Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/1Gd5P50xB6v8MMu5pzdqzuMiCtY.roa
File: 1Gd5P50xB6v8MMu5pzdqzuMiCtY.roa (raw, json)
Hash identifier: cVbWDLKGVTnl3bba4Rm8YESVEIrz/sW4Dh8zCZYmZ+M=
Subject key identifier: D4:67:79:3F:9D:31:07:AB:FC:30:CB:B9:A7:37:6A:CE:E3:22:0A:D6
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 01874B6EF19407086A9787A0AEAB5596E5CB
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/1Gd5P50xB6v8MMu5pzdqzuMiCtY.roa
Signing time: Tue 04 Apr 2023 08:42:54 +0000
ROA not before: Tue 04 Apr 2023 08:42:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 81.22.135.0/24 maxlen: 24
89.185.22.0/24 maxlen: 24
109.72.125.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Apr 2023 13:03:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4b:6e:f1:94:07:08:6a:97:87:a0:ae:ab:55:96:e5:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Apr 4 08:42:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d467793f9d3107abfc30cbb9a7376acee3220ad6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:3f:fd:cb:1a:7d:98:e1:dc:61:d4:91:11:3b:
7b:97:4b:45:54:d3:46:67:31:1f:56:93:bc:6a:cc:
24:54:9c:37:4b:8b:cb:04:94:55:a7:e9:c3:66:53:
bb:cc:2f:3b:31:1c:05:f8:22:11:5d:09:0a:04:d1:
46:9f:ab:fc:8e:08:1b:e5:bc:3d:42:32:2a:31:16:
0f:2c:9c:60:37:2b:48:76:f9:a8:08:37:61:bd:b2:
9c:c7:7e:39:2d:fc:93:f9:08:2e:4f:78:85:ec:6e:
b9:8e:40:fc:5f:10:ff:24:b3:75:cf:23:7b:e5:ae:
f7:ed:69:8d:d2:5a:2a:06:5d:39:da:2f:61:14:2e:
1f:0c:9d:fa:e6:88:d7:bf:f4:a7:bb:fa:9e:d3:35:
4b:60:85:a4:a2:9e:44:bc:9c:a2:42:ad:d0:e4:91:
c6:04:1f:40:75:34:e0:cc:fa:98:bb:3c:04:f6:1f:
61:6b:4d:d9:8e:eb:56:7b:0f:bf:e6:ee:56:e0:9a:
bc:79:01:06:9e:63:25:3a:cb:c7:85:27:51:5e:44:
8b:e7:78:29:38:64:f1:1b:9f:c7:98:67:45:60:84:
91:58:90:05:74:c1:0c:ea:88:95:f5:0a:b9:84:97:
e2:94:af:eb:25:14:83:8b:61:54:ea:e4:3b:e4:60:
d3:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:67:79:3F:9D:31:07:AB:FC:30:CB:B9:A7:37:6A:CE:E3:22:0A:D6
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/1Gd5P50xB6v8MMu5pzdqzuMiCtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.135.0/24
89.185.22.0/24
109.72.125.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:95:6a:c0:4e:04:45:45:ca:c1:c4:7c:ee:1f:90:47:4b:17:
08:ab:25:84:64:7a:0a:22:55:ae:65:a9:2c:33:8d:0f:e6:cf:
e5:eb:0a:57:b6:06:36:4f:a2:41:5a:28:3b:9e:a2:9f:3a:18:
0b:b5:b4:a9:f2:69:2d:92:9a:0f:59:59:2e:c0:7e:e6:af:7d:
cc:c7:c9:f0:6c:7b:a5:1a:a8:74:a0:18:92:95:26:09:13:f8:
12:09:72:5e:69:8e:62:06:d2:2a:95:56:e4:73:6f:e0:c0:fc:
52:b2:24:11:d5:f6:c3:21:56:51:72:9c:45:da:dd:c2:e6:74:
0e:01:00:61:89:f9:c2:f7:4e:33:f6:96:97:3b:37:36:ce:ee:
03:f5:98:38:c6:51:7f:50:d4:e6:4c:0f:e9:13:40:6e:83:d3:
04:e5:48:73:90:ce:b4:02:19:b6:e8:ae:09:2c:59:ff:08:00:
62:c9:5e:e1:97:37:83:d2:7e:6b:4d:9f:9a:2f:90:db:f3:52:
3d:b3:f9:8a:b9:dc:f0:04:73:9d:0d:8f:57:d8:0f:13:fe:87:
e1:6a:65:45:4a:25:e7:c0:be:1d:f5:40:b7:bf:da:bf:f7:1d:
2b:b0:4c:48:de:b0:2a:50:3f:22:f5:a8:e2:20:76:7d:32:6e:
32:a0:99:9a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYdLbvGUBwhql4egrqtVluXLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwNDA0MDg0MjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDY3NzkzZjlkMzEwN2FiZmMzMGNiYjlhNzM3NmFjZWUzMjIwYWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgT/9yxp9mOHcYdSRETt7l0tFVNNG
ZzEfVpO8aswkVJw3S4vLBJRVp+nDZlO7zC87MRwF+CIRXQkKBNFGn6v8jggb5bw9
QjIqMRYPLJxgNytIdvmoCDdhvbKcx345LfyT+QguT3iF7G65jkD8XxD/JLN1zyN7
5a737WmN0loqBl052i9hFC4fDJ365ojXv/Snu/qe0zVLYIWkop5EvJyiQq3Q5JHG
BB9AdTTgzPqYuzwE9h9ha03ZjutWew+/5u5W4Jq8eQEGnmMlOsvHhSdRXkSL53gp
OGTxG5/HmGdFYISRWJAFdMEM6oiV9Qq5hJfilK/rJRSDi2FU6uQ75GDTPQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNRneT+dMQer/DDLuac3as7jIgrWMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvMUdkNVA1MHhCNnY4TU11NXB6ZHF6dU1pQ3RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAURaHAwQA
WbkWAwQAbUh9MA0GCSqGSIb3DQEBCwUAA4IBAQANlWrATgRFRcrBxHzuH5BHSxcI
qyWEZHoKIlWuZaksM40P5s/l6wpXtgY2T6JBWig7nqKfOhgLtbSp8mktkpoPWVku
wH7mr33Mx8nwbHulGqh0oBiSlSYJE/gSCXJeaY5iBtIqlVbkc2/gwPxSsiQR1fbD
IVZRcpxF2t3C5nQOAQBhifnC904z9paXOzc2zu4D9Zg4xlF/UNTmTA/pE0Bug9ME
5UhzkM60Ahm26K4JLFn/CABiyV7hlzeD0n5rTZ+aL5Db81I9s/mKudzwBHOdDY9X
2A8T/ofhamVFSiXnwL4d9UC3v9q/9x0rsExI3rAqUD8i9ajiIHZ9Mm4yoJma
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:45 2024 by rpki-client on console-ams.rpki-client.org