Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/9QJO8DcsN5aLo9DmTBfr5hPi5JA.roa
File: 9QJO8DcsN5aLo9DmTBfr5hPi5JA.roa (raw, json)
Hash identifier: jVpbdbu1LKA19eYL8Jhj8XWhuOESfwe2zUhCAgWNzZI=
Subject key identifier: F5:02:4E:F0:37:2C:37:96:8B:A3:D0:E6:4C:17:EB:E6:13:E2:E4:90
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018CE4FDD014E885F4CFE6D89FDC6960E882
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/9QJO8DcsN5aLo9DmTBfr5hPi5JA.roa
Signing time: Sun 07 Jan 2024 17:34:48 +0000
ROA not before: Sun 07 Jan 2024 17:34:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 24
81.22.136.0/24 maxlen: 24
81.22.140.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 08 Jan 2024 04:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e4:fd:d0:14:e8:85:f4:cf:e6:d8:9f:dc:69:60:e8:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 7 17:34:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5024ef0372c37968ba3d0e64c17ebe613e2e490
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:5f:3c:f4:53:67:71:7e:01:0b:5b:70:71:02:
8b:ab:e8:fb:d5:0b:30:00:11:3e:b0:c3:d5:40:bb:
ea:12:cc:a7:42:89:df:27:8d:a7:90:9c:48:fa:67:
62:8d:47:28:1b:10:a1:be:99:e7:68:d1:58:f7:78:
98:34:78:64:fb:dc:cf:15:f2:1f:ff:62:80:a1:31:
f4:b2:c9:6d:52:a4:50:31:84:39:66:e9:7e:5e:53:
0e:3a:71:2c:8b:8a:db:dd:29:8e:e7:7d:93:09:78:
2d:b9:3b:48:d5:ae:95:7c:b8:09:97:16:33:2a:02:
41:a5:c4:f5:81:8a:3c:7c:99:ca:b6:65:59:50:3a:
bc:c6:ad:06:c9:21:3c:47:48:0a:dd:e7:32:73:4b:
fd:6c:3b:5c:13:b9:3f:39:d9:56:58:21:1c:f1:8f:
f7:05:c8:c1:9e:be:a4:b7:dc:7a:12:e4:7d:84:ec:
07:bc:92:90:a5:d6:80:2c:cd:d8:4e:32:c4:a1:f9:
d6:11:b9:8a:46:10:fe:f8:03:8d:53:72:32:40:c3:
27:2d:9e:85:07:50:d4:01:8c:a7:8e:a3:03:7d:61:
a6:7d:77:13:e9:77:d5:ee:a0:8b:63:5d:63:f3:0a:
e5:7a:7a:b0:82:e9:c5:c4:43:26:9d:0f:71:d2:07:
2a:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:02:4E:F0:37:2C:37:96:8B:A3:D0:E6:4C:17:EB:E6:13:E2:E4:90
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/9QJO8DcsN5aLo9DmTBfr5hPi5JA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
58:9f:36:1e:97:02:06:83:9a:29:0e:96:95:16:27:11:cc:94:
5c:d7:b0:98:0a:47:8e:04:3b:20:3a:17:ba:d8:b7:3f:c9:ac:
6a:45:12:e7:fe:31:80:99:18:72:c8:70:ce:4e:93:7b:5a:f3:
e0:07:ed:23:39:2e:bd:49:55:82:17:8d:3b:4e:2e:ec:16:94:
50:9b:3a:02:c3:66:8e:f0:e9:b7:89:24:a4:94:05:17:a1:74:
0d:eb:02:17:4a:c2:3d:d5:4b:54:a7:37:df:65:8f:de:5f:c4:
28:be:83:7a:39:21:4d:35:67:d9:3a:01:ad:d2:3a:4a:58:98:
ff:93:99:07:b9:31:41:94:f2:96:9e:9f:48:2e:e5:82:8a:0f:
73:8a:8f:53:06:8e:1c:a4:56:c7:45:08:4f:f3:2b:f3:b6:a4:
b2:d1:b9:39:cd:a8:00:58:b3:9d:c5:b8:e4:f9:f8:56:db:fd:
27:95:8c:21:bd:9b:b6:61:39:93:96:e4:69:dd:8d:6a:f5:e4:
d9:b8:5c:06:cc:31:18:73:0d:85:d1:40:9e:49:58:4b:26:83:
61:24:7f:75:ad:e1:fb:0b:4e:b3:09:f8:39:fa:69:a9:7b:84:
46:7d:dc:ea:b1:ce:26:7b:ff:c3:54:0b:b1:4f:92:fb:b8:05:
5b:15:c8:55
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzk/dAU6IX0z+bYn9xpYOiCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMTA3MTczNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTAyNGVmMDM3MmMzNzk2OGJhM2QwZTY0YzE3ZWJlNjEzZTJlNDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkl889FNncX4BC1twcQKLq+j71Qsw
ABE+sMPVQLvqEsynQonfJ42nkJxI+mdijUcoGxChvpnnaNFY93iYNHhk+9zPFfIf
/2KAoTH0ssltUqRQMYQ5Zul+XlMOOnEsi4rb3SmO532TCXgtuTtI1a6VfLgJlxYz
KgJBpcT1gYo8fJnKtmVZUDq8xq0GySE8R0gK3ecyc0v9bDtcE7k/OdlWWCEc8Y/3
BcjBnr6kt9x6EuR9hOwHvJKQpdaALM3YTjLEofnWEbmKRhD++AONU3IyQMMnLZ6F
B1DUAYynjqMDfWGmfXcT6XfV7qCLY11j8wrlenqwgunFxEMmnQ9x0gcqIwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPUCTvA3LDeWi6PQ5kwX6+YT4uSQMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvOVFKTzhEY3NONWFMbzlEbVRCZnI1aFBpNUpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDURaIAwQC
WbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQBYnzYelwIGg5opDpaVFicRzJRc
17CYCkeOBDsgOhe62Lc/yaxqRRLn/jGAmRhyyHDOTpN7WvPgB+0jOS69SVWCF407
Ti7sFpRQmzoCw2aO8Om3iSSklAUXoXQN6wIXSsI91UtUpzffZY/eX8QovoN6OSFN
NWfZOgGt0jpKWJj/k5kHuTFBlPKWnp9ILuWCig9zio9TBo4cpFbHRQhP8yvztqSy
0bk5zagAWLOdxbjk+fhW2/0nlYwhvZu2YTmTluRp3Y1q9eTZuFwGzDEYcw2F0UCe
SVhLJoNhJH91reH7C06zCfg5+mmpe4RGfdzqsc4me//DVAuxT5L7uAVbFchV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org