Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/3xpFPfzTSyTeQkR0bmHb0oxnHwo.roa
File: 3xpFPfzTSyTeQkR0bmHb0oxnHwo.roa (raw, json)
Hash identifier: qzqEUxmtMJjgOSHMXGYaZ0qv/rZbSLnWiLuYJQPB34M=
Subject key identifier: DF:1A:45:3D:FC:D3:4B:24:DE:42:44:74:6E:61:DB:D2:8C:67:1F:0A
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 01914ADCA40A28ED2A8655B8F362EAE71A6E
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/3xpFPfzTSyTeQkR0bmHb0oxnHwo.roa
Signing time: Tue 13 Aug 2024 08:30:59 +0000
ROA not before: Tue 13 Aug 2024 08:30:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 23
81.22.140.0/22 maxlen: 24
81.22.141.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
109.72.116.0/22 maxlen: 24
109.72.119.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Aug 2024 22:08:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4a:dc:a4:0a:28:ed:2a:86:55:b8:f3:62:ea:e7:1a:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Aug 13 08:30:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df1a453dfcd34b24de4244746e61dbd28c671f0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:8f:d8:2f:ec:29:cb:23:7a:78:62:da:e9:a3:
3b:e5:f1:53:99:ad:ae:57:1c:18:01:30:56:07:7c:
45:81:22:e3:aa:1a:20:5a:30:41:04:05:52:d2:cc:
9d:f1:82:dd:57:e2:28:4f:b1:ba:06:26:73:5b:c3:
bf:7a:ee:d2:b9:69:e7:d0:17:b2:4b:7b:bf:e6:62:
d9:51:e4:5f:67:a1:e6:80:5f:ac:a2:6d:9c:ea:a1:
b5:64:d0:b1:43:9d:ca:91:b4:0b:b7:d5:d1:0c:9e:
bb:63:88:f2:a1:bb:36:5c:30:04:82:33:f5:12:4e:
78:04:1b:db:81:e4:69:c5:43:98:45:1e:bc:f4:7d:
81:40:01:8c:48:d3:c1:32:dd:d1:44:1f:15:56:ef:
c9:96:e6:b7:54:e8:5e:c3:63:75:f1:87:58:ee:e4:
06:13:a8:cb:f3:4c:24:e0:36:33:5c:05:81:7c:d2:
8c:58:c3:ce:d1:d7:fd:74:e6:e5:c9:f2:f2:60:3c:
ec:c7:4c:f2:af:56:5b:84:59:b6:7f:fa:ad:d7:7c:
49:5b:b6:8e:4a:bb:cf:2a:42:86:ae:c5:4d:6e:32:
9d:af:47:b8:35:00:f1:a9:8a:a8:b3:27:0b:7e:5b:
22:e2:ce:0d:9f:32:d3:89:87:71:a8:e4:f2:23:62:
d1:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:1A:45:3D:FC:D3:4B:24:DE:42:44:74:6E:61:DB:D2:8C:67:1F:0A
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/3xpFPfzTSyTeQkR0bmHb0oxnHwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
24:8e:62:57:a9:f3:c1:d7:e2:ab:a7:3b:69:94:1b:08:6b:51:
48:01:45:fb:2f:39:25:a3:c7:9d:7c:9e:a8:3d:7a:a0:52:c7:
ad:95:45:b9:72:95:56:d9:44:5e:0d:2a:97:57:fe:4f:93:59:
95:f0:f6:b9:ee:c7:8c:18:07:10:10:b4:08:26:da:3b:04:30:
89:20:af:a7:78:c0:3a:3a:5f:01:e6:bd:f3:0f:50:78:31:8c:
b7:b5:f8:49:6d:75:4e:85:22:d9:cb:8d:b0:19:65:cc:79:42:
bd:8f:54:24:bd:d7:20:89:c6:f1:6d:90:06:27:49:71:67:c6:
1b:32:99:1d:20:d3:b8:79:a3:67:b5:4b:0a:57:a1:a1:d9:f3:
4e:5d:6f:7a:08:2c:95:39:15:ec:4f:6d:ba:e8:d9:7c:ba:8f:
51:fa:15:14:05:19:ad:44:80:bb:90:6a:e2:f4:76:30:21:02:
b6:5b:84:71:2d:91:2f:8d:f8:36:60:8e:a7:29:a3:39:0a:8d:
dc:9f:08:b9:1f:35:c1:f2:ee:09:b8:23:6f:39:8a:86:25:41:
bd:ca:5c:0d:1f:5c:76:ba:28:a5:92:04:bf:42:c9:45:c9:02:
6e:c6:18:de:93:69:22:4b:35:20:13:e9:78:cd:08:a7:3a:41:
77:a6:9a:b8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZFK3KQKKO0qhlW482Lq5xpuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwODEzMDgzMDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjFhNDUzZGZjZDM0YjI0ZGU0MjQ0NzQ2ZTYxZGJkMjhjNjcxZjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnY/YL+wpyyN6eGLa6aM75fFTma2u
VxwYATBWB3xFgSLjqhogWjBBBAVS0syd8YLdV+IoT7G6BiZzW8O/eu7SuWnn0Bey
S3u/5mLZUeRfZ6HmgF+som2c6qG1ZNCxQ53KkbQLt9XRDJ67Y4jyobs2XDAEgjP1
Ek54BBvbgeRpxUOYRR689H2BQAGMSNPBMt3RRB8VVu/Jlua3VOhew2N18YdY7uQG
E6jL80wk4DYzXAWBfNKMWMPO0df9dOblyfLyYDzsx0zyr1ZbhFm2f/qt13xJW7aO
SrvPKkKGrsVNbjKdr0e4NQDxqYqosycLflsi4s4NnzLTiYdxqOTyI2LRtQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN8aRT3800sk3kJEdG5h29KMZx8KMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvM3hwRlBmelRTeVRlUWtSMGJtSGIwb3huSHdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDURaIAwQC
WbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQAkjmJXqfPB1+KrpztplBsIa1FI
AUX7Lzklo8edfJ6oPXqgUsetlUW5cpVW2UReDSqXV/5Pk1mV8Pa57seMGAcQELQI
Jto7BDCJIK+neMA6Ol8B5r3zD1B4MYy3tfhJbXVOhSLZy42wGWXMeUK9j1Qkvdcg
icbxbZAGJ0lxZ8YbMpkdINO4eaNntUsKV6Gh2fNOXW96CCyVORXsT2266Nl8uo9R
+hUUBRmtRIC7kGri9HYwIQK2W4RxLZEvjfg2YI6nKaM5Co3cnwi5HzXB8u4JuCNv
OYqGJUG9ylwNH1x2uiilkgS/QslFyQJuxhjek2kiSzUgE+l4zQinOkF3ppq4
-----END CERTIFICATE-----
Generated at Tue Aug 13 23:45:41 2024 by rpki-client on console-fra.rpki-client.org