Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/H3_F5K0OTrFb5cwLn3ShIMwhQlc.roa
File: H3_F5K0OTrFb5cwLn3ShIMwhQlc.roa (raw, json)
Hash identifier: +XuWpCxeqerJ8f5EkZ8QGEjJuo2lYAt7hiDn38XjAyA=
Subject key identifier: 1F:7F:C5:E4:AD:0E:4E:B1:5B:E5:CC:0B:9F:74:A1:20:CC:21:42:57
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0188AF41B2E80246A29EB96302939A812178
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/H3_F5K0OTrFb5cwLn3ShIMwhQlc.roa
Signing time: Mon 12 Jun 2023 10:58:18 +0000
ROA not before: Mon 12 Jun 2023 10:58:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 81.22.136.0/22 maxlen: 24
109.72.116.0/24 maxlen: 24
109.72.118.0/24 maxlen: 24
109.72.117.0/24 maxlen: 24
81.22.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Jun 2023 14:53:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:af:41:b2:e8:02:46:a2:9e:b9:63:02:93:9a:81:21:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jun 12 10:58:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f7fc5e4ad0e4eb15be5cc0b9f74a120cc214257
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:fb:d9:9a:9a:d4:b9:88:d2:e6:d5:9c:d8:35:
92:75:fb:03:52:c2:54:88:aa:50:89:bd:00:99:a4:
94:48:0e:e5:2e:50:3a:27:94:c6:00:d0:f3:8d:60:
c1:45:fd:a4:0a:2f:3c:24:df:b4:b6:f9:d3:ce:b3:
2a:a9:d5:12:12:3e:9f:07:e6:fb:b2:d7:5a:af:f1:
33:12:c8:1f:34:54:c6:20:48:5b:ff:88:84:56:59:
9e:2f:0e:e6:d8:ce:61:22:92:24:3b:51:ab:ea:30:
1b:da:b5:40:1b:5f:f3:e9:c4:70:c6:cd:44:c8:e1:
44:d9:f1:d3:a0:9e:12:82:c1:93:f0:11:5f:3e:2b:
6c:8f:d1:4a:11:27:15:79:0d:9a:7d:b7:6f:38:6d:
2c:b1:77:1b:99:63:cb:28:9c:e4:33:20:c9:17:1b:
b1:70:86:b8:8e:99:8d:05:2b:d9:82:d9:e0:fd:8e:
c2:5c:aa:87:4f:f2:2f:36:be:d8:91:4d:8b:70:19:
30:7a:1a:5c:aa:9a:39:c7:40:5c:5a:83:8e:e2:a9:
c7:a2:43:23:48:28:93:bb:f0:bb:fc:39:4d:d7:4c:
e2:77:a2:15:0e:91:3d:16:44:fe:7d:f5:a0:23:30:
cc:a4:9d:be:59:62:c7:a7:d0:e6:52:30:70:82:54:
81:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:7F:C5:E4:AD:0E:4E:B1:5B:E5:CC:0B:9F:74:A1:20:CC:21:42:57
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/H3_F5K0OTrFb5cwLn3ShIMwhQlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.129.0/24
81.22.136.0/22
109.72.116.0-109.72.118.255
Signature Algorithm: sha256WithRSAEncryption
73:b5:f1:f4:e5:d7:c2:2a:3d:d0:74:13:f1:ef:81:a9:13:73:
ab:b9:e9:32:18:49:ee:6d:90:99:e3:1c:4e:9b:8e:d0:95:0a:
2a:c2:14:af:56:03:fd:3e:6a:90:15:0f:34:64:6d:59:ac:5b:
6a:10:25:1c:3f:cb:6f:74:b0:17:d7:e0:ce:e1:e4:e6:e8:a6:
61:e0:d0:05:4c:7b:0a:a1:df:c3:34:fe:51:68:c4:f7:ae:5a:
fd:24:06:82:41:cb:c4:56:e8:a9:f1:cd:7d:eb:9c:aa:e5:31:
73:68:f5:2a:99:48:2c:b6:a4:16:dd:de:2d:80:32:7b:53:c4:
64:36:4d:2e:2f:a3:e9:b1:65:e3:b4:6b:8f:83:04:7e:2c:aa:
60:59:98:eb:d5:14:7a:c7:51:17:eb:03:66:eb:50:92:77:f4:
58:d0:e8:8a:f4:48:12:98:ef:95:bb:97:37:e5:4a:04:6c:5b:
20:bb:dd:bf:94:24:b9:fc:33:98:7e:7d:35:45:93:ca:29:b8:
e5:fa:72:b4:05:ce:03:da:5a:77:a2:cb:77:f1:1b:7e:3c:8e:
a8:91:21:2b:0e:2d:ce:9b:e5:eb:90:21:4f:dd:d8:41:7e:74:
a2:96:fd:e7:6a:f1:72:e9:ac:9b:96:4f:25:08:21:21:76:ba:
90:f1:67:68
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYivQbLoAkainrljApOagSF4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwNjEyMTA1ODE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjdmYzVlNGFkMGU0ZWIxNWJlNWNjMGI5Zjc0YTEyMGNjMjE0MjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjvvZmprUuYjS5tWc2DWSdfsDUsJU
iKpQib0AmaSUSA7lLlA6J5TGANDzjWDBRf2kCi88JN+0tvnTzrMqqdUSEj6fB+b7
stdar/EzEsgfNFTGIEhb/4iEVlmeLw7m2M5hIpIkO1Gr6jAb2rVAG1/z6cRwxs1E
yOFE2fHToJ4SgsGT8BFfPitsj9FKEScVeQ2afbdvOG0ssXcbmWPLKJzkMyDJFxux
cIa4jpmNBSvZgtng/Y7CXKqHT/IvNr7YkU2LcBkwehpcqpo5x0BcWoOO4qnHokMj
SCiTu/C7/DlN10zid6IVDpE9FkT+ffWgIzDMpJ2+WWLHp9DmUjBwglSBywIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFB9/xeStDk6xW+XMC590oSDMIUJXMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvSDNfRjVLME9UckZiNWN3TG4zU2hJTXdoUWxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAURaBAwQC
URaIMAwDBAJtSHQDBABtSHYwDQYJKoZIhvcNAQELBQADggEBAHO18fTl18IqPdB0
E/HvgakTc6u56TIYSe5tkJnjHE6bjtCVCirCFK9WA/0+apAVDzRkbVmsW2oQJRw/
y290sBfX4M7h5ObopmHg0AVMewqh38M0/lFoxPeuWv0kBoJBy8RW6KnxzX3rnKrl
MXNo9SqZSCy2pBbd3i2AMntTxGQ2TS4vo+mxZeO0a4+DBH4sqmBZmOvVFHrHURfr
A2brUJJ39FjQ6Ir0SBKY75W7lzflSgRsWyC73b+UJLn8M5h+fTVFk8opuOX6crQF
zgPaWneiy3fxG348jqiRISsOLc6b5euQIU/d2EF+dKKW/edq8XLprJuWTyUIISF2
upDxZ2g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:45 2024 by rpki-client on console-ams.rpki-client.org