Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/1-UDW45Ui_idlGKScvydAwFUDYMo.roa
File: 1-UDW45Ui_idlGKScvydAwFUDYMo.roa (raw, json)
Hash identifier: LEa48a9INCzj7Z8d7/sXg5101RAH/nGXWRGDEXxCFx4=
Subject key identifier: F9:40:D6:E3:95:22:FE:27:65:18:A4:9C:BF:27:40:C0:55:03:60:CA
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018F2FB7D7FBE89788D946D90DDA2E04C040
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/1-UDW45Ui_idlGKScvydAwFUDYMo.roa
Signing time: Tue 30 Apr 2024 15:55:28 +0000
ROA not before: Tue 30 Apr 2024 15:55:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 23
81.22.140.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
109.72.116.0/22 maxlen: 24
109.72.116.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 May 2024 11:03:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2f:b7:d7:fb:e8:97:88:d9:46:d9:0d:da:2e:04:c0:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Apr 30 15:55:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f940d6e39522fe276518a49cbf2740c0550360ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:8b:dc:ca:46:8d:86:5c:b9:76:3b:19:0f:62:
de:18:b5:86:de:c9:46:f8:fc:fd:55:4f:e6:a8:cc:
21:2b:28:7f:3d:c6:d8:52:d0:1d:2e:9e:22:ae:69:
ab:80:d1:b2:4a:d5:66:83:9a:a0:6a:97:54:a1:a0:
40:52:90:45:30:64:28:1d:96:a1:d6:20:95:95:c2:
f9:69:cb:17:84:92:93:55:cd:b6:c2:d9:09:5f:f2:
54:9d:5d:23:31:94:b1:c8:ef:02:84:41:eb:fa:c6:
05:97:38:e5:db:e4:d0:75:c8:18:73:97:cf:70:0a:
49:0b:11:fd:34:89:b0:29:cc:8e:a5:f1:f6:42:81:
e0:6d:a3:6e:0c:36:aa:50:82:e0:c6:12:43:c8:e7:
75:3a:54:0b:00:54:2d:5f:34:5a:58:71:40:b5:21:
60:28:09:56:48:e3:9b:64:0c:0d:5b:c6:68:96:fe:
77:3a:7b:f6:16:1f:02:4e:14:80:fb:4d:2c:72:a1:
5e:8e:06:48:a2:b7:20:b1:18:46:ef:4b:ce:d7:eb:
c4:d4:d4:a0:d2:4e:0a:fa:e9:8f:55:75:bf:35:7b:
be:85:fd:c2:fe:37:72:de:20:5d:54:38:99:a2:bb:
14:ab:60:2e:67:bf:e3:b6:b0:fb:02:46:c3:23:94:
2f:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:40:D6:E3:95:22:FE:27:65:18:A4:9C:BF:27:40:C0:55:03:60:CA
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/1-UDW45Ui_idlGKScvydAwFUDYMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
19:0b:07:19:b2:5c:51:82:67:30:61:51:64:88:58:75:14:da:
03:a9:cb:4a:e4:f2:06:69:ea:80:e2:3c:4c:e7:bf:e5:35:66:
1f:d7:aa:17:30:b8:33:b2:71:ff:69:34:36:51:1a:dd:b4:a4:
d8:89:6a:10:db:36:9f:6e:2a:31:04:5f:f6:d6:5d:14:4a:93:
b4:4a:8a:4f:87:41:7a:1e:34:37:40:88:f6:34:b2:c3:86:7d:
10:96:13:16:5e:1d:33:1c:0e:30:1a:ca:6c:c3:8f:83:51:d0:
ad:1c:73:4f:88:a6:6f:ad:dc:fb:3b:9f:02:28:3a:23:6c:bb:
20:c0:aa:26:f1:a8:7b:31:88:3a:7c:5a:00:0b:a8:af:07:e0:
42:25:f3:0d:8a:f4:86:d0:09:29:e7:1b:3e:cd:c8:ac:ed:dc:
14:d0:ac:ed:71:39:68:dc:dd:66:86:d3:c9:bf:40:86:fa:90:
ec:d2:c0:8c:e4:59:b6:11:38:b7:00:de:49:5c:ba:69:e6:4a:
8b:89:e6:4a:96:ac:9e:54:ec:76:1d:71:8d:e2:87:ca:9a:8e:
11:d0:67:d7:3c:06:bf:bd:10:1e:9d:58:6f:cd:f7:eb:4c:8e:
02:50:ac:c4:d6:d5:29:36:61:c6:46:44:83:c1:ef:6c:de:a6:
f5:02:b9:8a
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAY8vt9f76JeI2UbZDdouBMBAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwNDMwMTU1NTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTQwZDZlMzk1MjJmZTI3NjUxOGE0OWNiZjI3NDBjMDU1MDM2MGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYvcykaNhly5djsZD2LeGLWG3slG
+Pz9VU/mqMwhKyh/PcbYUtAdLp4irmmrgNGyStVmg5qgapdUoaBAUpBFMGQoHZah
1iCVlcL5acsXhJKTVc22wtkJX/JUnV0jMZSxyO8ChEHr+sYFlzjl2+TQdcgYc5fP
cApJCxH9NImwKcyOpfH2QoHgbaNuDDaqUILgxhJDyOd1OlQLAFQtXzRaWHFAtSFg
KAlWSOObZAwNW8Zolv53Onv2Fh8CThSA+00scqFejgZIorcgsRhG70vO1+vE1NSg
0k4K+umPVXW/NXu+hf3C/jdy3iBdVDiZorsUq2AuZ7/jtrD7AkbDI5QvlwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPlA1uOVIv4nZRiknL8nQMBVA2DKMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvMS1VRFc0NVVpX2lkbEdLU2N2eWRBd0ZVRFlNby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2QvNjE2OGQ3LTk0NmMtNDU3NC05MWVhLTgyYWQxNDU1NWVh
YS8xL21DejRDY0RqNk9WVkw1ME4wdUotRGRMWTJyNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEA1EWiAME
Alm5AAMEAm1IdDANBgkqhkiG9w0BAQsFAAOCAQEAGQsHGbJcUYJnMGFRZIhYdRTa
A6nLSuTyBmnqgOI8TOe/5TVmH9eqFzC4M7Jx/2k0NlEa3bSk2IlqENs2n24qMQRf
9tZdFEqTtEqKT4dBeh40N0CI9jSyw4Z9EJYTFl4dMxwOMBrKbMOPg1HQrRxzT4im
b63c+zufAig6I2y7IMCqJvGoezGIOnxaAAuorwfgQiXzDYr0htAJKecbPs3IrO3c
FNCs7XE5aNzdZobTyb9AhvqQ7NLAjORZthE4twDeSVy6aeZKi4nmSpasnlTsdh1x
jeKHypqOEdBn1zwGv70QHp1Yb83360yOAlCsxNbVKTZhxkZEg8HvbN6m9QK5ig==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org