Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/8btcrTIL7LUdguj-D_738YKpSQs.roa
File: 8btcrTIL7LUdguj-D_738YKpSQs.roa (raw, json)
Hash identifier: qdxK+ltQFbKAkURoX1pqSEaE8BwgV49qya7WaM5Se9E=
Subject key identifier: F1:BB:5C:AD:32:0B:EC:B5:1D:82:E8:FE:0F:FE:F7:F1:82:A9:49:0B
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018946052DDC2CEB42B5A329AF193E009973
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/8btcrTIL7LUdguj-D_738YKpSQs.roa
Signing time: Tue 11 Jul 2023 17:34:51 +0000
ROA not before: Tue 11 Jul 2023 17:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.185.24.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
89.185.2.0/24 maxlen: 24
81.22.130.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 15 Jul 2023 20:22:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:46:05:2d:dc:2c:eb:42:b5:a3:29:af:19:3e:00:99:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jul 11 17:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1bb5cad320becb51d82e8fe0ffef7f182a9490b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:0e:b8:7b:fb:a4:0e:8b:8b:fe:4c:3e:5c:74:
da:55:29:54:ba:78:2e:09:a7:f4:69:b9:75:7d:83:
3f:cf:82:58:fb:fb:83:e6:7c:0d:5a:86:64:e6:bc:
78:79:e1:94:42:49:6f:1d:9f:ed:79:60:30:c4:24:
68:c3:1f:ed:1d:eb:ed:78:f6:c3:02:20:f0:8d:05:
8d:b1:69:9b:21:c7:9a:43:8c:12:61:6f:e0:03:7e:
c2:63:ad:ff:18:63:ad:4f:f4:3f:1f:4d:48:42:8b:
4c:ac:c8:39:2c:35:a2:ae:ec:49:14:51:23:7b:6b:
62:4f:fe:a3:05:f2:f2:08:d2:e2:70:c9:ae:97:ab:
fb:51:99:1c:63:63:e1:94:d8:56:53:c8:5a:26:a6:
36:1f:43:7d:f5:f2:a7:9e:67:0b:42:42:18:e5:cc:
11:40:94:4d:27:0c:19:b8:96:14:2e:af:34:54:ec:
0d:5a:14:09:cc:9f:c8:2a:01:a7:2c:f4:32:57:0d:
61:eb:7e:31:1b:cf:f8:5e:71:90:44:d1:a5:23:8b:
b8:69:57:a9:f6:1f:dc:c9:98:9c:fa:98:1e:49:76:
56:67:7c:57:e7:ca:df:7f:c4:23:f2:e2:9e:b9:62:
ab:70:96:ee:9d:48:e4:0a:56:87:90:13:f9:5d:df:
81:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:BB:5C:AD:32:0B:EC:B5:1D:82:E8:FE:0F:FE:F7:F1:82:A9:49:0B
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/8btcrTIL7LUdguj-D_738YKpSQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.130.0/24
89.185.0.0/22
89.185.24.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
67:43:fb:f1:72:58:2c:bf:cd:7a:25:0b:4c:fd:02:58:74:d2:
a3:6b:92:6e:a5:69:ee:60:24:a0:7f:44:b4:f2:b9:0d:5b:87:
ea:f1:5b:30:20:00:11:30:c1:77:b5:c7:97:f2:2a:b5:84:ba:
30:22:48:b3:1f:12:13:02:72:93:10:44:73:1a:65:a3:e6:a2:
12:62:f5:9d:39:b1:a5:d5:5d:b0:e8:17:33:ae:34:01:8e:e6:
1e:17:c1:ee:38:ec:df:48:c8:3e:30:c6:63:df:97:61:e0:1c:
09:65:2c:16:e6:ae:a6:58:b7:7d:c0:98:80:fa:1e:69:c0:1f:
6c:4f:f7:cf:46:d3:69:9b:d2:0a:00:73:ae:08:a0:89:51:70:
bf:09:23:c7:c4:3d:9b:5b:e8:b6:aa:60:38:15:9f:12:54:51:
0e:df:60:c2:c0:a1:13:6f:9c:ff:8c:60:fe:3c:60:53:d7:a3:
e2:c6:ca:ce:fc:6f:f0:32:14:0b:7f:d9:dd:ec:b5:d0:75:c9:
c8:ec:eb:d0:45:26:4c:b2:d8:45:7d:e5:96:63:e3:be:d8:83:
d1:2c:26:51:49:3b:6b:db:83:45:6a:a3:c7:13:d9:e3:ee:bb:
62:7e:a7:5c:75:af:b4:16:b0:9c:0a:7d:cf:5f:f1:bb:9d:1c:
b3:c8:a6:1a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYlGBS3cLOtCtaMprxk+AJlzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwNzExMTczNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWJiNWNhZDMyMGJlY2I1MWQ4MmU4ZmUwZmZlZjdmMTgyYTk0OTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgg64e/ukDouL/kw+XHTaVSlUungu
Caf0abl1fYM/z4JY+/uD5nwNWoZk5rx4eeGUQklvHZ/teWAwxCRowx/tHevtePbD
AiDwjQWNsWmbIceaQ4wSYW/gA37CY63/GGOtT/Q/H01IQotMrMg5LDWiruxJFFEj
e2tiT/6jBfLyCNLicMmul6v7UZkcY2PhlNhWU8haJqY2H0N99fKnnmcLQkIY5cwR
QJRNJwwZuJYULq80VOwNWhQJzJ/IKgGnLPQyVw1h634xG8/4XnGQRNGlI4u4aVep
9h/cyZic+pgeSXZWZ3xX58rff8Qj8uKeuWKrcJbunUjkClaHkBP5Xd+BBwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPG7XK0yC+y1HYLo/g/+9/GCqUkLMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvOGJ0Y3JUSUw3TFVkZ3VqLURfNzM4WUtwU1FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAURaCAwQC
WbkAAwQCWbkYAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQBnQ/vxclgsv816JQtM
/QJYdNKja5JupWnuYCSgf0S08rkNW4fq8VswIAARMMF3tceX8iq1hLowIkizHxIT
AnKTEERzGmWj5qISYvWdObGl1V2w6BczrjQBjuYeF8HuOOzfSMg+MMZj35dh4BwJ
ZSwW5q6mWLd9wJiA+h5pwB9sT/fPRtNpm9IKAHOuCKCJUXC/CSPHxD2bW+i2qmA4
FZ8SVFEO32DCwKETb5z/jGD+PGBT16PixsrO/G/wMhQLf9nd7LXQdcnI7OvQRSZM
sthFfeWWY+O+2IPRLCZRSTtr24NFaqPHE9nj7rtifqdcda+0FrCcCn3PX/G7nRyz
yKYa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org