Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/6DaLjeGyhnS4YOP1cp9gSp6N-tc.roa
File: 6DaLjeGyhnS4YOP1cp9gSp6N-tc.roa (raw, json)
Hash identifier: Ox3PPzIr3Pq+lECJ/jiSzMWT6heARIQpzrOeGDOlmno=
Subject key identifier: E8:36:8B:8D:E1:B2:86:74:B8:60:E3:F5:72:9F:60:4A:9E:8D:FA:D7
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018CE7557BCF2222FEF240FD2CE90FED2E81
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/6DaLjeGyhnS4YOP1cp9gSp6N-tc.roa
Signing time: Mon 08 Jan 2024 04:29:48 +0000
ROA not before: Mon 08 Jan 2024 04:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/24 maxlen: 24
81.22.136.0/22 maxlen: 24
81.22.140.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
109.72.123.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 08 Jan 2024 10:35:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e7:55:7b:cf:22:22:fe:f2:40:fd:2c:e9:0f:ed:2e:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 8 04:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e8368b8de1b28674b860e3f5729f604a9e8dfad7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:61:af:7e:d7:f6:b3:1d:4b:ae:a5:53:d8:f9:
b1:94:4b:39:7d:e8:28:14:cc:d6:a2:8a:53:2f:72:
73:b1:54:87:dd:95:40:84:68:6d:38:9a:da:29:e3:
4a:a2:3a:56:83:81:52:0b:15:82:bf:4b:55:39:03:
1a:35:3e:df:f8:15:91:7a:d1:44:bc:2b:5a:ac:4e:
9c:b7:6d:14:cf:e0:42:71:c5:46:62:8a:d6:de:ae:
63:5d:f5:66:2a:e7:a9:f9:a8:f0:e5:c8:05:1f:25:
da:52:86:8d:82:c0:2a:f4:3a:ef:79:6b:98:78:16:
17:ac:30:38:fa:a5:74:3e:d5:a8:ae:7e:63:dd:0a:
6a:8a:97:b1:e6:e7:c6:22:ee:3c:be:00:44:11:bf:
24:fa:dc:53:b9:c0:25:0a:22:ee:68:44:af:60:58:
3c:43:6d:d6:f8:0a:18:ad:59:f8:08:7d:e6:32:2b:
51:66:2d:f7:32:f0:c9:9a:7f:e7:6f:24:e6:e2:8e:
5e:2b:3e:4a:a4:c9:8d:fd:6a:3a:d6:82:a6:21:64:
d1:54:8c:20:1d:c7:a1:32:f6:d5:35:34:d2:3b:e1:
6b:81:6f:8e:a6:d1:2e:0e:a1:26:bf:1b:36:61:28:
c1:ba:4e:4f:b7:26:ea:4f:04:4b:d6:92:fc:25:1d:
0b:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:36:8B:8D:E1:B2:86:74:B8:60:E3:F5:72:9F:60:4A:9E:8D:FA:D7
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/6DaLjeGyhnS4YOP1cp9gSp6N-tc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
109.72.116.0/22
109.72.123.0/24
Signature Algorithm: sha256WithRSAEncryption
72:30:23:ca:f6:e4:97:c7:6b:26:0f:24:95:3c:25:3b:17:e9:
12:b5:12:a3:57:40:56:1f:11:38:e7:ff:cc:a7:ce:13:82:f5:
16:78:15:25:3d:67:29:c3:ef:45:42:5c:ae:8e:8b:3a:f9:9f:
00:9d:f4:be:51:94:0b:77:03:60:29:f5:5d:87:2e:1d:3d:d7:
d2:83:55:46:c2:09:b0:03:dc:46:0a:2c:46:8d:64:4c:02:59:
72:13:1c:78:13:87:05:d1:3d:08:a2:be:b3:e0:5b:47:3f:f6:
6c:5a:dd:c1:75:eb:0c:27:f6:02:ae:9b:4e:e0:49:49:87:8a:
aa:ca:71:77:cd:ea:38:76:e1:fd:2e:9e:eb:0e:2f:fb:f9:a6:
5a:ce:7f:be:2a:82:6f:b1:0e:bc:8c:ee:4c:86:29:19:6d:d0:
59:ce:1e:da:58:11:cd:d6:da:5f:39:16:b3:fc:1e:98:ad:35:
29:1c:f9:c0:1d:cc:56:8c:a0:c4:9d:2c:61:ee:9f:2d:f3:4e:
21:b4:3c:6d:a3:b0:42:b1:73:00:bc:a2:db:45:f1:7c:08:93:
74:c1:ef:9b:52:08:4e:f7:d2:4c:27:ba:b5:3e:dc:7a:e6:22:
a7:4a:77:f0:90:7e:56:04:6f:bb:4b:e1:5a:b9:bf:1a:cc:6c:
de:b0:67:02
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYznVXvPIiL+8kD9LOkP7S6BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMTA4MDQyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODM2OGI4ZGUxYjI4Njc0Yjg2MGUzZjU3MjlmNjA0YTllOGRmYWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmGvftf2sx1LrqVT2PmxlEs5fego
FMzWoopTL3JzsVSH3ZVAhGhtOJraKeNKojpWg4FSCxWCv0tVOQMaNT7f+BWRetFE
vCtarE6ct20Uz+BCccVGYorW3q5jXfVmKuep+ajw5cgFHyXaUoaNgsAq9DrveWuY
eBYXrDA4+qV0PtWorn5j3Qpqipex5ufGIu48vgBEEb8k+txTucAlCiLuaESvYFg8
Q23W+AoYrVn4CH3mMitRZi33MvDJmn/nbyTm4o5eKz5KpMmN/Wo61oKmIWTRVIwg
HcehMvbVNTTSO+FrgW+OptEuDqEmvxs2YSjBuk5PtybqTwRL1pL8JR0LAwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOg2i43hsoZ0uGDj9XKfYEqejfrXMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvNkRhTGplR3loblM0WU9QMWNwOWdTcDZOLXRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDURaIAwQC
WbkAAwQCbUh0AwQAbUh7MA0GCSqGSIb3DQEBCwUAA4IBAQByMCPK9uSXx2smDySV
PCU7F+kStRKjV0BWHxE45//Mp84TgvUWeBUlPWcpw+9FQlyujos6+Z8AnfS+UZQL
dwNgKfVdhy4dPdfSg1VGwgmwA9xGCixGjWRMAllyExx4E4cF0T0Ior6z4FtHP/Zs
Wt3BdesMJ/YCrptO4ElJh4qqynF3zeo4duH9Lp7rDi/7+aZazn++KoJvsQ68jO5M
hikZbdBZzh7aWBHN1tpfORaz/B6YrTUpHPnAHcxWjKDEnSxh7p8t804htDxto7BC
sXMAvKLbRfF8CJN0we+bUghO99JMJ7q1Ptx65iKnSnfwkH5WBG+7S+Faub8azGze
sGcC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:45 2024 by rpki-client on console-ams.rpki-client.org