Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/1-4k86viIGUVtBrW_XnkCJlOsXFo.roa
File: 1-4k86viIGUVtBrW_XnkCJlOsXFo.roa (raw, json)
Hash identifier: upVWiUdHGQ6eVpHyeDbXc/F6bQuMfniNI9I3ppHs5xg=
Subject key identifier: FB:89:3C:EA:F8:88:19:45:6D:06:B5:BF:5E:79:02:26:53:AC:5C:5A
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 01929171909283CDD7085A6EA094B9DA041A
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/1-4k86viIGUVtBrW_XnkCJlOsXFo.roa
Signing time: Tue 15 Oct 2024 18:29:51 +0000
ROA not before: Tue 15 Oct 2024 18:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 23
81.22.140.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
109.72.116.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Oct 2024 15:57:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:91:71:90:92:83:cd:d7:08:5a:6e:a0:94:b9:da:04:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Oct 15 18:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb893ceaf88819456d06b5bf5e79022653ac5c5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c7:27:d6:90:bf:45:04:a8:24:77:fa:04:2c:
d2:45:d8:ff:ec:13:0a:21:67:7b:2e:54:2d:d5:3a:
ca:97:10:18:55:41:d5:36:76:fa:b7:5c:31:6b:a4:
48:f9:1b:f4:82:e5:21:03:9a:e3:6b:a6:00:88:b4:
bf:6e:28:c6:d1:50:76:6a:eb:91:68:af:38:8a:3f:
8d:1e:80:13:44:91:e8:52:1a:42:38:0e:a2:12:2a:
3f:bf:cc:93:c4:00:03:42:4c:76:82:d3:8d:47:54:
09:1f:03:bd:3f:4d:6b:c1:dc:4f:9d:33:d7:2e:93:
9d:59:23:44:4f:d5:07:7f:52:10:6e:62:af:c5:4a:
15:a8:53:03:df:6a:3c:30:fd:00:f8:80:fd:99:93:
17:1b:32:ae:59:b6:ec:9a:02:f4:7e:77:1d:fe:6e:
9c:79:04:e8:f9:e9:37:6b:8b:68:9e:07:a6:36:3a:
fa:3f:e9:c4:f3:07:23:7e:7a:e4:93:89:bf:3f:a7:
1b:73:10:c2:4c:9a:9b:5b:9d:56:20:a0:16:89:f4:
a0:ac:66:e1:6d:47:5c:8b:89:e5:ac:09:80:5b:b2:
7f:85:34:31:e3:a0:dd:b5:e5:55:1c:af:74:6b:9b:
fe:d5:ff:e9:0a:a3:24:3f:d3:85:c9:cf:e1:7a:ec:
df:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:89:3C:EA:F8:88:19:45:6D:06:B5:BF:5E:79:02:26:53:AC:5C:5A
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/1-4k86viIGUVtBrW_XnkCJlOsXFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
18:88:ee:90:16:64:2f:65:28:48:ab:f8:0a:c2:28:2b:fc:f4:
d9:d7:53:2f:dd:c2:78:58:0b:8f:12:1c:0a:71:33:3d:93:dd:
2e:8a:45:05:57:d9:0b:78:95:75:f7:5c:9b:5a:07:17:8d:a4:
d3:aa:6f:58:74:cd:18:22:d0:43:c2:00:99:40:e9:6e:82:db:
80:2c:fb:8c:d6:57:80:fb:65:3c:c9:50:df:7e:92:81:94:30:
2a:9d:1c:43:40:21:ee:28:05:5c:5c:1f:9b:37:af:e5:90:ce:
7c:4e:ef:cd:35:41:8c:d9:31:38:05:71:fa:69:b7:43:1d:62:
7d:7c:ca:c9:19:16:89:cc:dc:19:c4:89:da:f8:93:b2:6e:a8:
96:75:aa:91:38:c7:45:49:16:1d:44:5c:d0:e1:a0:c6:6d:87:
a5:06:a3:12:11:36:5e:09:34:06:3b:ec:fc:60:9f:74:9d:43:
76:33:02:2b:db:6c:c1:9c:cf:0b:af:58:50:75:52:d1:a8:83:
f3:06:a7:2e:1b:a5:37:3d:90:da:0d:78:37:e2:2b:fe:bc:19:
c0:71:87:67:93:f0:2c:c6:b1:43:88:66:d8:19:61:66:d8:e4:
9f:c0:ee:44:b8:4d:85:1e:30:fa:c6:20:90:75:de:ec:65:c3:
b2:41:2e:f5
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZKRcZCSg83XCFpuoJS52gQaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQxMDE1MTgyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjg5M2NlYWY4ODgxOTQ1NmQwNmI1YmY1ZTc5MDIyNjUzYWM1YzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzccn1pC/RQSoJHf6BCzSRdj/7BMK
IWd7LlQt1TrKlxAYVUHVNnb6t1wxa6RI+Rv0guUhA5rja6YAiLS/bijG0VB2auuR
aK84ij+NHoATRJHoUhpCOA6iEio/v8yTxAADQkx2gtONR1QJHwO9P01rwdxPnTPX
LpOdWSNET9UHf1IQbmKvxUoVqFMD32o8MP0A+ID9mZMXGzKuWbbsmgL0fncd/m6c
eQTo+ek3a4tongemNjr6P+nE8wcjfnrkk4m/P6cbcxDCTJqbW51WIKAWifSgrGbh
bUdci4nlrAmAW7J/hTQx46DdteVVHK90a5v+1f/pCqMkP9OFyc/heuzfMQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPuJPOr4iBlFbQa1v155AiZTrFxaMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvMS00azg2dmlJR1VWdEJyV19YbmtDSmxPc1hGby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2QvNjE2OGQ3LTk0NmMtNDU3NC05MWVhLTgyYWQxNDU1NWVh
YS8xL21DejRDY0RqNk9WVkw1ME4wdUotRGRMWTJyNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEA1EWiAME
Alm5AAMEAm1IdDANBgkqhkiG9w0BAQsFAAOCAQEAGIjukBZkL2UoSKv4CsIoK/z0
2ddTL93CeFgLjxIcCnEzPZPdLopFBVfZC3iVdfdcm1oHF42k06pvWHTNGCLQQ8IA
mUDpboLbgCz7jNZXgPtlPMlQ336SgZQwKp0cQ0Ah7igFXFwfmzev5ZDOfE7vzTVB
jNkxOAVx+mm3Qx1ifXzKyRkWiczcGcSJ2viTsm6olnWqkTjHRUkWHURc0OGgxm2H
pQajEhE2Xgk0Bjvs/GCfdJ1DdjMCK9tswZzPC69YUHVS0aiD8wanLhulNz2Q2g14
N+Ir/rwZwHGHZ5PwLMaxQ4hm2BlhZtjkn8DuRLhNhR4w+sYgkHXe7GXDskEu9Q==
-----END CERTIFICATE-----
Generated at Wed Oct 16 18:47:23 2024 by rpki-client on console-ams.rpki-client.org