Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/1-OMMZHKm9NI6A2cQrvoghY4X5_Q.roa
File: 1-OMMZHKm9NI6A2cQrvoghY4X5_Q.roa (raw, json)
Hash identifier: 5bWwVOdi/tJYCfTpk3Nh8DImMnwv2IhhsALfp4ClKlQ=
Subject key identifier: F8:E3:0C:64:72:A6:F4:D2:3A:03:67:10:AE:FA:20:85:8E:17:E7:F4
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 01894415DFF3F4CC660054C66152BD5527AF
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/1-OMMZHKm9NI6A2cQrvoghY4X5_Q.roa
Signing time: Tue 11 Jul 2023 08:33:51 +0000
ROA not before: Tue 11 Jul 2023 08:33:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.185.24.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
81.22.130.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Jul 2023 17:34:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:44:15:df:f3:f4:cc:66:00:54:c6:61:52:bd:55:27:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jul 11 08:33:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8e30c6472a6f4d23a036710aefa20858e17e7f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:00:ac:f1:be:6e:75:ad:34:67:f2:18:61:c7:
93:d4:38:78:7c:bd:3e:dd:50:bf:ec:e1:cd:74:f0:
bf:37:09:77:e2:28:e2:79:f1:81:e1:e8:b7:f6:28:
80:03:a1:56:bd:fd:aa:b9:5d:1d:cb:e3:34:63:70:
7a:bd:c9:f5:22:04:93:1f:bf:f2:90:c4:7a:c1:9f:
9f:59:cf:7a:23:a0:44:96:81:51:19:26:5d:e6:46:
2e:59:38:93:07:c1:34:5a:a4:8c:9d:91:e6:92:48:
d2:cc:87:e6:a9:88:b9:15:d7:e8:31:cd:80:ef:86:
e7:23:c9:0e:5e:44:19:95:0f:5c:d7:02:0c:44:10:
71:b0:79:86:44:32:fd:2a:3f:c3:40:fa:3c:42:22:
d9:1e:cd:50:78:cb:ab:1c:cc:1d:e9:44:59:2e:3d:
14:25:1f:b9:a6:2e:6d:9d:da:be:8d:8a:d2:44:d1:
d2:00:2b:8b:00:09:b1:0b:8b:ae:5d:73:87:73:d7:
55:7a:e6:3d:7b:d6:f6:6c:08:9c:04:98:3b:d7:0e:
f9:02:ab:fd:09:85:d1:e7:67:cb:cb:25:7e:57:ef:
a9:57:43:00:f7:98:99:18:48:3d:3f:34:99:03:44:
e3:33:8d:f6:ea:ed:a5:16:e1:97:24:83:c2:77:21:
25:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:E3:0C:64:72:A6:F4:D2:3A:03:67:10:AE:FA:20:85:8E:17:E7:F4
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/1-OMMZHKm9NI6A2cQrvoghY4X5_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.130.0/24
89.185.0.0/22
89.185.24.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
88:65:41:5d:06:7c:f6:83:af:47:e8:7c:d3:28:06:e8:f7:9e:
5c:74:d1:b5:4e:84:49:fb:11:70:0b:5f:50:86:9c:d5:06:55:
cb:90:e4:24:8a:ca:9e:ca:01:93:3c:1f:06:1d:aa:fa:ef:4e:
69:f2:4a:bc:a0:5e:ed:d9:a3:4c:f4:fe:61:5b:a3:ad:2e:2e:
a0:37:17:ec:7d:5f:f3:8d:a2:4a:47:04:32:88:53:ef:37:36:
05:70:43:e7:8e:39:b7:8b:f7:85:03:d3:25:85:64:ac:d4:98:
9b:f9:4a:72:7e:d4:a7:28:9a:ea:f1:68:f4:6f:81:c8:38:88:
b2:52:58:79:a1:0c:05:51:60:17:cd:bf:93:fc:5b:43:18:d3:
2a:4f:b7:49:b4:f1:d3:cd:1c:86:cf:6f:b4:e8:5a:f0:ca:4f:
85:0a:7f:ad:f4:cb:06:89:86:a8:0b:c5:66:ea:c8:50:1d:76:
ae:cb:ba:2a:c5:20:1f:df:6c:64:b7:48:cc:7f:ea:e2:7a:58:
58:9b:86:08:fd:e3:f5:eb:b3:1e:23:e7:8e:33:aa:6f:dc:93:
92:0b:e1:92:78:ad:57:fb:7d:6f:4e:87:47:4d:6e:f1:1c:9e:
03:8f:7d:32:d8:b5:63:96:5b:0f:ea:7d:26:24:f8:6c:6b:4d:
60:e7:99:31
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYlEFd/z9MxmAFTGYVK9VSevMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwNzExMDgzMzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGUzMGM2NDcyYTZmNGQyM2EwMzY3MTBhZWZhMjA4NThlMTdlN2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQCs8b5uda00Z/IYYceT1Dh4fL0+
3VC/7OHNdPC/Nwl34ijiefGB4ei39iiAA6FWvf2quV0dy+M0Y3B6vcn1IgSTH7/y
kMR6wZ+fWc96I6BEloFRGSZd5kYuWTiTB8E0WqSMnZHmkkjSzIfmqYi5FdfoMc2A
74bnI8kOXkQZlQ9c1wIMRBBxsHmGRDL9Kj/DQPo8QiLZHs1QeMurHMwd6URZLj0U
JR+5pi5tndq+jYrSRNHSACuLAAmxC4uuXXOHc9dVeuY9e9b2bAicBJg71w75Aqv9
CYXR52fLyyV+V++pV0MA95iZGEg9PzSZA0TjM4326u2lFuGXJIPCdyElfwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPjjDGRypvTSOgNnEK76IIWOF+f0MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvMS1PTU1aSEttOU5JNkEyY1Fydm9naFk0WDVfUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2QvNjE2OGQ3LTk0NmMtNDU3NC05MWVhLTgyYWQxNDU1NWVh
YS8xL21DejRDY0RqNk9WVkw1ME4wdUotRGRMWTJyNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAFEWggME
Alm5AAMEAlm5GAMEAm1IdDANBgkqhkiG9w0BAQsFAAOCAQEAiGVBXQZ89oOvR+h8
0ygG6PeeXHTRtU6ESfsRcAtfUIac1QZVy5DkJIrKnsoBkzwfBh2q+u9OafJKvKBe
7dmjTPT+YVujrS4uoDcX7H1f842iSkcEMohT7zc2BXBD5445t4v3hQPTJYVkrNSY
m/lKcn7Upyia6vFo9G+ByDiIslJYeaEMBVFgF82/k/xbQxjTKk+3SbTx080chs9v
tOha8MpPhQp/rfTLBomGqAvFZurIUB12rsu6KsUgH99sZLdIzH/q4npYWJuGCP3j
9euzHiPnjjOqb9yTkgvhknitV/t9b06HR01u8RyeA499Mti1Y5ZbD+p9JiT4bGtN
YOeZMQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:45 2024 by rpki-client on console-ams.rpki-client.org