Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/32ROjoCrkbXS7P-H4wEzTUAodFE.roa
File: 32ROjoCrkbXS7P-H4wEzTUAodFE.roa (raw, json)
Hash identifier: /Mc7qJH/h85UzUa5pFpimvEL/tdVxpWqJTfb5tX85Jk=
Subject key identifier: DF:64:4E:8E:80:AB:91:B5:D2:EC:FF:87:E3:01:33:4D:40:28:74:51
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018A1C5CAB0162E1C4F53580C5D8AA683961
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/32ROjoCrkbXS7P-H4wEzTUAodFE.roa
Signing time: Tue 22 Aug 2023 08:29:09 +0000
ROA not before: Tue 22 Aug 2023 08:29:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 25 Aug 2023 13:02:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1c:5c:ab:01:62:e1:c4:f5:35:80:c5:d8:aa:68:39:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Aug 22 08:29:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df644e8e80ab91b5d2ecff87e301334d40287451
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:6a:2c:90:03:22:ae:24:e1:93:b4:4e:42:59:
14:67:a8:51:64:81:7f:87:29:57:2b:b9:74:6b:19:
b1:97:e7:8f:66:16:35:d7:3c:7d:bd:7b:b9:05:76:
98:ec:56:6e:38:b6:c8:2f:a7:58:a0:b9:23:85:bd:
22:a4:00:bc:3a:48:0c:4b:cb:d5:0e:01:8d:80:4e:
c8:57:4b:dc:d8:b9:37:5c:9b:00:f7:ba:f0:bb:c3:
3e:9e:d1:d8:ab:8f:9e:c7:a8:86:73:78:cc:72:69:
9c:b3:e8:43:13:39:cd:3e:91:30:12:9a:ef:64:ac:
88:cc:d2:60:4b:52:dd:fd:35:0c:bb:28:45:fd:a7:
b1:7c:c9:c0:1f:bf:9f:1f:cd:8a:e7:1b:16:92:7e:
a0:49:ba:9f:7a:b9:be:4f:15:6c:76:48:50:48:d6:
ed:a2:ab:4b:98:b4:7c:1d:48:14:db:f3:88:f0:00:
5e:ca:4e:40:9c:34:e4:5b:8c:aa:af:f8:84:28:60:
3f:e7:b7:3a:91:76:cd:71:1b:40:ee:86:ff:14:ff:
82:02:09:62:cc:5f:d4:d9:ad:be:87:7f:a7:fd:d3:
76:50:ad:21:a0:9d:25:25:ed:f4:f6:a7:00:45:18:
1f:e0:e5:d5:4c:f7:57:2e:02:de:4e:d0:23:16:94:
34:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:64:4E:8E:80:AB:91:B5:D2:EC:FF:87:E3:01:33:4D:40:28:74:51
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/32ROjoCrkbXS7P-H4wEzTUAodFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
05:05:53:9d:0b:8a:94:ee:6a:dc:60:c1:12:09:08:cd:3d:db:
ec:48:ab:34:05:09:c7:8a:4d:ee:17:d1:a1:0f:70:6a:44:dd:
4d:a3:f1:b3:dd:b3:f7:b7:ce:55:a6:32:f4:1d:40:70:d6:7b:
d0:90:d8:89:5f:54:29:f6:ea:ea:46:b7:0d:e0:61:1e:10:8b:
b5:43:da:e3:75:e3:dc:80:0e:bd:e2:12:67:cf:e1:87:9f:19:
19:4d:80:f7:7c:c7:5c:e6:ee:b0:6d:f0:26:ef:f9:82:82:c0:
2d:d5:3c:9d:a5:d2:54:27:f8:0a:ac:67:2d:07:45:fb:65:59:
36:f1:db:da:31:bd:a5:43:c1:84:74:68:9b:49:1d:f9:08:8f:
6c:97:5a:0b:9d:ca:03:12:66:fa:10:67:39:6f:70:51:4a:b2:
dc:8c:6b:fe:13:4b:24:eb:47:50:85:d2:92:b5:38:52:64:8e:
31:a7:5e:66:e7:ee:55:1e:44:bf:cf:d8:e8:3d:bc:80:6b:77:
d6:8f:eb:9d:ef:a7:7e:31:cf:29:8e:ff:c8:10:bf:01:ed:09:
8e:cb:7f:a3:81:97:16:cc:e3:95:9f:b9:3b:49:4c:42:a2:ec:
7a:5a:ca:bf:13:9c:07:19:18:29:3c:24:8f:01:31:c2:b7:48:
9a:ff:49:6e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYocXKsBYuHE9TWAxdiqaDlhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwODIyMDgyOTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjY0NGU4ZTgwYWI5MWI1ZDJlY2ZmODdlMzAxMzM0ZDQwMjg3NDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGoskAMiriThk7ROQlkUZ6hRZIF/
hylXK7l0axmxl+ePZhY11zx9vXu5BXaY7FZuOLbIL6dYoLkjhb0ipAC8OkgMS8vV
DgGNgE7IV0vc2Lk3XJsA97rwu8M+ntHYq4+ex6iGc3jMcmmcs+hDEznNPpEwEprv
ZKyIzNJgS1Ld/TUMuyhF/aexfMnAH7+fH82K5xsWkn6gSbqferm+TxVsdkhQSNbt
oqtLmLR8HUgU2/OI8ABeyk5AnDTkW4yqr/iEKGA/57c6kXbNcRtA7ob/FP+CAgli
zF/U2a2+h3+n/dN2UK0hoJ0lJe309qcARRgf4OXVTPdXLgLeTtAjFpQ0PQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN9kTo6Aq5G10uz/h+MBM01AKHRRMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvMzJST2pvQ3JrYlhTN1AtSDR3RXpUVUFvZEZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWbkAAwQC
bUh0MA0GCSqGSIb3DQEBCwUAA4IBAQAFBVOdC4qU7mrcYMESCQjNPdvsSKs0BQnH
ik3uF9GhD3BqRN1No/Gz3bP3t85VpjL0HUBw1nvQkNiJX1Qp9urqRrcN4GEeEIu1
Q9rjdePcgA694hJnz+GHnxkZTYD3fMdc5u6wbfAm7/mCgsAt1TydpdJUJ/gKrGct
B0X7ZVk28dvaMb2lQ8GEdGibSR35CI9sl1oLncoDEmb6EGc5b3BRSrLcjGv+E0sk
60dQhdKStThSZI4xp15m5+5VHkS/z9joPbyAa3fWj+ud76d+Mc8pjv/IEL8B7QmO
y3+jgZcWzOOVn7k7SUxCoux6Wsq/E5wHGRgpPCSPATHCt0ia/0lu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org