Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/DIlWDcy8sZVtpSRCkL4lj3ghyws.roa
File: DIlWDcy8sZVtpSRCkL4lj3ghyws.roa (raw, json)
Hash identifier: mFFQ3XA+Xv1dFrDgTYTZWwifIY0mEiccvoiaqbo9DtQ=
Subject key identifier: 0C:89:56:0D:CC:BC:B1:95:6D:A5:24:42:90:BE:25:8F:78:21:CB:0B
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0189B6AA8E67EAAED4A7DF209B19701373C7
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/DIlWDcy8sZVtpSRCkL4lj3ghyws.roa
Signing time: Wed 02 Aug 2023 14:32:58 +0000
ROA not before: Wed 02 Aug 2023 14:32:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.185.24.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
89.185.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Aug 2023 17:54:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b6:aa:8e:67:ea:ae:d4:a7:df:20:9b:19:70:13:73:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Aug 2 14:32:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c89560dccbcb1956da5244290be258f7821cb0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:d9:f2:4a:48:b3:50:79:92:3d:fe:1a:63:ea:
40:1c:ae:33:0c:98:3f:90:c6:fa:a7:14:43:fa:ec:
49:8b:40:fb:23:fe:97:43:71:43:f0:83:99:37:2a:
0f:72:3f:3f:c1:5b:f2:47:0b:31:0b:5e:e4:7f:de:
4b:61:2c:4c:e6:5c:98:23:e7:b7:9b:d1:8c:03:92:
9c:16:91:90:2c:b3:8a:5b:34:9f:3a:6b:6b:ee:84:
5b:32:24:c1:a4:02:08:2a:c5:d0:cd:94:9e:3f:2e:
35:50:42:32:43:bd:31:0c:b3:30:b8:6a:ae:c9:ce:
67:0a:86:85:bb:20:e7:24:0e:37:28:32:44:00:26:
7d:c9:48:17:2e:2e:08:ed:9a:02:37:a3:2c:32:49:
95:bc:3a:3c:6a:78:c8:34:d0:aa:d5:ef:8d:d6:1e:
16:61:8c:74:c3:d9:7a:e4:0a:23:db:95:e7:6d:43:
e6:f5:5a:9a:32:57:6f:65:cd:a4:fb:f5:2c:19:0a:
ba:d3:78:8d:fc:95:da:23:6d:d6:7c:30:b7:f0:ac:
19:0c:b1:cb:2c:fb:45:e3:ab:f6:db:a6:10:ea:38:
73:37:85:59:3e:d4:50:1f:1b:1e:e3:e4:6d:ee:b6:
4e:f8:9f:b2:30:f7:9a:b2:40:be:4f:0e:58:71:09:
86:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:89:56:0D:CC:BC:B1:95:6D:A5:24:42:90:BE:25:8F:78:21:CB:0B
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/DIlWDcy8sZVtpSRCkL4lj3ghyws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.0.0/22
89.185.24.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:c9:aa:0c:ad:d0:70:23:a6:38:20:1d:3d:6e:ac:14:ac:ae:
04:79:5e:16:ce:5a:6c:b9:86:2c:71:f7:70:03:68:5a:4b:a8:
fd:bd:05:88:f3:e7:14:b5:be:12:31:a9:aa:0c:5f:8b:4a:ce:
d8:82:97:5c:ff:2e:6c:a5:eb:af:37:67:cd:7c:88:98:6d:4c:
e5:b1:f2:cf:89:4b:f2:2e:6f:1f:ff:79:6d:82:16:d6:f3:1b:
08:c0:b8:ad:86:b8:72:1a:6d:45:37:d5:bd:6d:32:36:d0:f0:
d9:f8:a1:10:85:0c:3c:78:e6:c7:fd:03:b1:f1:54:4f:68:00:
82:94:82:ae:2e:0e:30:a3:1f:c9:46:92:29:ad:18:ba:d4:88:
01:68:1a:26:03:0d:e4:df:3f:72:37:aa:8f:cc:7e:d5:c9:62:
3a:29:f3:ae:1a:8e:ef:c5:46:6f:90:a4:83:84:94:8a:f7:4d:
9f:28:9d:67:71:1f:e1:f3:48:b9:6c:42:67:17:ee:6f:69:5e:
e1:61:69:07:34:15:8c:b5:3c:a0:71:e7:ce:73:7c:58:10:d0:
1e:4a:68:38:9b:bc:12:59:97:c3:e5:a3:0b:b0:c3:3c:2d:09:
8a:93:a0:a8:0a:ef:28:e9:9f:5b:5d:69:06:7d:e5:86:6b:28:
c1:6d:dc:a4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYm2qo5n6q7Up98gmxlwE3PHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwODAyMTQzMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzg5NTYwZGNjYmNiMTk1NmRhNTI0NDI5MGJlMjU4Zjc4MjFjYjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdnySkizUHmSPf4aY+pAHK4zDJg/
kMb6pxRD+uxJi0D7I/6XQ3FD8IOZNyoPcj8/wVvyRwsxC17kf95LYSxM5lyYI+e3
m9GMA5KcFpGQLLOKWzSfOmtr7oRbMiTBpAIIKsXQzZSePy41UEIyQ70xDLMwuGqu
yc5nCoaFuyDnJA43KDJEACZ9yUgXLi4I7ZoCN6MsMkmVvDo8anjINNCq1e+N1h4W
YYx0w9l65Aoj25XnbUPm9VqaMldvZc2k+/UsGQq603iN/JXaI23WfDC38KwZDLHL
LPtF46v226YQ6jhzN4VZPtRQHxse4+Rt7rZO+J+yMPeaskC+Tw5YcQmG/QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAyJVg3MvLGVbaUkQpC+JY94IcsLMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvRElsV0RjeThzWlZ0cFNSQ2tMNGxqM2doeXdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCWbkAAwQC
WbkYAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQCKyaoMrdBwI6Y4IB09bqwUrK4E
eV4WzlpsuYYscfdwA2haS6j9vQWI8+cUtb4SMamqDF+LSs7Ygpdc/y5speuvN2fN
fIiYbUzlsfLPiUvyLm8f/3ltghbW8xsIwLithrhyGm1FN9W9bTI20PDZ+KEQhQw8
eObH/QOx8VRPaACClIKuLg4wox/JRpIprRi61IgBaBomAw3k3z9yN6qPzH7VyWI6
KfOuGo7vxUZvkKSDhJSK902fKJ1ncR/h80i5bEJnF+5vaV7hYWkHNBWMtTygcefO
c3xYENAeSmg4m7wSWZfD5aMLsMM8LQmKk6CoCu8o6Z9bXWkGfeWGayjBbdyk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org