Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/Gl42z3tP_KxikJP62VG_chpADXo.roa
File: Gl42z3tP_KxikJP62VG_chpADXo.roa (raw, json)
Hash identifier: KMcEw6TQrnRGfRTAUlbJ+3iZUH3hUu6vh7Usn3xtEds=
Subject key identifier: 1A:5E:36:CF:7B:4F:FC:AC:62:90:93:FA:D9:51:BF:72:1A:40:0D:7A
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018B2D73F53720D7F9BAC14008AC8E47D643
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/Gl42z3tP_KxikJP62VG_chpADXo.roa
Signing time: Sat 14 Oct 2023 09:10:55 +0000
ROA not before: Sat 14 Oct 2023 09:10:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.185.24.0/22 maxlen: 22
109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 16 Oct 2023 10:31:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:2d:73:f5:37:20:d7:f9:ba:c1:40:08:ac:8e:47:d6:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Oct 14 09:10:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a5e36cf7b4ffcac629093fad951bf721a400d7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:96:16:ca:70:12:71:79:ef:38:d9:97:6a:08:
e2:da:01:16:13:c7:0e:a0:52:03:69:11:13:f8:60:
8f:af:0a:03:52:1f:d9:b7:bd:c6:8b:39:97:da:34:
cc:2e:40:de:02:15:2d:d0:64:7d:30:2f:1e:24:2e:
e6:76:91:79:91:17:ed:44:f3:e4:b1:bb:7c:1c:22:
65:f5:43:30:b8:0a:36:d5:17:6a:08:e0:1b:4d:63:
cb:75:a5:74:35:64:cc:04:5c:18:72:96:4c:a1:65:
37:71:d3:d1:b9:d3:59:06:fc:8e:73:3b:54:8b:76:
0f:6e:08:fa:c6:3b:af:b8:ab:28:3f:cb:9d:c8:90:
15:05:0b:3b:cb:fe:a1:fe:6a:97:11:10:54:97:66:
fa:24:9a:f6:e6:7c:1e:10:3e:97:4a:6f:79:81:05:
14:2e:d4:84:22:e2:c4:e0:a3:a3:62:f3:a9:88:4d:
e5:77:31:83:09:77:39:4f:f3:77:41:2d:2f:a1:6c:
a6:41:26:92:bc:2e:73:d2:88:2e:8f:b1:3f:31:ac:
81:ed:4c:b6:47:86:2d:9e:00:d4:7a:a9:5f:c0:9d:
27:b6:52:e0:75:e4:6f:4f:3a:cc:63:90:d2:6f:9e:
e6:e3:1b:f3:c0:0c:1a:77:ce:a4:f6:0a:f9:fb:b3:
50:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:5E:36:CF:7B:4F:FC:AC:62:90:93:FA:D9:51:BF:72:1A:40:0D:7A
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/Gl42z3tP_KxikJP62VG_chpADXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.0.0/22
89.185.24.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:32:e3:d9:85:72:a4:9d:54:28:3c:ea:3d:e0:1f:bd:21:a2:
83:2e:ed:d8:19:d2:c0:60:de:35:75:be:69:1a:85:9e:02:d3:
16:99:43:52:69:e6:da:26:d9:7a:42:d4:62:20:f2:c5:60:6f:
1d:49:f9:f6:06:33:c4:26:ae:94:1f:e7:f5:db:72:b2:75:01:
dc:5b:95:62:36:13:f7:e4:fe:c1:d8:5d:37:62:31:48:2c:44:
b1:71:b3:5c:9b:13:74:b0:4d:ed:19:af:dc:87:43:6d:02:4e:
2b:f3:1c:4b:c9:3b:a4:b2:62:8d:fd:74:b9:92:5e:70:46:bb:
9b:7c:36:fe:c5:db:57:d0:86:38:a6:37:43:43:6d:b9:24:74:
b9:56:60:d2:31:4c:f4:10:38:84:25:1b:6e:9d:16:3a:83:92:
d3:08:a9:76:c7:46:3a:98:91:c3:bb:cc:1e:69:aa:d3:fd:c2:
37:b3:05:de:f9:57:9b:2f:90:56:a2:e4:fc:42:05:a3:9a:11:
55:ff:f5:03:ec:76:ec:03:0a:04:22:23:9b:db:04:b3:33:83:
8f:41:8e:a4:3e:f7:8c:9f:99:c4:16:01:fe:24:bf:4c:61:7e:
9a:b0:b8:45:d6:04:f0:da:24:c9:36:79:75:87:bc:0a:6a:e4:
d3:ce:45:5d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYstc/U3INf5usFACKyOR9ZDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMxMDE0MDkxMDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTVlMzZjZjdiNGZmY2FjNjI5MDkzZmFkOTUxYmY3MjFhNDAwZDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJYWynAScXnvONmXagji2gEWE8cO
oFIDaRET+GCPrwoDUh/Zt73GizmX2jTMLkDeAhUt0GR9MC8eJC7mdpF5kRftRPPk
sbt8HCJl9UMwuAo21RdqCOAbTWPLdaV0NWTMBFwYcpZMoWU3cdPRudNZBvyOcztU
i3YPbgj6xjuvuKsoP8udyJAVBQs7y/6h/mqXERBUl2b6JJr25nweED6XSm95gQUU
LtSEIuLE4KOjYvOpiE3ldzGDCXc5T/N3QS0voWymQSaSvC5z0oguj7E/MayB7Uy2
R4YtngDUeqlfwJ0ntlLgdeRvTzrMY5DSb57m4xvzwAwad86k9gr5+7NQZQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBpeNs97T/ysYpCT+tlRv3IaQA16MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvR2w0MnozdFBfS3hpa0pQNjJWR19jaHBBRFhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCWbkAAwQC
WbkYAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQBvMuPZhXKknVQoPOo94B+9IaKD
Lu3YGdLAYN41db5pGoWeAtMWmUNSaebaJtl6QtRiIPLFYG8dSfn2BjPEJq6UH+f1
23KydQHcW5ViNhP35P7B2F03YjFILESxcbNcmxN0sE3tGa/ch0NtAk4r8xxLyTuk
smKN/XS5kl5wRrubfDb+xdtX0IY4pjdDQ225JHS5VmDSMUz0EDiEJRtunRY6g5LT
CKl2x0Y6mJHDu8weaarT/cI3swXe+VebL5BWouT8QgWjmhFV//UD7HbsAwoEIiOb
2wSzM4OPQY6kPveMn5nEFgH+JL9MYX6asLhF1gTw2iTJNnl1h7wKauTTzkVd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org