Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/G0fvoKoKEtd-8qGQyzi6C-GOkdQ.roa
File: G0fvoKoKEtd-8qGQyzi6C-GOkdQ.roa (raw, json)
Hash identifier: 2poOj2ujcdsvTwXDNpNvGyn+wCI0nKXgU/kL4QpwxyY=
Subject key identifier: 1B:47:EF:A0:AA:0A:12:D7:7E:F2:A1:90:CB:38:BA:0B:E1:8E:91:D4
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018D027ECD1CC88F5F8F32FE43BD0D97A23D
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/G0fvoKoKEtd-8qGQyzi6C-GOkdQ.roa
Signing time: Sat 13 Jan 2024 11:04:40 +0000
ROA not before: Sat 13 Jan 2024 11:04:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23470
IP address blocks: 81.22.141.0/24 maxlen: 24
109.72.119.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 13 Jan 2024 17:49:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:02:7e:cd:1c:c8:8f:5f:8f:32:fe:43:bd:0d:97:a2:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 13 11:04:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b47efa0aa0a12d77ef2a190cb38ba0be18e91d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:52:42:3b:0d:09:d6:7c:42:9e:57:6d:e2:21:
77:87:79:18:a2:d8:2c:8b:26:74:2d:12:90:10:fe:
d2:9c:95:da:a4:90:f0:05:89:d1:3a:e6:a9:94:ce:
be:d3:fe:40:d6:97:99:d0:f8:82:79:97:5d:55:2a:
fb:e6:e1:4c:50:7c:a2:89:52:29:03:13:9d:6a:d1:
f3:b6:d1:16:70:f5:36:27:c7:e2:54:79:f0:fd:2b:
36:71:a1:e2:b3:f1:ec:7e:e9:1a:cc:21:a6:e8:fd:
c6:af:72:3f:8a:b6:96:92:66:f0:fd:65:bb:71:b6:
eb:1e:4c:ea:57:62:e0:35:3f:71:9e:4c:8b:5c:d3:
1e:d7:8c:8c:77:f8:92:64:97:53:a8:cb:e7:e3:6e:
07:fd:75:eb:b3:41:1e:08:d9:35:d3:82:03:ae:61:
bf:d7:f9:9b:34:78:f7:17:bb:df:6c:35:21:c4:12:
4d:ff:95:f7:c1:99:ec:7f:53:84:17:75:1b:0e:43:
77:00:14:1f:df:eb:22:f8:55:da:e8:56:72:bd:e8:
30:ba:6b:a0:ec:3c:02:0e:48:ee:cf:5d:33:fa:ba:
01:ca:16:87:70:8c:07:a4:67:50:4b:23:4e:ed:a1:
9e:a2:27:85:dd:9f:6b:19:77:d3:40:b7:4a:1a:52:
25:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:47:EF:A0:AA:0A:12:D7:7E:F2:A1:90:CB:38:BA:0B:E1:8E:91:D4
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/G0fvoKoKEtd-8qGQyzi6C-GOkdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.141.0/24
109.72.119.0/24
Signature Algorithm: sha256WithRSAEncryption
81:63:48:08:7d:50:e8:28:d7:a6:21:de:2b:98:3f:80:07:28:
62:48:85:72:8f:46:95:3a:ad:e7:03:60:ba:bc:ca:2f:7e:5f:
41:47:7f:54:ca:2b:0c:fa:0f:20:e9:94:85:13:16:76:2c:49:
14:0c:d0:ec:55:23:7a:c9:25:15:e3:ee:f9:16:36:bc:15:5c:
23:1a:2d:94:f8:f8:fe:bf:71:6d:3a:31:49:f7:af:d1:82:fc:
f6:3f:34:73:39:63:c0:e8:2e:4b:21:89:79:27:25:bd:ce:8c:
fd:5a:95:e5:28:52:c0:ae:d3:89:ba:89:d6:6d:e4:3c:6e:c6:
19:33:96:35:72:8f:09:38:14:f6:2f:40:b8:ac:44:02:48:7f:
b7:d2:da:27:15:b3:ca:49:5e:4b:01:ae:d9:4d:54:d7:4b:ba:
bc:35:ce:9a:b5:f6:67:a6:37:f8:cb:f0:a1:de:07:97:01:8d:
d9:4d:6d:7e:59:29:16:e0:37:0f:f7:70:db:29:80:a4:ff:8e:
5b:0c:21:fb:61:0b:08:96:60:92:b0:25:78:cc:36:28:0e:3c:
0f:4f:18:a3:bd:e1:a7:e4:26:ad:66:f4:2d:1d:2b:88:f1:2b:
78:04:25:cb:0e:81:f0:cc:67:d8:ea:95:d8:8f:0f:6c:90:45:
65:0e:f1:a6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0Cfs0cyI9fjzL+Q70Nl6I9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMTEzMTEwNDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjQ3ZWZhMGFhMGExMmQ3N2VmMmExOTBjYjM4YmEwYmUxOGU5MWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1JCOw0J1nxCnldt4iF3h3kYotgs
iyZ0LRKQEP7SnJXapJDwBYnROuaplM6+0/5A1peZ0PiCeZddVSr75uFMUHyiiVIp
AxOdatHzttEWcPU2J8fiVHnw/Ss2caHis/HsfukazCGm6P3Gr3I/iraWkmbw/WW7
cbbrHkzqV2LgNT9xnkyLXNMe14yMd/iSZJdTqMvn424H/XXrs0EeCNk104IDrmG/
1/mbNHj3F7vfbDUhxBJN/5X3wZnsf1OEF3UbDkN3ABQf3+si+FXa6FZyvegwumug
7DwCDkjuz10z+roByhaHcIwHpGdQSyNO7aGeoieF3Z9rGXfTQLdKGlIlxwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBtH76CqChLXfvKhkMs4ugvhjpHUMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvRzBmdm9Lb0tFdGQtOHFHUXl6aTZDLUdPa2RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAURaNAwQA
bUh3MA0GCSqGSIb3DQEBCwUAA4IBAQCBY0gIfVDoKNemId4rmD+AByhiSIVyj0aV
Oq3nA2C6vMovfl9BR39UyisM+g8g6ZSFExZ2LEkUDNDsVSN6ySUV4+75Fja8FVwj
Gi2U+Pj+v3FtOjFJ96/Rgvz2PzRzOWPA6C5LIYl5JyW9zoz9WpXlKFLArtOJuonW
beQ8bsYZM5Y1co8JOBT2L0C4rEQCSH+30tonFbPKSV5LAa7ZTVTXS7q8Nc6atfZn
pjf4y/Ch3geXAY3ZTW1+WSkW4DcP93DbKYCk/45bDCH7YQsIlmCSsCV4zDYoDjwP
TxijveGn5CatZvQtHSuI8St4BCXLDoHwzGfY6pXYjw9skEVlDvGm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:45 2024 by rpki-client on console-ams.rpki-client.org