Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/DUv7U64lQMxIDeg7QCb9F5Uyq0A.roa
File: DUv7U64lQMxIDeg7QCb9F5Uyq0A.roa (raw, json)
Hash identifier: xeAVsACMkLR4AJ6169ReA4ojmGe1puWvKo+2PcGM5oY=
Subject key identifier: 0D:4B:FB:53:AE:25:40:CC:48:0D:E8:3B:40:26:FD:17:95:32:AB:40
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018D0410B779E01F8A6AEF8B0041F89334AE
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/DUv7U64lQMxIDeg7QCb9F5Uyq0A.roa
Signing time: Sat 13 Jan 2024 18:23:40 +0000
ROA not before: Sat 13 Jan 2024 18:23:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 23
81.22.140.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sun 21 Jan 2024 10:44:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:04:10:b7:79:e0:1f:8a:6a:ef:8b:00:41:f8:93:34:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 13 18:23:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d4bfb53ae2540cc480de83b4026fd179532ab40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:6d:9d:bd:cb:f7:a1:54:6a:6e:fb:8d:94:d9:
04:0b:97:f8:6a:cf:cc:04:17:e6:81:38:79:6f:92:
b8:98:09:de:bf:1b:fe:9d:65:92:d9:fc:16:59:77:
5f:35:47:12:98:5e:a9:d9:0f:9e:36:74:7a:08:53:
38:95:fb:a1:3c:c2:27:6b:ae:12:90:24:98:12:6d:
51:44:e8:b0:4f:02:69:c3:e7:60:db:18:ae:e9:30:
88:60:69:61:66:a3:fc:94:61:48:ad:ac:ba:d3:03:
b6:bf:00:f7:8e:8f:5c:ad:91:4a:6e:04:2a:99:05:
10:61:25:ab:42:29:df:95:8f:06:2f:12:e0:ae:74:
66:6c:7e:8d:af:dc:cd:96:2a:87:9c:c6:2f:cd:aa:
15:06:96:b0:df:df:95:2b:2f:cb:a3:9c:46:f2:29:
d1:98:c0:2c:af:b0:f6:93:a2:00:08:88:9c:e7:c7:
f7:ed:7d:3a:44:44:5c:5e:f3:47:cb:09:c0:d2:45:
dc:42:1c:37:c7:0a:a3:b7:49:d6:37:16:cd:a1:e5:
ee:95:f2:49:bc:41:ab:00:58:9a:52:30:de:f1:59:
ca:7e:0e:4b:bf:5e:52:69:da:ef:be:e2:ab:8a:7c:
b9:0d:97:5c:d3:42:c7:b8:79:19:8f:31:de:43:80:
bf:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:4B:FB:53:AE:25:40:CC:48:0D:E8:3B:40:26:FD:17:95:32:AB:40
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/DUv7U64lQMxIDeg7QCb9F5Uyq0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
89:cc:9d:ce:d2:fc:8a:6f:bd:43:7d:93:1d:22:43:5f:6f:27:
c9:da:12:11:b3:4e:12:bd:8a:82:5f:5f:4a:ed:5c:67:e2:fd:
b7:ac:99:ff:1a:b9:5a:3e:6b:d5:76:4e:01:df:9e:0f:4f:24:
1c:03:0e:91:0b:7f:8a:b7:0e:a7:19:e0:69:3c:94:51:33:35:
f5:85:ec:3f:19:36:4b:ba:3a:36:50:47:6b:23:88:64:58:e1:
c4:b3:88:02:58:57:fc:25:ad:36:a7:fc:17:e5:ce:be:0c:71:
0f:15:12:dc:ce:c2:2e:14:63:20:f1:81:39:71:ca:9f:d6:4b:
94:34:6f:ee:59:42:60:8a:32:89:f9:12:72:01:d7:3e:3c:2c:
c9:92:59:f4:22:02:3e:91:35:a2:3c:a1:fa:45:03:73:39:9c:
9c:2d:1e:6e:0e:01:af:74:05:98:13:0f:ff:fd:fe:bd:a1:96:
00:09:10:84:d1:aa:88:71:8b:6d:2f:dc:26:65:71:46:ff:c8:
7a:7f:13:b9:19:e7:36:65:c5:99:b5:dc:f8:92:d6:82:1e:f5:
b6:28:74:2d:84:d0:78:07:d6:e9:a3:80:ab:7b:46:d0:e2:46:
55:30:1a:64:39:33:96:7b:8d:e5:5c:55:ce:d5:0a:58:d6:40:
44:81:93:37
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY0EELd54B+Kau+LAEH4kzSuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMTEzMTgyMzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDRiZmI1M2FlMjU0MGNjNDgwZGU4M2I0MDI2ZmQxNzk1MzJhYjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzG2dvcv3oVRqbvuNlNkEC5f4as/M
BBfmgTh5b5K4mAnevxv+nWWS2fwWWXdfNUcSmF6p2Q+eNnR6CFM4lfuhPMIna64S
kCSYEm1RROiwTwJpw+dg2xiu6TCIYGlhZqP8lGFIray60wO2vwD3jo9crZFKbgQq
mQUQYSWrQinflY8GLxLgrnRmbH6Nr9zNliqHnMYvzaoVBpaw39+VKy/Lo5xG8inR
mMAsr7D2k6IACIic58f37X06RERcXvNHywnA0kXcQhw3xwqjt0nWNxbNoeXulfJJ
vEGrAFiaUjDe8VnKfg5Lv15SadrvvuKriny5DZdc00LHuHkZjzHeQ4C/qQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA1L+1OuJUDMSA3oO0Am/ReVMqtAMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvRFV2N1U2NGxRTXhJRGVnN1FDYjlGNVV5cTBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDURaIAwQC
WbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQCJzJ3O0vyKb71DfZMdIkNfbyfJ
2hIRs04SvYqCX19K7Vxn4v23rJn/GrlaPmvVdk4B354PTyQcAw6RC3+Ktw6nGeBp
PJRRMzX1hew/GTZLujo2UEdrI4hkWOHEs4gCWFf8Ja02p/wX5c6+DHEPFRLczsIu
FGMg8YE5ccqf1kuUNG/uWUJgijKJ+RJyAdc+PCzJkln0IgI+kTWiPKH6RQNzOZyc
LR5uDgGvdAWYEw///f69oZYACRCE0aqIcYttL9wmZXFG/8h6fxO5Gec2ZcWZtdz4
ktaCHvW2KHQthNB4B9bpo4Cre0bQ4kZVMBpkOTOWe43lXFXO1QpY1kBEgZM3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:45 2024 by rpki-client on console-ams.rpki-client.org