Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/Bx2cxq_pLqRjw2deVfUB7rJ7neM.roa
File: Bx2cxq_pLqRjw2deVfUB7rJ7neM.roa (raw, json)
Hash identifier: QZMJEpxO3WweVGesU7MRXQWX4pEMhfrb2GUHG/cHOCo=
Subject key identifier: 07:1D:9C:C6:AF:E9:2E:A4:63:C3:67:5E:55:F5:01:EE:B2:7B:9D:E3
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018D5EC826FF783AEDBE71F310ABAEF378BE
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/Bx2cxq_pLqRjw2deVfUB7rJ7neM.roa
Signing time: Wed 31 Jan 2024 09:09:51 +0000
ROA not before: Wed 31 Jan 2024 09:09:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 23
81.22.140.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
109.72.116.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Feb 2024 18:55:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5e:c8:26:ff:78:3a:ed:be:71:f3:10:ab:ae:f3:78:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 31 09:09:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=071d9cc6afe92ea463c3675e55f501eeb27b9de3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:2e:92:b5:af:62:33:82:cb:e5:4a:69:5a:4d:
f2:17:12:b9:bc:94:4c:e8:4b:fa:d7:c4:78:49:19:
e4:c6:7c:2f:ff:d2:9f:b0:50:ac:a2:99:02:0e:a1:
2c:54:13:75:65:b0:98:22:09:0b:31:31:16:ef:82:
b4:37:71:f4:dd:0f:73:d2:44:34:24:b7:71:29:cc:
8c:a7:e1:11:c4:7a:5d:5b:9b:a3:a8:5d:65:72:e3:
ff:d8:4b:f0:7a:db:60:f0:79:40:60:d6:61:98:c4:
9c:b2:ce:cf:f4:e1:c8:a3:4c:cb:77:85:bd:c0:d0:
56:75:0f:bc:a1:e2:e9:04:9d:1c:32:98:43:47:08:
ad:a2:89:88:6e:b5:b3:f4:8e:fd:ac:68:00:91:25:
aa:db:28:eb:6c:4f:7d:e6:40:65:68:2a:14:bf:b3:
6b:56:90:ba:4d:7d:26:6e:81:95:4f:5a:95:6c:f6:
9c:3b:7f:68:1e:83:ec:8b:6e:f3:70:79:a6:4f:92:
ff:60:9d:4a:0a:23:0e:d4:b6:2f:9b:64:c2:19:f2:
a7:51:58:a7:10:53:a0:fe:61:0e:f8:01:f2:94:70:
1b:d4:6d:e6:d2:99:ce:21:40:30:45:b8:3e:b3:e1:
1a:dd:19:7f:b0:2a:d2:fd:da:b3:b3:5f:e5:dc:c6:
f4:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:1D:9C:C6:AF:E9:2E:A4:63:C3:67:5E:55:F5:01:EE:B2:7B:9D:E3
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/Bx2cxq_pLqRjw2deVfUB7rJ7neM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
26:50:9c:64:00:34:30:5e:a8:da:ff:6e:d7:ed:9a:44:8f:0d:
4d:af:d3:33:56:2b:b7:93:b7:aa:0f:09:04:00:dd:79:e7:d9:
68:f7:5e:cc:65:71:96:35:ad:18:ac:71:50:34:54:f5:d2:98:
52:e3:99:48:bc:e8:f9:73:06:57:90:40:a0:7c:6e:c6:1a:22:
ef:19:c0:a8:c5:d8:34:85:09:c2:40:57:cf:2f:d6:74:a3:66:
7c:c1:1a:85:fd:ba:06:00:64:92:e0:b1:b4:45:76:9d:5a:ce:
25:27:ea:39:bf:f3:49:b9:52:ec:83:76:a1:d7:d0:f6:29:3f:
79:66:b8:22:c9:d4:a9:a2:44:b1:82:dd:6f:1b:5f:db:50:2e:
04:74:0e:58:2a:6d:66:19:12:62:d1:79:28:3a:ed:a3:e4:d1:
ea:9d:c9:40:dd:79:c7:56:65:41:7a:e8:8c:36:17:a1:31:71:
52:7b:21:3c:35:0d:a9:c0:74:d5:fd:0f:c7:95:eb:cd:6a:79:
22:70:2a:c5:8b:2d:65:30:4c:36:05:16:ca:e4:33:10:7a:87:
4c:10:20:ab:1c:74:15:6b:6f:52:7e:07:9b:6a:7b:e8:49:ea:
26:37:ee:86:36:36:ad:5d:41:f9:39:55:59:39:8f:af:cc:e1:
d4:3d:c4:10
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1eyCb/eDrtvnHzEKuu83i+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMTMxMDkwOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzFkOWNjNmFmZTkyZWE0NjNjMzY3NWU1NWY1MDFlZWIyN2I5ZGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnS6Sta9iM4LL5UppWk3yFxK5vJRM
6Ev618R4SRnkxnwv/9KfsFCsopkCDqEsVBN1ZbCYIgkLMTEW74K0N3H03Q9z0kQ0
JLdxKcyMp+ERxHpdW5ujqF1lcuP/2Evwettg8HlAYNZhmMScss7P9OHIo0zLd4W9
wNBWdQ+8oeLpBJ0cMphDRwitoomIbrWz9I79rGgAkSWq2yjrbE995kBlaCoUv7Nr
VpC6TX0mboGVT1qVbPacO39oHoPsi27zcHmmT5L/YJ1KCiMO1LYvm2TCGfKnUVin
EFOg/mEO+AHylHAb1G3m0pnOIUAwRbg+s+Ea3Rl/sCrS/dqzs1/l3Mb0FQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAcdnMav6S6kY8NnXlX1Ae6ye53jMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvQngyY3hxX3BMcVJqdzJkZVZmVUI3cko3bmVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDURaIAwQC
WbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQAmUJxkADQwXqja/27X7ZpEjw1N
r9MzViu3k7eqDwkEAN1559lo917MZXGWNa0YrHFQNFT10phS45lIvOj5cwZXkECg
fG7GGiLvGcCoxdg0hQnCQFfPL9Z0o2Z8wRqF/boGAGSS4LG0RXadWs4lJ+o5v/NJ
uVLsg3ah19D2KT95ZrgiydSpokSxgt1vG1/bUC4EdA5YKm1mGRJi0XkoOu2j5NHq
nclA3XnHVmVBeuiMNhehMXFSeyE8NQ2pwHTV/Q/HlevNankicCrFiy1lMEw2BRbK
5DMQeodMECCrHHQVa29SfgebanvoSeomN+6GNjatXUH5OVVZOY+vzOHUPcQQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:45 2024 by rpki-client on console-ams.rpki-client.org