Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/EYeA5grbe2LUVdontPE5oPyqpFg.roa
File: EYeA5grbe2LUVdontPE5oPyqpFg.roa (raw, json)
Hash identifier: mNF7eJY32e4qcgz4B6vKQtGh+hcukwyt00bO/5PkmbE=
Subject key identifier: 11:87:80:E6:0A:DB:7B:62:D4:55:DA:27:B4:F1:39:A0:FC:AA:A4:58
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018C2477D2C4797D395679311C11202552BA
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/EYeA5grbe2LUVdontPE5oPyqpFg.roa
Signing time: Fri 01 Dec 2023 08:21:21 +0000
ROA not before: Fri 01 Dec 2023 08:21:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 24
89.185.24.0/22 maxlen: 24
81.22.140.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sat 02 Dec 2023 15:16:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:24:77:d2:c4:79:7d:39:56:79:31:1c:11:20:25:52:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Dec 1 08:21:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=118780e60adb7b62d455da27b4f139a0fcaaa458
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:c6:3d:5d:80:9c:b3:da:f6:4d:ce:81:0f:f4:
da:27:20:68:a3:21:98:f6:69:25:c8:fe:d9:03:f9:
00:c5:32:d5:02:db:ec:ae:5c:53:21:b8:6d:ac:ce:
c7:73:e1:35:37:06:f6:59:13:56:31:72:0a:e6:01:
c1:50:3d:3f:04:75:fb:1e:b3:e0:78:4f:68:93:14:
17:26:44:f9:c9:76:16:05:df:1f:8a:3f:1e:65:78:
02:f9:36:f4:b3:8e:43:1c:c4:b9:9f:8b:82:69:28:
a5:f4:93:f8:d6:88:5f:c0:a3:75:e2:87:10:c3:bd:
5f:2a:37:f6:5f:20:fe:a0:88:21:b8:b3:3c:4c:fa:
ed:48:20:56:f2:92:03:38:aa:0d:7d:14:53:3c:36:
b9:55:3e:a0:71:a5:fa:a4:ea:c3:4d:30:78:45:a3:
aa:69:cc:0a:f6:30:88:a7:e4:a0:1c:ad:7f:dc:40:
b3:f6:ce:bd:27:5f:c6:1c:d3:1d:89:d0:4b:8a:f9:
23:24:16:f5:01:2b:c5:f3:3c:f2:8c:f4:ef:ba:d0:
40:89:cd:63:73:07:49:47:da:7a:cf:c1:c2:8a:fc:
8f:c0:74:70:a1:1a:4d:53:96:35:d3:76:10:8f:30:
df:a0:a3:f0:35:16:3b:cd:34:73:a2:1d:78:fd:da:
6a:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:87:80:E6:0A:DB:7B:62:D4:55:DA:27:B4:F1:39:A0:FC:AA:A4:58
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/EYeA5grbe2LUVdontPE5oPyqpFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
89.185.24.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
97:6a:ee:ec:c0:60:60:95:c1:58:f6:d5:f2:7e:47:bb:e2:c8:
fb:30:9d:73:44:da:12:6f:b8:6c:0b:08:da:30:54:c8:59:6c:
ef:15:59:b7:92:d3:cd:e7:db:e3:79:60:cc:84:d4:47:da:02:
d1:86:72:89:23:35:27:7f:01:3c:30:9f:22:55:d1:d1:a9:9c:
4e:06:7a:09:36:8a:ad:6a:b8:60:f6:f1:19:28:db:82:26:be:
07:11:17:e8:2b:ad:85:8e:26:c3:4d:dd:e6:a4:7f:07:68:83:
9a:b0:9e:01:c6:ac:95:90:ce:95:21:66:4e:90:55:37:76:63:
72:95:93:14:70:d6:89:d2:5c:70:a0:e5:85:e6:91:ff:33:5d:
b6:b7:27:f6:25:1b:f3:04:cd:ee:95:5b:a0:e0:41:2b:41:66:
35:ce:d6:1e:e3:5d:02:be:e4:fc:52:86:23:b5:45:7d:66:d2:
5a:c0:fa:18:63:ef:5d:1c:c1:e5:51:65:7b:51:94:37:0c:41:
87:15:af:7c:b5:a7:b5:0f:84:af:fa:ca:5c:b6:0b:85:b4:7f:
20:6a:9f:65:df:16:70:54:69:2c:03:4b:e7:ed:c1:c1:e2:3e:
c0:29:d1:9d:7d:d3:48:ea:e4:b7:9a:4d:ff:81:79:83:9d:84:
de:87:44:ef
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYwkd9LEeX05VnkxHBEgJVK6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMxMjAxMDgyMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTg3ODBlNjBhZGI3YjYyZDQ1NWRhMjdiNGYxMzlhMGZjYWFhNDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcY9XYCcs9r2Tc6BD/TaJyBooyGY
9mklyP7ZA/kAxTLVAtvsrlxTIbhtrM7Hc+E1Nwb2WRNWMXIK5gHBUD0/BHX7HrPg
eE9okxQXJkT5yXYWBd8fij8eZXgC+Tb0s45DHMS5n4uCaSil9JP41ohfwKN14ocQ
w71fKjf2XyD+oIghuLM8TPrtSCBW8pIDOKoNfRRTPDa5VT6gcaX6pOrDTTB4RaOq
acwK9jCIp+SgHK1/3ECz9s69J1/GHNMdidBLivkjJBb1ASvF8zzyjPTvutBAic1j
cwdJR9p6z8HCivyPwHRwoRpNU5Y103YQjzDfoKPwNRY7zTRzoh14/dpqdwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBGHgOYK23ti1FXaJ7TxOaD8qqRYMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvRVllQTVncmJlMkxVVmRvbnRQRTVvUHlxcEZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDURaIAwQC
WbkAAwQCWbkYAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQCXau7swGBglcFY9tXy
fke74sj7MJ1zRNoSb7hsCwjaMFTIWWzvFVm3ktPN59vjeWDMhNRH2gLRhnKJIzUn
fwE8MJ8iVdHRqZxOBnoJNoqtarhg9vEZKNuCJr4HERfoK62FjibDTd3mpH8HaIOa
sJ4BxqyVkM6VIWZOkFU3dmNylZMUcNaJ0lxwoOWF5pH/M122tyf2JRvzBM3ulVug
4EErQWY1ztYe410CvuT8UoYjtUV9ZtJawPoYY+9dHMHlUWV7UZQ3DEGHFa98tae1
D4Sv+spctguFtH8gap9l3xZwVGksA0vn7cHB4j7AKdGdfdNI6uS3mk3/gXmDnYTe
h0Tv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org