Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/5T-9FddoTKLIXMFDj38LC0ortpo.roa
File: 5T-9FddoTKLIXMFDj38LC0ortpo.roa (raw, json)
Hash identifier: Il3sQrQI6vVt6Hf7d0S/6Wkf/i0HV08cOwhuaqSr3iE=
Subject key identifier: E5:3F:BD:15:D7:68:4C:A2:C8:5C:C1:43:8F:7F:0B:0B:4A:2B:B6:9A
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018A97A9EC4FA8FD92E3D2A2FB277FF9829E
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/5T-9FddoTKLIXMFDj38LC0ortpo.roa
Signing time: Fri 15 Sep 2023 07:06:50 +0000
ROA not before: Fri 15 Sep 2023 07:06:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.72.114.0/24 maxlen: 24
109.72.115.0/24 maxlen: 24
109.72.116.0/22 maxlen: 24
109.72.116.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
81.22.130.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Sep 2023 07:09:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:97:a9:ec:4f:a8:fd:92:e3:d2:a2:fb:27:7f:f9:82:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Sep 15 07:06:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e53fbd15d7684ca2c85cc1438f7f0b0b4a2bb69a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:a6:8d:95:8c:79:f2:47:c3:4e:d6:c1:a9:c6:
57:e9:8f:35:2b:71:17:a7:8f:d9:35:4c:61:7d:af:
56:0e:1f:c4:2b:31:71:40:eb:c7:20:ae:c6:4b:7f:
33:9b:69:88:3f:96:c8:65:53:98:86:cd:a0:d7:0b:
62:47:09:36:ca:67:b9:60:68:0b:af:64:51:bf:66:
0a:69:7c:60:e0:1f:c4:79:eb:a6:16:02:aa:eb:78:
81:5a:e8:b6:96:65:04:00:97:86:d3:bd:b5:fa:51:
cb:1c:e0:c5:51:2a:11:08:ce:92:14:db:86:e4:46:
52:1c:e2:f5:0a:df:a0:37:81:b2:f6:87:fb:58:d2:
fb:bb:cd:5d:c9:6c:2e:ac:3c:fc:b7:50:fc:0c:39:
37:81:77:aa:81:f2:12:5e:6c:88:77:2f:d7:8b:8d:
24:c1:91:a4:32:67:15:45:d0:bb:29:b2:f7:bb:de:
26:d7:7e:45:83:19:ec:51:cb:2f:fb:43:63:b4:d1:
96:56:ea:0f:81:d7:f1:14:d8:db:c3:8a:b8:c0:b0:
2b:f2:74:8c:6b:3a:f4:8a:e8:4b:93:06:c8:34:ce:
2a:14:5f:04:b6:ca:8e:2f:7e:f8:91:2f:93:39:d1:
b7:48:b3:b3:92:3a:24:ff:3a:ba:5c:ba:a8:24:9c:
aa:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:3F:BD:15:D7:68:4C:A2:C8:5C:C1:43:8F:7F:0B:0B:4A:2B:B6:9A
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/5T-9FddoTKLIXMFDj38LC0ortpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.130.0/24
89.185.0.0/22
109.72.114.0-109.72.119.255
Signature Algorithm: sha256WithRSAEncryption
2e:91:fa:bd:be:cf:a5:94:9d:47:69:39:fe:a9:31:8e:16:50:
ff:6e:33:5b:b0:ab:ef:94:2c:ee:e9:0b:12:04:de:c0:79:cf:
8f:65:d5:bb:97:6b:5b:5a:b3:f7:50:3d:88:cc:3d:7e:6e:b2:
89:de:74:b9:b6:a3:7e:d1:41:cb:85:40:27:f9:a2:e9:f6:4c:
20:eb:d4:51:ef:39:9a:64:3e:20:5a:aa:a4:98:c8:07:8a:b2:
a0:de:41:25:ba:17:fb:ec:25:e5:ae:c7:0d:93:fc:56:75:ea:
0e:e0:93:6c:1a:0b:2f:c9:77:f9:63:41:da:8b:f8:eb:bc:ea:
b6:51:ff:c3:fb:ce:81:ed:d4:2d:74:be:56:8c:5b:c3:04:3d:
ff:1d:a0:34:1f:66:bb:49:28:c3:de:0b:4d:93:85:69:9e:55:
72:41:e7:fc:8d:d1:ce:73:17:b0:b2:4b:99:64:52:b6:27:c7:
d7:21:1b:ba:2b:73:67:96:5f:07:b7:a8:c3:e2:10:b5:74:ed:
82:4a:6c:78:cc:22:b4:93:e5:85:5b:f6:7b:bf:60:eb:86:19:
38:b6:fe:76:a5:e2:71:73:35:6a:63:22:c1:63:16:e8:d2:98:
db:8e:7f:66:ed:5e:8e:2f:5d:ce:c9:4a:fd:3e:b3:4e:bd:4b:
20:2d:4e:9c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYqXqexPqP2S49Ki+yd/+YKeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwOTE1MDcwNjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTNmYmQxNWQ3Njg0Y2EyYzg1Y2MxNDM4ZjdmMGIwYjRhMmJiNjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgKaNlYx58kfDTtbBqcZX6Y81K3EX
p4/ZNUxhfa9WDh/EKzFxQOvHIK7GS38zm2mIP5bIZVOYhs2g1wtiRwk2yme5YGgL
r2RRv2YKaXxg4B/EeeumFgKq63iBWui2lmUEAJeG0721+lHLHODFUSoRCM6SFNuG
5EZSHOL1Ct+gN4Gy9of7WNL7u81dyWwurDz8t1D8DDk3gXeqgfISXmyIdy/Xi40k
wZGkMmcVRdC7KbL3u94m135FgxnsUcsv+0NjtNGWVuoPgdfxFNjbw4q4wLAr8nSM
azr0iuhLkwbINM4qFF8EtsqOL374kS+TOdG3SLOzkjok/zq6XLqoJJyqfwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOU/vRXXaEyiyFzBQ49/CwtKK7aaMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvNVQtOUZkZG9US0xJWE1GRGozOExDMG9ydHBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAURaCAwQC
WbkAMAwDBAFtSHIDBANtSHAwDQYJKoZIhvcNAQELBQADggEBAC6R+r2+z6WUnUdp
Of6pMY4WUP9uM1uwq++ULO7pCxIE3sB5z49l1buXa1tas/dQPYjMPX5usonedLm2
o37RQcuFQCf5oun2TCDr1FHvOZpkPiBaqqSYyAeKsqDeQSW6F/vsJeWuxw2T/FZ1
6g7gk2waCy/Jd/ljQdqL+Ou86rZR/8P7zoHt1C10vlaMW8MEPf8doDQfZrtJKMPe
C02ThWmeVXJB5/yN0c5zF7CyS5lkUrYnx9chG7orc2eWXwe3qMPiELV07YJKbHjM
IrST5YVb9nu/YOuGGTi2/nal4nFzNWpjIsFjFujSmNuOf2btXo4vXc7JSv0+s069
SyAtTpw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:45 2024 by rpki-client on console-ams.rpki-client.org