Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/H2Pp5f5YoqwnvBOfsStR9cklf7A.roa
File: H2Pp5f5YoqwnvBOfsStR9cklf7A.roa (raw, json)
Hash identifier: JlElCKCCnBcGxuGlFJftDW3Nxl0IDdQfX6WCxRsblcs=
Subject key identifier: 1F:63:E9:E5:FE:58:A2:AC:27:BC:13:9F:B1:2B:51:F5:C9:25:7F:B0
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0188D7EB086525429CF2FAB5A8C0A7E709CC
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/H2Pp5f5YoqwnvBOfsStR9cklf7A.roa
Signing time: Tue 20 Jun 2023 08:28:04 +0000
ROA not before: Tue 20 Jun 2023 08:28:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 81.22.135.0/24 maxlen: 24
109.72.127.0/24 maxlen: 24
89.185.1.0/24 maxlen: 24
81.22.128.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Aug 2023 08:35:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d7:eb:08:65:25:42:9c:f2:fa:b5:a8:c0:a7:e7:09:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jun 20 08:28:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f63e9e5fe58a2ac27bc139fb12b51f5c9257fb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:13:9e:1f:cf:92:3d:5f:30:ff:40:8e:ea:5d:
fa:a0:b3:1e:ec:59:0d:71:55:c5:c9:b5:7f:6f:a5:
9f:4b:5d:0d:11:a8:cf:5b:dd:37:f2:18:b3:44:4b:
dc:23:fa:dc:a4:49:9e:ac:9f:86:18:c9:40:c8:a9:
7f:24:57:1f:89:2a:7a:92:0c:dd:3a:16:53:c0:87:
b5:b4:3c:f2:5a:c6:51:49:1a:61:1a:e9:c9:a9:3c:
75:f1:02:8e:6f:c3:de:cc:35:3c:5f:e3:4a:fb:50:
e2:32:53:1f:76:95:e2:4a:bd:4f:9a:8d:19:dc:c0:
ed:b9:93:dd:79:d9:9f:fd:95:e5:83:b9:f1:2b:62:
b5:05:01:62:ac:8f:8e:19:22:29:f5:cb:1e:65:8c:
a2:6b:cb:c6:79:ec:2f:1b:03:e0:70:0a:52:6d:c6:
5b:23:54:6a:b9:c1:9e:9d:ca:5e:6f:77:cf:e9:a8:
2f:99:b9:83:56:1d:7f:53:57:09:00:5a:96:2f:df:
e0:6e:ef:60:ec:e7:d7:42:c9:10:70:ce:28:f9:ef:
d4:ad:9a:60:9d:f4:c4:6b:58:18:4f:fd:73:fd:46:
69:97:3b:55:0a:f0:6f:0f:d3:00:db:9f:9e:13:2d:
ef:d6:f3:ed:00:47:9b:c9:c1:9d:f4:af:a5:d4:c5:
5e:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:63:E9:E5:FE:58:A2:AC:27:BC:13:9F:B1:2B:51:F5:C9:25:7F:B0
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/H2Pp5f5YoqwnvBOfsStR9cklf7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.128.0/24
81.22.135.0/24
89.185.1.0/24
109.72.127.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:f2:b0:c0:34:a3:61:e4:f2:22:a5:b7:b1:93:cf:61:9c:fe:
fb:aa:3e:35:48:53:3e:16:ab:1c:bd:6d:e0:de:37:34:c7:52:
db:a8:2a:d2:8b:6e:11:2b:ae:f8:31:52:e2:36:f8:43:f2:97:
73:6f:f1:69:a1:42:75:3a:74:1f:6d:4a:26:7e:70:4f:84:c6:
ea:dc:8f:83:9d:c0:1c:e7:68:11:3c:67:67:6b:98:ae:e7:eb:
8b:ea:37:11:6e:4e:db:86:44:e8:c8:6e:ad:73:19:61:ed:0c:
67:7b:59:88:29:01:4d:86:d0:83:63:fd:6e:38:d0:42:2e:8f:
82:ea:a4:4a:ff:ab:41:79:60:04:f0:12:49:06:67:e5:cd:d7:
57:3c:47:27:4d:dc:c9:f1:b7:42:02:0b:75:4d:e2:5c:91:e3:
3e:b5:fc:86:9c:ab:88:9e:fb:e1:1b:ec:96:ca:d4:aa:23:56:
e1:4b:75:09:32:3d:91:01:e8:25:cf:ac:3a:c3:ac:25:a7:fa:
8d:ba:39:ca:51:8b:37:2d:4c:b1:75:5c:03:c4:92:c8:cc:43:
1f:75:5a:9d:32:fb:2a:2a:98:8e:aa:16:84:2a:f0:ad:33:5e:
fb:79:22:78:f1:61:7d:e8:00:43:62:07:fd:86:d1:f1:70:6f:
92:63:67:83
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYjX6whlJUKc8vq1qMCn5wnMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwNjIwMDgyODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjYzZTllNWZlNThhMmFjMjdiYzEzOWZiMTJiNTFmNWM5MjU3ZmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvROeH8+SPV8w/0CO6l36oLMe7FkN
cVXFybV/b6WfS10NEajPW9038hizREvcI/rcpEmerJ+GGMlAyKl/JFcfiSp6kgzd
OhZTwIe1tDzyWsZRSRphGunJqTx18QKOb8PezDU8X+NK+1DiMlMfdpXiSr1Pmo0Z
3MDtuZPdedmf/ZXlg7nxK2K1BQFirI+OGSIp9cseZYyia8vGeewvGwPgcApSbcZb
I1RqucGencpeb3fP6agvmbmDVh1/U1cJAFqWL9/gbu9g7OfXQskQcM4o+e/UrZpg
nfTEa1gYT/1z/UZplztVCvBvD9MA25+eEy3v1vPtAEebycGd9K+l1MVevQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFB9j6eX+WKKsJ7wTn7ErUfXJJX+wMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvSDJQcDVmNVlvcXdudkJPZnNTdFI5Y2tsZjdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAURaAAwQA
URaHAwQAWbkBAwQAbUh/MA0GCSqGSIb3DQEBCwUAA4IBAQCk8rDANKNh5PIipbex
k89hnP77qj41SFM+FqscvW3g3jc0x1LbqCrSi24RK674MVLiNvhD8pdzb/FpoUJ1
OnQfbUomfnBPhMbq3I+DncAc52gRPGdna5iu5+uL6jcRbk7bhkToyG6tcxlh7Qxn
e1mIKQFNhtCDY/1uONBCLo+C6qRK/6tBeWAE8BJJBmflzddXPEcnTdzJ8bdCAgt1
TeJckeM+tfyGnKuInvvhG+yWytSqI1bhS3UJMj2RAeglz6w6w6wlp/qNujnKUYs3
LUyxdVwDxJLIzEMfdVqdMvsqKpiOqhaEKvCtM177eSJ48WF96ABDYgf9htHxcG+S
Y2eD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org