Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/4sETb1H6ZObUOy1iWvAQNv3SaB0.roa
File: 4sETb1H6ZObUOy1iWvAQNv3SaB0.roa (raw, json)
Hash identifier: I2XTxWDUl0XMdU/bOQll0z3QxkXqO8cMPHgKZ7sEilc=
Subject key identifier: E2:C1:13:6F:51:FA:64:E6:D4:3B:2D:62:5A:F0:10:36:FD:D2:68:1D
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018CEDDEF3718D4579ABDA5CA1846DC810F4
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/4sETb1H6ZObUOy1iWvAQNv3SaB0.roa
Signing time: Tue 09 Jan 2024 10:57:40 +0000
ROA not before: Tue 09 Jan 2024 10:57:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 24
81.22.140.0/24 maxlen: 24
81.22.140.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
109.72.123.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 09 Jan 2024 20:06:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ed:de:f3:71:8d:45:79:ab:da:5c:a1:84:6d:c8:10:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 9 10:57:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2c1136f51fa64e6d43b2d625af01036fdd2681d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:a6:23:23:4b:e7:de:4c:33:f9:45:3b:6a:74:
cd:2a:c8:60:17:09:91:29:94:07:23:75:6c:b2:2e:
18:39:e5:70:2f:bf:e2:12:ee:fa:82:9d:0f:1b:27:
2a:62:0f:19:1e:2a:5a:13:45:d2:df:f2:06:d6:f1:
02:bb:2b:96:34:ed:b5:02:1a:c4:b8:2c:d5:26:86:
90:94:d3:40:fa:fc:7b:15:c6:9c:69:09:d4:97:92:
8e:b1:85:18:36:85:04:fb:dc:63:27:43:48:5f:f9:
18:e7:e3:f5:5d:06:35:10:d2:3f:61:1c:0c:f8:1e:
4f:44:05:b7:ef:3b:1f:ab:0a:23:e5:63:36:c8:53:
01:2b:32:4d:a4:be:d6:0f:ec:61:4a:29:33:69:17:
76:ff:50:75:d6:0c:95:6c:e5:ac:17:6b:12:6a:53:
a7:79:a9:5b:17:a5:07:58:5c:dc:1b:0c:56:30:9f:
c6:e8:72:cd:3a:eb:b5:e6:13:9d:17:36:c6:84:8e:
66:8a:84:4b:6a:f4:e6:ca:42:60:60:04:81:d7:15:
62:c3:a5:35:6d:7f:1b:c8:9a:92:08:fa:85:b6:3e:
80:3b:72:69:a3:a2:e1:2c:f3:f3:4e:52:b4:8b:78:
88:65:16:ab:e1:d9:0d:30:2e:b1:cf:2d:7f:95:45:
26:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:C1:13:6F:51:FA:64:E6:D4:3B:2D:62:5A:F0:10:36:FD:D2:68:1D
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/4sETb1H6ZObUOy1iWvAQNv3SaB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
109.72.116.0/22
109.72.123.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:cf:03:1e:ff:ed:53:bf:92:d6:bc:c0:d8:2f:bd:b5:fa:78:
8b:42:3c:86:b3:67:4f:00:ae:09:97:7f:91:13:65:64:fc:c8:
1b:a8:63:33:12:69:e6:10:7d:5f:f2:4d:a1:9d:15:29:81:a0:
2b:b7:a0:07:75:d3:f6:3c:44:07:5a:34:e6:4d:c4:8b:3a:12:
cc:4d:09:91:6c:35:0f:f5:ef:13:12:f4:72:e8:d4:c9:e6:a2:
20:d7:36:51:95:6e:0e:80:eb:36:a5:43:9b:53:9b:7e:59:36:
29:61:63:f1:9e:ae:8a:22:b6:d2:97:e4:f3:cf:60:7c:b6:20:
e2:a0:ca:f5:44:09:65:1e:4a:da:a1:5c:8f:e1:8c:d2:10:90:
df:2c:e5:6c:9c:c9:fb:a8:8b:a7:f6:f5:ff:5c:b7:94:2c:ab:
03:2d:23:51:5c:f2:8a:b7:7d:04:f4:65:4f:7d:5b:c9:a3:0e:
20:5e:76:1d:c7:ea:9e:26:04:d1:c6:75:03:85:15:4f:5e:e1:
98:22:c7:8c:9b:af:8c:82:70:25:5d:0a:19:05:d5:e9:e3:fa:
b9:56:67:65:a5:76:d1:54:ff:99:49:02:a7:24:b0:fd:57:11:
c8:51:af:91:71:15:85:ea:6e:3b:9a:ca:fd:e4:a0:4d:71:ab:
0b:a5:1c:17
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzt3vNxjUV5q9pcoYRtyBD0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMTA5MTA1NzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmMxMTM2ZjUxZmE2NGU2ZDQzYjJkNjI1YWYwMTAzNmZkZDI2ODFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4KYjI0vn3kwz+UU7anTNKshgFwmR
KZQHI3Vssi4YOeVwL7/iEu76gp0PGycqYg8ZHipaE0XS3/IG1vECuyuWNO21AhrE
uCzVJoaQlNNA+vx7FcacaQnUl5KOsYUYNoUE+9xjJ0NIX/kY5+P1XQY1ENI/YRwM
+B5PRAW37zsfqwoj5WM2yFMBKzJNpL7WD+xhSikzaRd2/1B11gyVbOWsF2sSalOn
ealbF6UHWFzcGwxWMJ/G6HLNOuu15hOdFzbGhI5mioRLavTmykJgYASB1xViw6U1
bX8byJqSCPqFtj6AO3Jpo6LhLPPzTlK0i3iIZRar4dkNMC6xzy1/lUUmCwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOLBE29R+mTm1DstYlrwEDb90mgdMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvNHNFVGIxSDZaT2JVT3kxaVd2QVFOdjNTYUIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDURaIAwQC
WbkAAwQCbUh0AwQAbUh7MA0GCSqGSIb3DQEBCwUAA4IBAQB6zwMe/+1Tv5LWvMDY
L721+niLQjyGs2dPAK4Jl3+RE2Vk/MgbqGMzEmnmEH1f8k2hnRUpgaArt6AHddP2
PEQHWjTmTcSLOhLMTQmRbDUP9e8TEvRy6NTJ5qIg1zZRlW4OgOs2pUObU5t+WTYp
YWPxnq6KIrbSl+Tzz2B8tiDioMr1RAllHkraoVyP4YzSEJDfLOVsnMn7qIun9vX/
XLeULKsDLSNRXPKKt30E9GVPfVvJow4gXnYdx+qeJgTRxnUDhRVPXuGYIseMm6+M
gnAlXQoZBdXp4/q5VmdlpXbRVP+ZSQKnJLD9VxHIUa+RcRWF6m47msr95KBNcasL
pRwX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:45 2024 by rpki-client on console-ams.rpki-client.org