Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/1-CA2QK7pNh6CNEIIH9vaHX0rlDo.roa
File: 1-CA2QK7pNh6CNEIIH9vaHX0rlDo.roa (raw, json)
Hash identifier: wtS9vDkhyeSXDDupXFq1uK4FCU4qwH5n1d6A3hQFFJk=
Subject key identifier: F8:20:36:40:AE:E9:36:1E:82:34:42:08:1F:DB:DA:1D:7D:2B:94:3A
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018D5EFC267BB9A054092277D3C6ABC6A08F
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/1-CA2QK7pNh6CNEIIH9vaHX0rlDo.roa
Signing time: Wed 31 Jan 2024 10:06:39 +0000
ROA not before: Wed 31 Jan 2024 10:06:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 81.22.130.0/24 maxlen: 24
81.22.135.0/24 maxlen: 24
89.185.1.0/24 maxlen: 24
89.185.3.0/24 maxlen: 24
109.72.117.0/24 maxlen: 24
109.72.120.0/24 maxlen: 24
109.72.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jan 2024 14:46:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5e:fc:26:7b:b9:a0:54:09:22:77:d3:c6:ab:c6:a0:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 31 10:06:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8203640aee9361e823442081fdbda1d7d2b943a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:01:9c:06:4a:db:35:47:1e:6c:1f:c1:ae:bb:
a3:ec:55:8f:f5:c0:27:67:51:61:11:d0:bc:d7:40:
ea:72:99:1f:19:9f:8c:22:c8:dc:f7:21:ac:10:21:
8e:ac:38:32:c3:8a:3b:e1:94:35:0c:92:df:8d:c4:
bd:08:4d:7b:c2:74:88:24:6d:a8:57:cf:91:f7:25:
6c:fc:30:2c:ff:bf:8e:01:0e:15:aa:e7:c6:26:7a:
72:20:fc:77:4a:32:7f:93:14:04:1f:a5:8b:c9:45:
a5:57:af:b1:d3:8d:a9:6f:a4:cb:6e:32:18:3a:0d:
c7:d4:dd:27:0d:bd:6b:e5:ec:79:6e:0a:c9:b8:37:
ef:1a:8a:e5:80:36:26:4f:4a:87:9a:8a:55:4e:fc:
51:d3:e8:87:34:d3:70:f7:c1:28:41:8a:70:06:4c:
07:04:f2:ef:43:e0:35:77:22:af:9e:4a:aa:0d:9c:
0a:ac:9b:47:94:3d:8b:87:a3:54:4e:52:9a:97:07:
fd:29:59:7f:aa:fd:ae:9d:54:a3:c3:51:60:1c:50:
78:14:0b:17:ca:28:4b:e8:c5:cd:28:4a:f7:1b:cd:
24:74:f5:56:71:8b:bd:89:df:0a:94:03:0a:9c:25:
c4:3d:83:5d:7d:18:6c:d2:84:62:64:cc:8b:c7:bb:
c6:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:20:36:40:AE:E9:36:1E:82:34:42:08:1F:DB:DA:1D:7D:2B:94:3A
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/1-CA2QK7pNh6CNEIIH9vaHX0rlDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.130.0/24
81.22.135.0/24
89.185.1.0/24
89.185.3.0/24
109.72.117.0/24
109.72.120.0/24
109.72.127.0/24
Signature Algorithm: sha256WithRSAEncryption
92:ca:35:95:f1:07:c0:78:2c:c7:aa:2b:98:5b:22:6c:45:91:
44:71:4a:1b:3a:b7:6d:ae:d4:88:68:53:71:69:18:0f:0d:ad:
49:57:98:68:7f:e2:3a:20:87:6b:be:42:67:6a:4e:14:d8:50:
67:06:24:ef:3d:22:19:38:91:8e:8b:ea:5b:27:be:c6:ca:56:
f7:8a:b9:77:78:0e:33:cc:e5:06:d5:79:6e:8f:6d:80:ab:f6:
91:f5:0f:f1:2a:a8:ca:da:a7:35:37:2d:76:fc:28:e6:c9:e7:
fc:53:a6:6e:40:76:6e:45:fa:4f:44:c4:ac:80:b5:eb:09:33:
8e:c9:09:6a:42:f5:45:15:d9:46:37:ee:0c:9c:96:16:e4:1e:
f5:c9:87:25:f4:04:ba:68:58:8b:43:fc:c2:68:f3:db:47:e8:
64:6e:ae:68:af:03:20:7d:10:26:83:dd:07:1c:88:a0:82:bf:
72:63:e2:f4:e2:07:c9:f9:65:b0:27:12:3b:50:39:1c:a5:66:
54:f9:bf:84:a8:03:8f:01:bd:2c:71:fc:38:85:b7:36:e6:aa:
db:c1:c7:47:a7:4f:8e:fa:82:b1:0b:80:ac:3f:ab:02:93:86:
35:d0:82:7a:53:af:1d:3b:58:ec:a1:92:c9:f0:d5:d2:22:b2:
e9:e3:47:47
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAY1e/CZ7uaBUCSJ308arxqCPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMTMxMTAwNjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODIwMzY0MGFlZTkzNjFlODIzNDQyMDgxZmRiZGExZDdkMmI5NDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzAGcBkrbNUcebB/Brruj7FWP9cAn
Z1FhEdC810DqcpkfGZ+MIsjc9yGsECGOrDgyw4o74ZQ1DJLfjcS9CE17wnSIJG2o
V8+R9yVs/DAs/7+OAQ4VqufGJnpyIPx3SjJ/kxQEH6WLyUWlV6+x042pb6TLbjIY
Og3H1N0nDb1r5ex5bgrJuDfvGorlgDYmT0qHmopVTvxR0+iHNNNw98EoQYpwBkwH
BPLvQ+A1dyKvnkqqDZwKrJtHlD2Lh6NUTlKalwf9KVl/qv2unVSjw1FgHFB4FAsX
yihL6MXNKEr3G80kdPVWcYu9id8KlAMKnCXEPYNdfRhs0oRiZMyLx7vGEQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFPggNkCu6TYegjRCCB/b2h19K5Q6MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvMS1DQTJRSzdwTmg2Q05FSUlIOXZhSFgwcmxEby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2QvNjE2OGQ3LTk0NmMtNDU3NC05MWVhLTgyYWQxNDU1NWVh
YS8xL21DejRDY0RqNk9WVkw1ME4wdUotRGRMWTJyNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBDBggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAFEWggME
AFEWhwMEAFm5AQMEAFm5AwMEAG1IdQMEAG1IeAMEAG1IfzANBgkqhkiG9w0BAQsF
AAOCAQEAkso1lfEHwHgsx6ormFsibEWRRHFKGzq3ba7UiGhTcWkYDw2tSVeYaH/i
OiCHa75CZ2pOFNhQZwYk7z0iGTiRjovqWye+xspW94q5d3gOM8zlBtV5bo9tgKv2
kfUP8SqoytqnNTctdvwo5snn/FOmbkB2bkX6T0TErIC16wkzjskJakL1RRXZRjfu
DJyWFuQe9cmHJfQEumhYi0P8wmjz20foZG6uaK8DIH0QJoPdBxyIoIK/cmPi9OIH
yfllsCcSO1A5HKVmVPm/hKgDjwG9LHH8OIW3Nuaq28HHR6dPjvqCsQuArD+rApOG
NdCCelOvHTtY7KGSyfDV0iKy6eNHRw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:45 2024 by rpki-client on console-ams.rpki-client.org