Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/9jZGmp0orGljpfVgVx963X-o-lY.roa
File: 9jZGmp0orGljpfVgVx963X-o-lY.roa (raw, json)
Hash identifier: EX2mCqpW99aQP/hyQepGYEyi0aYeNxZF+XlP6hBLj1I=
Subject key identifier: F6:36:46:9A:9D:28:AC:69:63:A5:F5:60:57:1F:7A:DD:7F:A8:FA:56
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 01869A56840893D98CC16D93F5CA82C545CD
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/9jZGmp0orGljpfVgVx963X-o-lY.roa
Signing time: Tue 28 Feb 2023 23:23:26 +0000
ROA not before: Tue 28 Feb 2023 23:23:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205220
IP address blocks: 109.72.127.0/24 maxlen: 24
89.185.0.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Apr 2023 08:09:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9a:56:84:08:93:d9:8c:c1:6d:93:f5:ca:82:c5:45:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Feb 28 23:23:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f636469a9d28ac6963a5f560571f7add7fa8fa56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c3:27:8c:a1:ab:b6:cf:a1:a8:a0:ff:5c:96:
45:cb:31:70:65:97:d0:a9:bb:64:0e:d8:ed:66:34:
8b:b3:fd:ce:6f:da:4b:5b:91:19:65:e2:33:90:1e:
a8:7e:9a:19:80:a9:36:db:76:e7:6f:d3:3b:6d:76:
0d:76:d0:1e:7d:39:1e:bd:5d:45:5b:f9:1e:7d:4d:
53:dd:6b:60:88:96:e7:a0:39:97:1e:97:0d:db:9c:
a9:ee:5a:2d:f2:ec:12:37:cc:22:dc:e8:7f:1e:8c:
29:2d:8b:a4:5b:75:60:81:b1:c0:47:f1:5f:ee:18:
a5:61:70:4b:1f:d5:39:4f:f2:ca:8a:b5:48:fc:96:
5f:e6:d0:fc:5e:92:d3:35:ef:58:d4:51:47:f6:05:
54:71:7a:0a:be:d2:b4:f7:67:f2:18:2f:79:d1:b3:
1b:59:df:1e:77:46:57:0c:7f:17:64:cd:5f:9e:90:
ba:6f:1f:95:bf:c7:32:5d:a6:8a:79:93:37:ec:78:
20:bd:1c:8c:fd:e9:e0:fe:95:ef:23:6e:22:14:3c:
58:36:2e:ca:73:38:49:39:41:ba:69:c9:e9:fa:9f:
05:3f:16:ed:d5:d7:23:7a:04:4b:3c:1b:fe:20:31:
36:ea:46:3e:15:5e:ff:54:72:20:30:e4:22:d7:c7:
b7:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:36:46:9A:9D:28:AC:69:63:A5:F5:60:57:1F:7A:DD:7F:A8:FA:56
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/9jZGmp0orGljpfVgVx963X-o-lY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.0.0/22
109.72.127.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:69:d5:8c:85:ff:91:f6:99:21:99:73:07:71:eb:d7:9c:20:
f0:5f:c8:88:3e:c7:4e:6e:7b:af:77:4f:35:41:0c:c8:1d:0a:
81:ae:61:f4:09:02:6f:d2:4a:30:58:45:0c:41:2c:02:96:8d:
65:a4:8d:58:3e:8e:42:bf:cf:d6:b6:e1:c4:af:3b:f0:7f:99:
d3:85:38:70:91:2d:78:d3:b0:2a:dd:3e:30:63:9a:04:b0:a5:
25:14:8d:34:ee:dd:a7:3b:29:63:2a:dc:74:7b:6c:03:93:2e:
44:61:1c:e7:14:09:d9:65:0f:fa:c6:c4:2a:30:b6:f5:eb:f9:
1d:08:bc:08:7d:c0:40:4a:54:fb:e0:02:d6:f1:7e:e9:80:3e:
66:68:a3:f3:30:4d:f7:83:02:b8:19:ac:30:6b:21:83:4f:21:
e6:00:7b:e2:62:7d:88:8b:b5:06:d0:57:46:8b:6d:6d:5e:4c:
e6:20:e7:2e:fe:56:dc:b5:31:a6:63:29:4d:43:79:1d:49:d7:
bf:66:d1:01:2a:ae:7e:68:6e:e0:84:65:67:e3:3f:e8:f8:96:
88:cf:7b:23:b0:4d:01:81:c7:8a:a3:12:29:78:56:d3:f9:2b:
75:fe:2a:61:22:52:12:33:13:14:e6:18:79:22:a1:0f:c1:0e:
2a:84:34:e1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYaaVoQIk9mMwW2T9cqCxUXNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwMjI4MjMyMzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjM2NDY5YTlkMjhhYzY5NjNhNWY1NjA1NzFmN2FkZDdmYThmYTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8MnjKGrts+hqKD/XJZFyzFwZZfQ
qbtkDtjtZjSLs/3Ob9pLW5EZZeIzkB6ofpoZgKk223bnb9M7bXYNdtAefTkevV1F
W/kefU1T3WtgiJbnoDmXHpcN25yp7lot8uwSN8wi3Oh/HowpLYukW3VggbHAR/Ff
7hilYXBLH9U5T/LKirVI/JZf5tD8XpLTNe9Y1FFH9gVUcXoKvtK092fyGC950bMb
Wd8ed0ZXDH8XZM1fnpC6bx+Vv8cyXaaKeZM37HggvRyM/eng/pXvI24iFDxYNi7K
czhJOUG6acnp+p8FPxbt1dcjegRLPBv+IDE26kY+FV7/VHIgMOQi18e3AQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPY2RpqdKKxpY6X1YFcfet1/qPpWMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvOWpaR21wMG9yR2xqcGZWZ1Z4OTYzWC1vLWxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWbkAAwQA
bUh/MA0GCSqGSIb3DQEBCwUAA4IBAQCKadWMhf+R9pkhmXMHcevXnCDwX8iIPsdO
bnuvd081QQzIHQqBrmH0CQJv0kowWEUMQSwClo1lpI1YPo5Cv8/WtuHErzvwf5nT
hThwkS1407Aq3T4wY5oEsKUlFI007t2nOyljKtx0e2wDky5EYRznFAnZZQ/6xsQq
MLb16/kdCLwIfcBASlT74ALW8X7pgD5maKPzME33gwK4GawwayGDTyHmAHviYn2I
i7UG0FdGi21tXkzmIOcu/lbctTGmYylNQ3kdSde/ZtEBKq5+aG7ghGVn4z/o+JaI
z3sjsE0BgceKoxIpeFbT+St1/iphIlISMxMU5hh5IqEPwQ4qhDTh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org