Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/9wlB3igVqEENjaR2GUJ1my-n50g.roa
File: 9wlB3igVqEENjaR2GUJ1my-n50g.roa (raw, json)
Hash identifier: DNR38EJlI9ndzvBiSf8oChiOwA0NinnbXP5oqLWD8a4=
Subject key identifier: F7:09:41:DE:28:15:A8:41:0D:8D:A4:76:19:42:75:9B:2F:A7:E7:48
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018DC6BA48C39FF658E6F7C109B2E7E910AB
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/9wlB3igVqEENjaR2GUJ1my-n50g.roa
Signing time: Tue 20 Feb 2024 13:35:13 +0000
ROA not before: Tue 20 Feb 2024 13:35:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.135.0/24 maxlen: 24
81.22.136.0/22 maxlen: 23
81.22.140.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
109.72.116.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 15:54:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c6:ba:48:c3:9f:f6:58:e6:f7:c1:09:b2:e7:e9:10:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Feb 20 13:35:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f70941de2815a8410d8da4761942759b2fa7e748
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:1a:e2:2a:59:56:99:8b:c6:d5:80:7e:a3:6c:
15:46:dd:aa:18:e8:a9:ba:ae:e4:3f:f7:a1:fb:8d:
38:90:ef:7f:b9:f1:cb:90:7c:54:44:31:bc:83:39:
c2:0b:30:b6:25:a1:40:6c:38:10:77:cf:c3:6c:a0:
23:d6:2a:fd:f0:03:60:c1:f5:53:1f:90:6f:dc:5b:
ea:0a:0d:ac:88:ca:1a:4c:e8:41:fe:d5:a6:a6:77:
d1:6c:10:16:17:c9:22:79:44:f0:c6:21:58:7d:ea:
fa:83:bd:0a:0f:e8:29:e8:ae:42:c3:6e:a0:7e:44:
3d:48:75:45:c6:67:85:2d:1f:8f:e1:f7:57:b3:fa:
98:77:58:83:81:21:bd:e1:05:d4:1e:78:78:af:ed:
60:43:45:84:4b:c0:39:43:68:61:cb:da:04:2a:1b:
9e:65:ae:e8:94:86:32:10:00:cd:bb:14:f1:79:e5:
a4:37:e1:f3:25:30:cc:be:f6:ea:56:37:b2:f6:f2:
f4:84:42:ef:15:b1:52:40:59:d4:3e:b8:53:5d:f1:
45:63:f1:5c:eb:fc:34:f8:b7:b8:02:4e:bb:9e:0e:
e0:0e:01:81:35:7f:12:58:24:bd:10:2e:42:28:71:
58:0f:a9:b3:eb:54:c1:0a:ae:92:96:1f:ec:13:c7:
30:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:09:41:DE:28:15:A8:41:0D:8D:A4:76:19:42:75:9B:2F:A7:E7:48
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/9wlB3igVqEENjaR2GUJ1my-n50g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.135.0-81.22.143.255
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:77:3f:01:97:5c:a1:a9:a4:93:ca:ca:b3:0a:02:19:68:02:
f1:e9:77:b6:e2:6e:3d:74:5d:12:44:b4:e0:73:4b:14:83:28:
8e:e7:fc:32:ee:44:8c:6c:38:76:32:13:f3:e1:3e:2e:d0:0b:
ab:47:a3:17:53:00:55:62:fb:5e:e2:e9:2d:3c:3d:93:d4:76:
de:fa:c1:f2:5d:e9:95:84:fa:c4:c1:d1:75:4b:c0:dd:12:f2:
5e:b7:5c:ff:ae:16:e9:87:93:a6:9f:8c:7d:ac:e0:fb:f3:09:
16:54:17:11:e2:a9:68:a3:84:6f:8a:48:c9:20:28:49:a6:50:
94:50:d4:91:dc:5e:dd:95:a5:ae:e1:ad:e1:3c:26:39:92:3b:
00:60:a5:3b:4d:89:3e:f2:2d:ff:f6:72:e2:96:52:6e:e0:21:
48:10:d8:07:1f:df:cf:c9:71:44:dc:31:02:98:63:51:21:0f:
af:af:b8:62:d6:b9:7e:f3:a0:36:5e:12:5d:57:bc:ec:04:e9:
80:1d:cd:a1:2e:81:55:55:7c:56:37:c0:79:2d:ad:6b:3f:a1:
27:d2:59:9e:14:87:fb:a3:53:07:2b:76:4c:d3:75:6e:9e:06:
e1:98:ae:91:64:2c:e1:c6:25:b7:6e:fa:bb:d9:06:20:07:d8:
18:b5:8b:15
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY3GukjDn/ZY5vfBCbLn6RCrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMjIwMTMzNTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzA5NDFkZTI4MTVhODQxMGQ4ZGE0NzYxOTQyNzU5YjJmYTdlNzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhriKllWmYvG1YB+o2wVRt2qGOip
uq7kP/eh+404kO9/ufHLkHxURDG8gznCCzC2JaFAbDgQd8/DbKAj1ir98ANgwfVT
H5Bv3FvqCg2siMoaTOhB/tWmpnfRbBAWF8kieUTwxiFYfer6g70KD+gp6K5Cw26g
fkQ9SHVFxmeFLR+P4fdXs/qYd1iDgSG94QXUHnh4r+1gQ0WES8A5Q2hhy9oEKhue
Za7olIYyEADNuxTxeeWkN+HzJTDMvvbqVjey9vL0hELvFbFSQFnUPrhTXfFFY/Fc
6/w0+Le4Ak67ng7gDgGBNX8SWCS9EC5CKHFYD6mz61TBCq6Slh/sE8cwxwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFPcJQd4oFahBDY2kdhlCdZsvp+dIMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvOXdsQjNpZ1ZxRUVOamFSMkdVSjFteS1uNTBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABRFocD
BARRFoADBAJZuQADBAJtSHQwDQYJKoZIhvcNAQELBQADggEBAKN3PwGXXKGppJPK
yrMKAhloAvHpd7bibj10XRJEtOBzSxSDKI7n/DLuRIxsOHYyE/PhPi7QC6tHoxdT
AFVi+17i6S08PZPUdt76wfJd6ZWE+sTB0XVLwN0S8l63XP+uFumHk6afjH2s4Pvz
CRZUFxHiqWijhG+KSMkgKEmmUJRQ1JHcXt2Vpa7hreE8JjmSOwBgpTtNiT7yLf/2
cuKWUm7gIUgQ2Acf38/JcUTcMQKYY1EhD6+vuGLWuX7zoDZeEl1XvOwE6YAdzaEu
gVVVfFY3wHktrWs/oSfSWZ4Uh/ujUwcrdkzTdW6eBuGYrpFkLOHGJbdu+rvZBiAH
2Bi1ixU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org