Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/9MqfVsz7A_Ch0bR4-KXBCGtqVd0.roa
File: 9MqfVsz7A_Ch0bR4-KXBCGtqVd0.roa (raw, json)
Hash identifier: 52d0PqpXtrCbebgHFRzUAtpdzcxYHlnRdjJVEIIH7co=
Subject key identifier: F4:CA:9F:56:CC:FB:03:F0:A1:D1:B4:78:F8:A5:C1:08:6B:6A:55:DD
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 01878E1DA9B7BE1BA3CC02FF3FA4A8D8B0AC
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/9MqfVsz7A_Ch0bR4-KXBCGtqVd0.roa
Signing time: Mon 17 Apr 2023 07:28:41 +0000
ROA not before: Mon 17 Apr 2023 07:28:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 81.22.135.0/24 maxlen: 24
89.185.24.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 23 Apr 2023 18:33:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8e:1d:a9:b7:be:1b:a3:cc:02:ff:3f:a4:a8:d8:b0:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Apr 17 07:28:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4ca9f56ccfb03f0a1d1b478f8a5c1086b6a55dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f7:95:bf:92:f6:a1:4e:9b:3e:3c:71:96:c8:
ba:2d:d8:a3:33:fd:2b:aa:c4:ba:21:cd:58:a9:7d:
11:9f:67:39:dc:30:bb:c7:b9:65:64:d7:98:4b:ea:
cd:3f:39:28:12:c3:77:eb:44:db:3d:db:eb:53:c0:
90:6e:dc:e4:4e:80:b6:db:74:84:ce:b8:54:0b:63:
54:0b:57:45:f3:4e:ed:84:e5:bd:5a:27:bd:38:ea:
8f:2d:0e:4f:76:75:5a:03:84:17:cf:54:ef:d3:f2:
1e:d5:d4:62:13:98:80:6d:80:77:fd:97:c0:26:f2:
27:a8:17:a0:41:ff:9a:1c:13:b1:69:c6:34:07:ca:
3a:f6:fa:05:58:72:3c:1c:30:88:41:1e:51:6b:83:
d9:7f:52:ce:f0:c3:56:0d:cf:2e:fb:f3:32:7b:e7:
92:63:e4:fc:53:10:57:27:da:38:6c:f5:3b:79:a5:
d8:24:d5:70:67:66:f6:95:f3:5c:7a:30:f3:1d:1d:
fe:fa:54:0b:61:4d:21:29:60:53:ef:e9:ec:2c:cb:
f0:ff:ea:96:76:60:eb:c1:8a:55:29:33:e3:22:2c:
7c:96:ad:cc:88:7e:31:54:43:e7:e3:37:c0:d0:15:
f6:8d:18:31:14:65:03:fb:57:e5:eb:74:67:1b:ce:
1c:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:CA:9F:56:CC:FB:03:F0:A1:D1:B4:78:F8:A5:C1:08:6B:6A:55:DD
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/9MqfVsz7A_Ch0bR4-KXBCGtqVd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.135.0/24
89.185.24.0/22
Signature Algorithm: sha256WithRSAEncryption
91:f9:19:42:b2:c2:e1:6d:8b:cd:69:c2:ea:ae:45:cc:07:fb:
3d:86:f4:79:51:0e:6c:e4:d2:4c:c1:58:6f:cd:37:2e:08:e2:
16:e2:ef:b5:9b:a0:c6:45:08:52:a0:fa:0d:14:0c:9e:d7:f6:
99:f4:0b:92:80:90:08:66:91:b1:7d:ad:92:ea:11:df:82:22:
b5:8b:2a:dd:3b:d5:b5:b4:84:65:ec:b6:af:e8:e0:04:94:f7:
4f:f9:e7:05:01:f7:79:d9:f5:e7:24:47:84:1b:9e:5b:bf:80:
9e:a6:1a:65:11:4b:ca:d6:9d:ee:1b:06:f3:2b:0f:15:66:a7:
8b:7f:66:2d:c1:58:2c:e0:72:b2:0e:35:8c:be:45:3c:95:a1:
11:de:a6:2f:8e:c0:9b:ea:9a:d6:59:04:2f:59:f3:bc:3a:7f:
71:36:fb:16:61:3c:b4:8f:2c:f0:54:4f:76:2a:b9:2d:86:27:
74:ff:60:34:6e:ae:3c:01:da:28:a2:40:e4:a3:e1:d5:e1:64:
17:9d:8b:bc:50:57:c3:1f:5f:48:5b:b5:db:c6:1b:fc:37:c8:
6d:fa:cf:50:81:9a:0f:2d:34:55:38:96:a5:b0:3d:10:71:08:
f8:d7:f6:c4:41:02:4c:e2:9f:1a:9b:e7:c0:21:9d:9e:a0:7a:
ad:58:f7:f0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYeOHam3vhujzAL/P6So2LCsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwNDE3MDcyODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGNhOWY1NmNjZmIwM2YwYTFkMWI0NzhmOGE1YzEwODZiNmE1NWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfeVv5L2oU6bPjxxlsi6LdijM/0r
qsS6Ic1YqX0Rn2c53DC7x7llZNeYS+rNPzkoEsN360TbPdvrU8CQbtzkToC223SE
zrhUC2NUC1dF807thOW9Wie9OOqPLQ5PdnVaA4QXz1Tv0/Ie1dRiE5iAbYB3/ZfA
JvInqBegQf+aHBOxacY0B8o69voFWHI8HDCIQR5Ra4PZf1LO8MNWDc8u+/Mye+eS
Y+T8UxBXJ9o4bPU7eaXYJNVwZ2b2lfNcejDzHR3++lQLYU0hKWBT7+nsLMvw/+qW
dmDrwYpVKTPjIix8lq3MiH4xVEPn4zfA0BX2jRgxFGUD+1fl63RnG84cmwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPTKn1bM+wPwodG0ePilwQhralXdMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvOU1xZlZzejdBX0NoMGJSNC1LWEJDR3RxVmQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAURaHAwQC
WbkYMA0GCSqGSIb3DQEBCwUAA4IBAQCR+RlCssLhbYvNacLqrkXMB/s9hvR5UQ5s
5NJMwVhvzTcuCOIW4u+1m6DGRQhSoPoNFAye1/aZ9AuSgJAIZpGxfa2S6hHfgiK1
iyrdO9W1tIRl7Lav6OAElPdP+ecFAfd52fXnJEeEG55bv4CephplEUvK1p3uGwbz
Kw8VZqeLf2YtwVgs4HKyDjWMvkU8laER3qYvjsCb6prWWQQvWfO8On9xNvsWYTy0
jyzwVE92Krkthid0/2A0bq48AdoookDko+HV4WQXnYu8UFfDH19IW7Xbxhv8N8ht
+s9QgZoPLTRVOJalsD0QcQj41/bEQQJM4p8am+fAIZ2eoHqtWPfw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:45 2024 by rpki-client on console-ams.rpki-client.org