Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/GMduOdlpXtZWanDEfX_6siQ4e0s.roa
File: GMduOdlpXtZWanDEfX_6siQ4e0s.roa (raw, json)
Hash identifier: RmHCaHLvU8n94kYiRdSr+Rpsp+7H3aEXu/yUW3EYnt0=
Subject key identifier: 18:C7:6E:39:D9:69:5E:D6:56:6A:70:C4:7D:7F:FA:B2:24:38:7B:4B
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018CC649C5A3CA2A660979AA12D0A651DD4A
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/GMduOdlpXtZWanDEfX_6siQ4e0s.roa
Signing time: Mon 01 Jan 2024 18:29:32 +0000
ROA not before: Mon 01 Jan 2024 18:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 24
81.22.140.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sun 07 Jan 2024 17:34:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:c5:a3:ca:2a:66:09:79:aa:12:d0:a6:51:dd:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 1 18:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18c76e39d9695ed6566a70c47d7ffab224387b4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:4b:6a:6a:ea:4e:e6:bb:f3:39:b1:46:45:0e:
97:86:d1:94:4c:d0:7b:7b:4b:6d:4d:91:9f:e4:3f:
ea:89:39:74:a6:27:0a:af:35:8e:75:41:80:9d:8f:
23:ec:fa:97:e6:03:b1:04:af:e4:c8:8c:e7:35:b6:
56:e6:09:42:35:ff:f6:65:7b:03:4c:3c:a3:23:1e:
bf:50:a9:25:07:e5:f5:bc:cc:ef:b7:8e:68:b1:8e:
86:5e:4b:3a:29:04:65:6e:ff:1f:a8:7a:ff:cd:13:
c4:4e:ea:5e:dd:77:7c:ab:be:dc:87:ea:b4:b2:fc:
08:3c:c6:a0:e4:ad:e4:ac:8f:22:af:07:eb:ca:ee:
23:21:ba:f0:cd:4a:59:25:f9:5d:3d:3b:b6:f7:70:
c0:b3:ca:03:30:c2:fd:40:79:40:b9:fc:29:8b:a1:
3a:c6:4c:67:61:bb:b7:2e:0e:08:5e:be:82:93:26:
c7:8a:98:aa:55:e2:55:c5:14:4b:e3:13:50:fe:a5:
49:6f:5b:b6:05:ae:36:ec:76:46:55:93:7f:ad:c8:
3c:56:aa:ad:8a:73:dd:2b:c8:98:4d:2f:68:ed:f9:
1c:c5:8c:8c:53:6e:97:fe:53:38:a1:13:8e:a3:0e:
7e:b4:69:84:a2:02:4d:65:95:ca:45:36:a5:ae:84:
25:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:C7:6E:39:D9:69:5E:D6:56:6A:70:C4:7D:7F:FA:B2:24:38:7B:4B
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/GMduOdlpXtZWanDEfX_6siQ4e0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:b1:98:ed:1f:80:79:5e:5d:bc:b6:56:b1:2e:d1:f2:55:4e:
48:66:c1:b1:d9:45:1e:f5:46:8d:ef:37:74:74:a7:c9:95:ff:
2a:88:42:cd:60:5d:93:13:f9:eb:dd:d0:4c:d4:32:6c:ea:82:
4d:23:91:c9:33:ff:79:cd:a1:77:b8:92:06:9b:da:26:52:04:
20:3f:ba:c4:13:2e:02:1a:fe:5c:a8:cb:9d:33:66:44:52:d4:
6d:af:ed:43:66:e5:f6:84:3f:d6:ce:bc:d4:42:48:c0:ff:cc:
06:df:e6:72:7b:66:7d:1c:9e:bc:61:e6:8e:e5:ff:15:04:41:
aa:fd:ef:1d:9b:1b:f8:ab:4e:a4:2d:c0:73:d7:ef:69:e6:12:
b3:28:14:33:c0:22:f3:b9:50:d0:c7:99:ce:1f:ab:96:89:99:
aa:99:59:6d:42:41:cc:8b:6c:66:88:12:3a:bf:5e:27:dd:91:
6a:f1:6d:6f:e9:7b:42:62:80:13:bd:52:5d:af:17:b2:59:ae:
f5:9d:c9:c0:1a:2e:99:0c:36:f9:f5:82:68:99:0e:53:ff:dd:
c9:7f:00:e8:c5:eb:7d:86:09:7b:e6:48:6b:c0:7a:e2:d9:05:
e5:7f:fa:cd:a2:ac:5c:84:b6:0a:02:4e:a3:c9:0a:7c:a6:a5:
11:e4:09:42
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzGScWjyipmCXmqEtCmUd1KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMTAxMTgyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGM3NmUzOWQ5Njk1ZWQ2NTY2YTcwYzQ3ZDdmZmFiMjI0Mzg3YjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEtqaupO5rvzObFGRQ6XhtGUTNB7
e0ttTZGf5D/qiTl0picKrzWOdUGAnY8j7PqX5gOxBK/kyIznNbZW5glCNf/2ZXsD
TDyjIx6/UKklB+X1vMzvt45osY6GXks6KQRlbv8fqHr/zRPETupe3Xd8q77ch+q0
svwIPMag5K3krI8irwfryu4jIbrwzUpZJfldPTu293DAs8oDMML9QHlAufwpi6E6
xkxnYbu3Lg4IXr6CkybHipiqVeJVxRRL4xNQ/qVJb1u2Ba427HZGVZN/rcg8Vqqt
inPdK8iYTS9o7fkcxYyMU26X/lM4oROOow5+tGmEogJNZZXKRTalroQl3QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBjHbjnZaV7WVmpwxH1/+rIkOHtLMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvR01kdU9kbHBYdFpXYW5ERWZYXzZzaVE0ZTBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDURaIAwQC
WbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQCjsZjtH4B5Xl28tlaxLtHyVU5I
ZsGx2UUe9UaN7zd0dKfJlf8qiELNYF2TE/nr3dBM1DJs6oJNI5HJM/95zaF3uJIG
m9omUgQgP7rEEy4CGv5cqMudM2ZEUtRtr+1DZuX2hD/WzrzUQkjA/8wG3+Zye2Z9
HJ68YeaO5f8VBEGq/e8dmxv4q06kLcBz1+9p5hKzKBQzwCLzuVDQx5nOH6uWiZmq
mVltQkHMi2xmiBI6v14n3ZFq8W1v6XtCYoATvVJdrxeyWa71ncnAGi6ZDDb59YJo
mQ5T/93JfwDoxet9hgl75khrwHri2QXlf/rNoqxchLYKAk6jyQp8pqUR5AlC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org