Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/6lMZBOsKRNlCY4qNMQPZtiBJVco.roa
File: 6lMZBOsKRNlCY4qNMQPZtiBJVco.roa (raw, json)
Hash identifier: aLrpxOlpHZjApijTbUecP+47n646GCj15OgsSGFTXV4=
Subject key identifier: EA:53:19:04:EB:0A:44:D9:42:63:8A:8D:31:03:D9:B6:20:49:55:CA
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018B3CED9AD474DB5D15B7B1A5FB2A8645A6
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/6lMZBOsKRNlCY4qNMQPZtiBJVco.roa
Signing time: Tue 17 Oct 2023 09:18:06 +0000
ROA not before: Tue 17 Oct 2023 09:18:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.185.24.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
109.72.116.0/24 maxlen: 24
109.72.117.0/24 maxlen: 24
109.72.118.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
81.22.129.0/24 maxlen: 24
81.22.130.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Oct 2023 11:02:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3c:ed:9a:d4:74:db:5d:15:b7:b1:a5:fb:2a:86:45:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Oct 17 09:18:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea531904eb0a44d942638a8d3103d9b6204955ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:06:20:b9:7a:64:90:70:23:b3:0c:26:1f:f4:
7e:1c:be:d7:a8:eb:88:43:39:7d:d9:bf:8d:4f:02:
df:3e:27:fc:57:62:f6:76:1a:68:77:69:e2:1f:0e:
72:94:d8:20:6a:ee:e1:9e:56:f1:46:a5:66:0f:50:
5e:63:51:b2:1d:18:63:bb:72:4a:ef:6c:4f:9e:4c:
cf:13:42:e0:f1:59:2a:a7:47:49:15:e6:17:44:9a:
6f:01:5e:fe:5c:62:e1:4e:51:2a:c8:54:a3:69:4b:
65:2e:47:95:11:e9:c7:88:04:9e:56:42:2b:7d:db:
01:1a:97:73:c0:31:fa:0a:21:97:d5:cf:07:f6:69:
93:d1:b7:d8:4d:29:41:80:57:18:f0:9b:9b:4a:32:
dc:65:84:b2:1a:a3:fa:94:2b:56:8b:ad:b1:35:ed:
a3:a3:15:67:a4:a6:97:00:d9:3a:88:91:b2:e5:f0:
7e:34:8f:10:22:01:ba:63:06:ed:e4:8c:46:59:5d:
1a:fd:c6:9f:75:94:95:f4:f8:78:4b:af:3e:4a:73:
24:4b:f0:63:54:69:9d:2f:63:bf:34:83:cb:f5:0e:
ca:f6:f8:52:5f:e8:fe:42:a5:39:d1:8f:73:4c:20:
ab:40:92:06:d2:78:f6:52:ab:d8:0d:aa:12:cc:08:
75:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:53:19:04:EB:0A:44:D9:42:63:8A:8D:31:03:D9:B6:20:49:55:CA
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/6lMZBOsKRNlCY4qNMQPZtiBJVco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.129.0-81.22.130.255
89.185.0.0/22
89.185.24.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
34:16:c4:a9:46:91:f2:fb:af:93:90:58:67:5c:a1:b9:1c:89:
56:d7:21:01:d8:ab:72:74:e3:1d:af:c4:2a:83:e3:8a:44:24:
e9:2d:f2:86:c8:6a:7b:70:ba:19:a2:29:ce:34:7e:c4:46:26:
82:f7:dc:d4:17:19:ae:91:b4:56:2d:e0:c1:c6:50:eb:bb:f8:
d7:2d:64:fc:2d:13:9d:fe:67:80:66:47:ee:ca:5d:9e:2f:92:
2c:a6:be:2e:ca:a6:fe:a7:96:fe:58:d2:39:cf:4b:e7:33:5f:
78:4e:de:e2:11:f6:8f:8b:08:c7:e5:9c:08:86:fa:16:6d:4e:
24:54:7c:c2:d1:7a:a9:2b:56:03:4e:94:41:f0:c5:52:11:03:
77:d5:db:02:a2:0e:3c:aa:60:9e:9a:c3:13:33:76:14:ba:f6:
ab:5f:3b:9b:fb:c8:bd:b1:64:d9:e3:f8:b3:b5:18:52:b6:50:
99:6b:ab:5d:e0:0c:f1:86:a7:89:a2:49:7a:7b:46:17:29:17:
2d:aa:20:55:fa:bc:2b:26:79:33:2a:c5:58:32:e8:d4:5f:53:
37:28:70:2d:76:b8:f2:86:a7:16:9b:30:2a:ef:3a:12:c0:8e:
6a:fe:9c:ea:43:3d:a8:ed:d3:d9:18:74:0c:a2:5a:fe:08:b7:
38:ae:3d:51
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYs87ZrUdNtdFbexpfsqhkWmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMxMDE3MDkxODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTUzMTkwNGViMGE0NGQ5NDI2MzhhOGQzMTAzZDliNjIwNDk1NWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgYguXpkkHAjswwmH/R+HL7XqOuI
Qzl92b+NTwLfPif8V2L2dhpod2niHw5ylNggau7hnlbxRqVmD1BeY1GyHRhju3JK
72xPnkzPE0Lg8Vkqp0dJFeYXRJpvAV7+XGLhTlEqyFSjaUtlLkeVEenHiASeVkIr
fdsBGpdzwDH6CiGX1c8H9mmT0bfYTSlBgFcY8JubSjLcZYSyGqP6lCtWi62xNe2j
oxVnpKaXANk6iJGy5fB+NI8QIgG6Ywbt5IxGWV0a/cafdZSV9Ph4S68+SnMkS/Bj
VGmdL2O/NIPL9Q7K9vhSX+j+QqU50Y9zTCCrQJIG0nj2UqvYDaoSzAh1FQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOpTGQTrCkTZQmOKjTED2bYgSVXKMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvNmxNWkJPc0tSTmxDWTRxTk1RUFp0aUJKVmNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBABRFoED
BABRFoIDBAJZuQADBAJZuRgDBAJtSHQwDQYJKoZIhvcNAQELBQADggEBADQWxKlG
kfL7r5OQWGdcobkciVbXIQHYq3J04x2vxCqD44pEJOkt8obIantwuhmiKc40fsRG
JoL33NQXGa6RtFYt4MHGUOu7+NctZPwtE53+Z4BmR+7KXZ4vkiymvi7Kpv6nlv5Y
0jnPS+czX3hO3uIR9o+LCMflnAiG+hZtTiRUfMLReqkrVgNOlEHwxVIRA3fV2wKi
DjyqYJ6awxMzdhS69qtfO5v7yL2xZNnj+LO1GFK2UJlrq13gDPGGp4miSXp7Rhcp
Fy2qIFX6vCsmeTMqxVgy6NRfUzcocC12uPKGpxabMCrvOhLAjmr+nOpDPajt09kY
dAyiWv4ItziuPVE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:45 2024 by rpki-client on console-ams.rpki-client.org