f1:1f:34:51:f3:36:64:38:45:3c:2e:
60:f3:fc:fd:0f:dd:b6:c3:c9:c7:b5:6e:75:45:72:57:be:83:
81:7c:22:7e:3e:ee:a3:66:5e:86:9f:be:06:5c:a3:f9:2d:d8:
fd:77:ee:3c:7f:2f:29:ce:ce:65:bd:fa:93:43:6d:57:28:01:
db:7f:db:49:b9:af:1b:b8:c4:13:cb:3e:0a:bb:19:75:4e:b2:
b4:a9:8e:1b:66:a0:8a:73:dc:8b:f6:68:1f:06:9c:8b:11:8c:
5f:b0:e7:73:a6:23:d0:93:ab:9d:70:38:ee:13:86:3f:8e:08:
52:27:4f:fe:ee:1e:18:5f:e3:ac:0c:2f:62:ce:fa:24:3b:b6:
ca:09:24:3c:de:f9:e3:42:53:c7:31:ca:9d:49:65:c5:63:70:
21:54:76:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGScl/4lM53dQvW9bR/KM+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMTAxMTgyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmVhOTFkOTZjNjFhNWI3NGMxNGI4ZGYwZGRjZDNlNjM4N2FiODFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgV9kiil6LkyXDEBdVNXCgmPir7xU
MpQkM+hoAjpsSCnFP+I5yVz4YTmIYdZrRT+REFO3yKtupasWAjW4Y4Oj1a2SKWaT
eY4SfdszHIK5aJW/iqk4er0J2PkyPWbcMiDSIy9gH1cKls/Sz4J6o3CdXucdFPC+
ya3cnGgFweYPlrB7K8gR11L8x0NYsHpjcN96Vem8GKHtXSXriPqGL5Dcivvab8zm
ZDwjopZaVOirRa3WKeBtq2YVzC7/d6fat4M12Z0p/dcihOXWxDeJ4CrmBLx9ellF
8Q20DZma1exwjL1RHDTXpnnGs8+isu4JlxNYpq6SSVVFp2IGRbUr7C+wfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNLqkdlsYaW3TBS43w3c0+Y4ergbMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvMHVxUjJXeGhwYmRNRkxqZkRkelQ1amg2dUJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAURaDMA0G
CSqGSIb3DQEBCwUAA4IBAQA0ubfiBD8EqlOa+Td3dbiSCulsXsozPmRokswAJvqb
IdoJqdvN5n+KhFuneDz1gL3MiRp2l+BmtmG6ZvY1QeergI23yvYqRv6bfFKGnGDf
WloyRia9E4t5GAMli632ToJK8R80UfM2ZDhFPC5g8/z9D922w8nHtW51RXJXvoOB
fCJ+Pu6jZl6Gn74GXKP5Ldj9d+48fy8pzs5lvfqTQ21XKAHbf9tJua8buMQTyz4K
uxl1TrK0qY4bZqCKc9yL9mgfBpyLEYxfsOdzpiPQk6udcDjuE4Y/jghSJ0/+7h4Y
X+OsDC9izvokO7bKCSQ83vnjQlPHMcqdSWXFY3AhVHaq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:45 2024 by rpki-client on console-ams.rpki-client.org