Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/2N7rck1M5wVDUVy341Q3dl1Zjrg.roa
File: 2N7rck1M5wVDUVy341Q3dl1Zjrg.roa (raw, json)
Hash identifier: /Kzt2ADye3AkcLxcrcd0iLDKaJULy0rxUKDeoH5CjPQ=
Subject key identifier: D8:DE:EB:72:4D:4C:E7:05:43:51:5C:B7:E3:54:37:76:5D:59:8E:B8
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 01928529F36625FE5E80D37C50178C4BD7FE
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/2N7rck1M5wVDUVy341Q3dl1Zjrg.roa
Signing time: Sun 13 Oct 2024 09:16:11 +0000
ROA not before: Sun 13 Oct 2024 09:16:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 23
81.22.140.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
109.72.116.0/22 maxlen: 24
109.72.119.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Oct 2024 18:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:85:29:f3:66:25:fe:5e:80:d3:7c:50:17:8c:4b:d7:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Oct 13 09:16:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8deeb724d4ce70543515cb7e35437765d598eb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:7e:ba:81:4c:5f:2c:ed:a8:78:7c:bd:a4:10:
47:d8:00:9f:84:3d:d6:d3:57:32:17:a5:9b:37:1b:
f2:b1:21:9f:d6:d7:c7:d8:a0:55:33:8d:16:d3:17:
ee:8c:cc:fb:eb:1b:77:9e:e8:c0:2c:ee:46:41:96:
50:6d:3f:e2:de:54:b0:b3:a2:5e:14:cd:25:ec:c8:
32:79:6e:3f:47:8d:27:e4:1b:bd:0c:b5:7d:6b:70:
d8:93:33:1a:65:ce:b8:72:5a:05:6f:84:39:3f:72:
0c:ae:b4:97:6d:20:58:8d:ff:49:a3:04:23:d1:c9:
56:a0:40:3e:51:8f:d9:f5:ec:ff:d8:89:2f:4a:e7:
66:ec:45:cb:af:34:be:d8:96:55:63:62:f0:d0:48:
7b:28:e2:1d:74:14:48:0f:9f:09:ca:85:79:b2:ed:
18:81:04:ae:1f:72:33:da:cd:b0:73:32:6f:1f:98:
6d:32:b2:ea:09:82:c0:8c:7b:b8:93:80:85:45:fc:
cd:46:d2:fd:29:9b:ea:90:c2:af:89:6e:7d:b3:09:
dd:91:76:10:35:38:77:b1:7a:dd:e6:3c:98:63:49:
0c:07:66:96:b7:3a:72:ff:75:72:a2:73:c6:b0:a0:
9e:ee:bb:44:c0:aa:42:b0:be:e5:b2:e0:fc:9d:3e:
0b:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:DE:EB:72:4D:4C:E7:05:43:51:5C:B7:E3:54:37:76:5D:59:8E:B8
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/2N7rck1M5wVDUVy341Q3dl1Zjrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:35:2c:e3:d1:58:31:23:b9:c5:d7:61:a8:83:c1:70:2b:c3:
98:a4:98:77:29:1d:89:98:a7:2b:e7:04:ac:1b:36:75:1a:82:
4d:a7:c8:d0:38:8f:8d:d9:2a:5e:95:ad:e6:dc:33:a4:0b:83:
58:e7:55:02:61:14:ce:47:cc:31:ba:db:d6:5f:ee:6d:70:0a:
d4:01:00:32:2c:a6:f6:b6:33:d3:a5:60:38:2d:7c:02:31:7a:
09:74:d1:8e:9d:76:a0:bc:1a:14:8a:a4:d7:0a:c0:14:86:44:
35:ae:0e:61:8c:41:23:1e:f8:c3:f9:64:01:d9:f0:02:60:93:
3f:d1:d5:cd:9a:45:2b:17:cf:16:20:36:61:cb:56:55:5f:08:
af:96:4c:7d:4a:78:6d:cd:1c:28:29:3a:75:84:f6:e5:75:e7:
79:52:e9:c0:c4:27:94:10:04:03:7d:24:43:80:c0:06:3a:f3:
3f:50:9a:39:6c:d9:88:18:54:27:61:9b:26:8f:5e:5a:40:a5:
68:03:d5:43:4e:a2:31:6a:3e:f0:44:0e:2a:85:e9:2b:0b:bd:
eb:bf:51:89:73:99:a7:8d:4b:52:5e:25:a3:a7:35:3d:9e:04:
76:72:1a:57:6d:73:95:d5:60:d5:ba:3f:52:74:98:b4:28:5f:
25:20:1c:00
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZKFKfNmJf5egNN8UBeMS9f+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQxMDEzMDkxNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGRlZWI3MjRkNGNlNzA1NDM1MTVjYjdlMzU0Mzc3NjVkNTk4ZWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArH66gUxfLO2oeHy9pBBH2ACfhD3W
01cyF6WbNxvysSGf1tfH2KBVM40W0xfujMz76xt3nujALO5GQZZQbT/i3lSws6Je
FM0l7MgyeW4/R40n5Bu9DLV9a3DYkzMaZc64cloFb4Q5P3IMrrSXbSBYjf9JowQj
0clWoEA+UY/Z9ez/2IkvSudm7EXLrzS+2JZVY2Lw0Eh7KOIddBRID58JyoV5su0Y
gQSuH3Iz2s2wczJvH5htMrLqCYLAjHu4k4CFRfzNRtL9KZvqkMKviW59swndkXYQ
NTh3sXrd5jyYY0kMB2aWtzpy/3VyonPGsKCe7rtEwKpCsL7lsuD8nT4LjQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNje63JNTOcFQ1Fct+NUN3ZdWY64MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvMk43cmNrMU01d1ZEVVZ5MzQxUTNkbDFaanJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDURaIAwQC
WbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQBuNSzj0VgxI7nF12Gog8FwK8OY
pJh3KR2JmKcr5wSsGzZ1GoJNp8jQOI+N2Spela3m3DOkC4NY51UCYRTOR8wxutvW
X+5tcArUAQAyLKb2tjPTpWA4LXwCMXoJdNGOnXagvBoUiqTXCsAUhkQ1rg5hjEEj
HvjD+WQB2fACYJM/0dXNmkUrF88WIDZhy1ZVXwivlkx9SnhtzRwoKTp1hPblded5
UunAxCeUEAQDfSRDgMAGOvM/UJo5bNmIGFQnYZsmj15aQKVoA9VDTqIxaj7wRA4q
hekrC73rv1GJc5mnjUtSXiWjpzU9ngR2chpXbXOV1WDVuj9SdJi0KF8lIBwA
-----END CERTIFICATE-----
Generated at Tue Oct 15 20:37:18 2024 by rpki-client on console-fra.rpki-client.org