Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/1_Yrhjeq2JMZ0qDSFhHV1xpy2eY.roa
File: 1_Yrhjeq2JMZ0qDSFhHV1xpy2eY.roa (raw, json)
Hash identifier: fFjdWCy6atXB3uD0mzWkNQnN7RdC2iBEqlmd3lXDD/g=
Subject key identifier: D7:F6:2B:86:37:AA:D8:93:19:D2:A0:D2:16:11:D5:D7:1A:72:D9:E6
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018F92AC1F972F140EB5EE14448F42D5C693
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/1_Yrhjeq2JMZ0qDSFhHV1xpy2eY.roa
Signing time: Sun 19 May 2024 21:05:04 +0000
ROA not before: Sun 19 May 2024 21:05:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 23
81.22.140.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
109.72.116.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Aug 2024 08:30:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:92:ac:1f:97:2f:14:0e:b5:ee:14:44:8f:42:d5:c6:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: May 19 21:05:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7f62b8637aad89319d2a0d21611d5d71a72d9e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d3:6d:0d:81:5d:a7:c6:b9:50:e2:9d:8a:10:
04:7f:cd:71:19:b7:66:88:82:c0:81:41:ab:b2:54:
b4:1e:39:8b:90:ba:e9:a2:c9:a7:49:51:c0:e6:85:
83:b3:b7:d6:d2:3e:dc:d2:2d:b7:d5:b6:f0:01:56:
31:3a:54:4e:af:92:7c:d0:77:61:53:34:d7:f8:10:
6e:c0:fa:36:68:5d:23:17:f6:6e:fe:b0:ae:52:c6:
c7:af:d1:d1:43:5e:94:73:d6:32:90:02:bf:ef:1a:
cf:11:bb:d6:2c:f4:66:99:03:c0:06:b8:94:88:cf:
9c:dc:51:2e:7d:76:1f:76:02:81:e5:70:91:c2:22:
da:e3:9d:95:bb:de:33:63:e1:72:38:df:65:b5:78:
65:66:f9:b8:34:d5:9f:e0:9d:17:99:99:03:59:82:
9b:2c:82:d2:6c:1b:f4:1e:2c:08:5b:be:72:25:11:
49:63:a1:18:14:17:0f:85:24:c0:6b:9d:fd:d2:e7:
b6:e5:13:96:2d:d3:ad:7f:16:cc:1b:f9:d4:85:31:
20:52:9e:f6:f3:9d:46:63:18:09:6b:0d:20:de:33:
af:b1:fc:25:44:8a:b2:5e:f2:08:18:62:04:2e:b6:
fc:70:a9:7c:de:0d:c1:98:16:34:d3:4c:1b:21:86:
4d:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:F6:2B:86:37:AA:D8:93:19:D2:A0:D2:16:11:D5:D7:1A:72:D9:E6
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/1_Yrhjeq2JMZ0qDSFhHV1xpy2eY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
91:dd:64:30:60:c2:0d:82:f0:c2:6a:62:b1:5a:3d:0c:e6:cf:
2d:f0:e0:e9:a9:a8:bd:38:71:10:eb:39:fa:9a:59:ee:75:d9:
ac:5b:1d:8e:4a:02:83:9a:42:d5:43:81:75:6e:0e:e1:79:97:
18:01:c0:3d:bf:3b:01:9f:92:48:0b:4a:13:95:88:b0:8f:fd:
c1:e2:84:90:7a:cd:4b:d0:0f:65:f4:4a:30:d4:fd:5d:f4:d6:
33:89:9b:71:6e:03:61:3e:1d:1c:c0:04:ae:0b:34:b2:dc:e6:
5e:8c:4c:f1:e6:11:f9:a8:1f:de:e9:e3:3d:74:34:2a:a0:1a:
ec:06:8c:51:b5:59:cd:f6:f4:41:7a:f3:cc:73:a8:af:ed:c1:
12:65:e7:b3:ac:0b:af:54:6f:fd:38:ef:4f:6f:1f:f5:c5:c6:
8c:a7:47:03:6d:2e:17:de:d0:82:28:df:f3:6e:41:9f:9c:92:
14:b6:02:f7:23:26:3c:72:e3:dd:32:2a:0d:64:1f:4d:c0:48:
cf:56:5f:ae:70:f1:bf:7f:6c:33:a7:30:ad:e0:c4:ca:0d:c7:
5e:e3:1e:e0:2f:17:22:9a:7c:84:75:61:f8:53:37:bf:32:0f:
8c:08:60:d9:92:b8:7a:3d:08:34:68:08:c1:21:40:3e:6e:b9:
e1:21:d3:28
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY+SrB+XLxQOte4URI9C1caTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwNTE5MjEwNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2Y2MmI4NjM3YWFkODkzMTlkMmEwZDIxNjExZDVkNzFhNzJkOWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndNtDYFdp8a5UOKdihAEf81xGbdm
iILAgUGrslS0HjmLkLrposmnSVHA5oWDs7fW0j7c0i231bbwAVYxOlROr5J80Hdh
UzTX+BBuwPo2aF0jF/Zu/rCuUsbHr9HRQ16Uc9YykAK/7xrPEbvWLPRmmQPABriU
iM+c3FEufXYfdgKB5XCRwiLa452Vu94zY+FyON9ltXhlZvm4NNWf4J0XmZkDWYKb
LILSbBv0HiwIW75yJRFJY6EYFBcPhSTAa5390ue25ROWLdOtfxbMG/nUhTEgUp72
851GYxgJaw0g3jOvsfwlRIqyXvIIGGIELrb8cKl83g3BmBY000wbIYZNhQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNf2K4Y3qtiTGdKg0hYR1dcactnmMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvMV9ZcmhqZXEySk1aMHFEU0ZoSFYxeHB5MmVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDURaIAwQC
WbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQCR3WQwYMINgvDCamKxWj0M5s8t
8ODpqai9OHEQ6zn6mlnuddmsWx2OSgKDmkLVQ4F1bg7heZcYAcA9vzsBn5JIC0oT
lYiwj/3B4oSQes1L0A9l9Eow1P1d9NYziZtxbgNhPh0cwASuCzSy3OZejEzx5hH5
qB/e6eM9dDQqoBrsBoxRtVnN9vRBevPMc6iv7cESZeezrAuvVG/9OO9Pbx/1xcaM
p0cDbS4X3tCCKN/zbkGfnJIUtgL3IyY8cuPdMioNZB9NwEjPVl+ucPG/f2wzpzCt
4MTKDcde4x7gLxcimnyEdWH4Uze/Mg+MCGDZkrh6PQg0aAjBIUA+brnhIdMo
-----END CERTIFICATE-----
Generated at Tue Aug 13 11:36:48 2024 by rpki-client on console-ams.rpki-client.org