Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/6xW8kVOhekEdpQWV8SzVjOTXyM0.roa
File: 6xW8kVOhekEdpQWV8SzVjOTXyM0.roa (raw, json)
Hash identifier: +8Lql23o1pEujdkwdmP1awFyX9RgrylUQPkgZJwPtco=
Subject key identifier: EB:15:BC:91:53:A1:7A:41:1D:A5:05:95:F1:2C:D5:8C:E4:D7:C8:CD
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018C81A691DA17BA7F0D6C9385D3000CD33E
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/6xW8kVOhekEdpQWV8SzVjOTXyM0.roa
Signing time: Tue 19 Dec 2023 10:37:06 +0000
ROA not before: Tue 19 Dec 2023 10:37:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 24
81.22.140.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
109.72.116.0/24 maxlen: 24
109.72.118.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 21 Dec 2023 09:31:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:81:a6:91:da:17:ba:7f:0d:6c:93:85:d3:00:0c:d3:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Dec 19 10:37:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eb15bc9153a17a411da50595f12cd58ce4d7c8cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:91:f1:04:c3:a2:c0:be:65:05:75:1a:c9:6e:
57:1d:f9:30:0f:3a:c9:46:24:b1:01:b4:ca:03:4a:
47:29:12:9c:8d:2a:8c:bb:9c:92:be:3a:b5:72:b2:
4e:ab:42:5d:92:b7:ad:b0:c5:32:ec:c0:c5:df:3d:
8a:e1:d0:b9:f3:91:ef:c5:dd:88:82:ef:e6:b1:c8:
24:67:38:17:d3:f2:db:f1:7c:f9:83:22:e5:aa:2f:
3b:91:88:d0:ab:a2:42:60:18:4f:e2:df:d4:da:b2:
3d:87:6a:f5:71:35:d7:fa:6f:02:50:78:63:b5:eb:
59:24:11:d7:32:af:cb:ea:61:10:e5:4d:0c:1f:05:
b4:03:8c:0f:53:a9:74:5d:5f:80:06:3e:8e:95:af:
42:d7:fa:59:ce:9b:22:dd:d3:a1:53:49:00:5f:43:
b6:01:e8:da:65:1a:97:21:b9:71:88:6e:57:98:03:
21:41:71:68:37:38:c0:c7:33:ca:7f:9b:01:d8:54:
de:6d:d9:97:19:89:74:cd:6c:c1:04:ed:65:f8:3e:
91:67:b1:49:b9:5e:57:fb:ec:9e:19:c3:07:4d:37:
b5:88:30:eb:f6:19:3c:df:3e:13:f3:f3:8e:11:14:
03:c0:fa:3e:dc:0b:11:f6:51:36:73:9a:3c:20:bf:
ff:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:15:BC:91:53:A1:7A:41:1D:A5:05:95:F1:2C:D5:8C:E4:D7:C8:CD
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/6xW8kVOhekEdpQWV8SzVjOTXyM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:d0:19:1d:54:ce:5b:41:cf:c8:42:2e:dd:68:bb:af:d5:8a:
e7:bc:88:22:9d:57:06:98:18:c4:3d:51:6d:da:65:9b:48:17:
48:fd:ff:33:ca:48:ac:c0:4d:e2:62:2e:92:cf:41:9a:f1:31:
14:20:16:a6:69:c8:98:eb:85:45:4d:a2:c0:9b:f5:69:60:19:
0a:eb:c2:3e:f5:c7:49:c1:b0:e6:73:fa:4d:d3:ab:4a:9a:69:
f3:34:02:90:4c:ea:98:9f:f6:e8:91:8f:a8:15:d0:25:3c:7a:
13:fd:38:f6:4b:56:a3:46:8b:c5:12:f9:84:b3:60:9a:1e:f3:
d5:ab:a8:b0:40:45:64:04:ff:94:82:1c:f0:4c:c9:1d:fa:cd:
09:83:55:a1:c5:f0:7e:91:72:ff:67:74:ca:9d:92:36:74:fe:
06:14:6a:71:22:cc:0b:bc:80:07:26:99:01:8d:26:0c:5c:d0:
e8:59:0c:ac:31:0c:cd:7e:bf:ba:a9:7f:8e:03:41:ba:1b:fd:
fb:5c:33:77:db:6a:1d:aa:bb:d8:3c:14:11:33:8d:7c:42:ba:
ad:e1:48:60:55:fc:dd:cc:07:16:35:3f:67:e7:bc:42:72:2a:
2e:d3:ee:7e:03:d2:00:83:60:cc:49:5c:bf:1a:a9:0b:65:3a:
39:53:1a:46
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYyBppHaF7p/DWyThdMADNM+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMxMjE5MTAzNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjE1YmM5MTUzYTE3YTQxMWRhNTA1OTVmMTJjZDU4Y2U0ZDdjOGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5HxBMOiwL5lBXUayW5XHfkwDzrJ
RiSxAbTKA0pHKRKcjSqMu5ySvjq1crJOq0JdkretsMUy7MDF3z2K4dC585Hvxd2I
gu/mscgkZzgX0/Lb8Xz5gyLlqi87kYjQq6JCYBhP4t/U2rI9h2r1cTXX+m8CUHhj
tetZJBHXMq/L6mEQ5U0MHwW0A4wPU6l0XV+ABj6Ola9C1/pZzpsi3dOhU0kAX0O2
AejaZRqXIblxiG5XmAMhQXFoNzjAxzPKf5sB2FTebdmXGYl0zWzBBO1l+D6RZ7FJ
uV5X++yeGcMHTTe1iDDr9hk83z4T8/OOERQDwPo+3AsR9lE2c5o8IL//TQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOsVvJFToXpBHaUFlfEs1Yzk18jNMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvNnhXOGtWT2hla0VkcFFXVjhTelZqT1RYeU0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDURaIAwQC
WbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQBf0BkdVM5bQc/IQi7daLuv1Yrn
vIginVcGmBjEPVFt2mWbSBdI/f8zykiswE3iYi6Sz0Ga8TEUIBamaciY64VFTaLA
m/VpYBkK68I+9cdJwbDmc/pN06tKmmnzNAKQTOqYn/bokY+oFdAlPHoT/Tj2S1aj
RovFEvmEs2CaHvPVq6iwQEVkBP+UghzwTMkd+s0Jg1WhxfB+kXL/Z3TKnZI2dP4G
FGpxIswLvIAHJpkBjSYMXNDoWQysMQzNfr+6qX+OA0G6G/37XDN322odqrvYPBQR
M418Qrqt4UhgVfzdzAcWNT9n57xCciou0+5+A9IAg2DMSVy/GqkLZTo5UxpG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:45 2024 by rpki-client on console-ams.rpki-client.org