Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/HFDqHgCDVK_aetSs9NlJriahBQ0.roa
File: HFDqHgCDVK_aetSs9NlJriahBQ0.roa (raw, json)
Hash identifier: wXm2A22Ne4Z0gpeuo2q1GlqufqoDh4ObbMGoMYWYPjs=
Subject key identifier: 1C:50:EA:1E:00:83:54:AF:DA:7A:D4:AC:F4:D9:49:AE:26:A1:05:0D
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0193034C70D28CD25A7FA601C911B1726A80
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/HFDqHgCDVK_aetSs9NlJriahBQ0.roa
Signing time: Wed 06 Nov 2024 21:06:01 +0000
ROA not before: Wed 06 Nov 2024 21:06:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 23
81.22.140.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
89.185.22.0/24 maxlen: 24
109.72.116.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Nov 2024 09:40:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:03:4c:70:d2:8c:d2:5a:7f:a6:01:c9:11:b1:72:6a:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Nov 6 21:06:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c50ea1e008354afda7ad4acf4d949ae26a1050d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d4:04:9c:bc:cd:e3:15:a4:26:e0:e1:5e:b2:
07:84:dc:a6:f8:85:0b:a9:fe:ec:aa:40:19:e1:86:
58:91:fd:23:59:a4:41:9e:7f:2c:81:d3:33:fd:1c:
93:00:c0:67:04:b7:a0:e0:45:df:1f:6a:bf:ff:f4:
87:2c:a1:ea:18:48:e3:ad:90:04:04:f8:e4:90:ff:
a0:bf:5f:e5:28:c2:5f:6b:8d:b4:8b:b1:0f:1b:43:
80:33:8b:06:25:84:cc:f5:0c:58:37:b8:46:8f:07:
77:09:8a:fd:c5:1c:3a:6b:fa:a2:38:37:6b:39:18:
4e:51:31:bf:8f:fb:a1:73:26:0a:ae:bf:93:b3:53:
61:34:f7:eb:6b:ae:c0:50:6a:fd:e2:29:a8:76:1a:
93:ea:df:a7:65:95:9f:45:63:43:f8:8f:8b:da:38:
a0:cf:43:85:d5:65:a9:6c:16:c2:63:3b:27:3b:9d:
09:6e:58:c0:89:5f:e6:a9:9d:ae:0c:30:79:b7:ad:
43:56:08:f1:f5:61:40:9e:d4:3e:aa:31:61:eb:28:
50:f6:6e:b8:ff:49:2c:f7:d2:6a:59:bb:28:e2:5b:
9a:5d:55:5c:34:d3:8c:00:c3:61:ed:8e:71:01:09:
5b:7f:07:19:0a:81:eb:60:d5:35:2d:c0:d4:7d:83:
69:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:50:EA:1E:00:83:54:AF:DA:7A:D4:AC:F4:D9:49:AE:26:A1:05:0D
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/HFDqHgCDVK_aetSs9NlJriahBQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
89.185.22.0/24
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:1e:78:af:30:cf:e5:12:56:a4:0b:3b:0c:f2:7e:d5:97:ae:
66:b8:a6:af:68:0c:8a:92:70:7b:a8:d6:4d:de:60:33:2f:d5:
2f:4b:ac:e5:02:4a:ce:f0:b1:f7:4d:74:f1:14:2c:34:77:0a:
97:30:d8:9f:f0:44:e5:c6:05:ca:f0:a3:44:0c:a3:0b:69:7f:
8d:36:6d:7b:95:0f:48:de:8b:38:20:94:2e:a6:ff:13:8c:18:
93:ec:4d:d4:08:c9:c3:32:8c:87:13:97:4a:0d:d2:ed:88:29:
59:a2:78:9e:6d:07:24:68:19:e4:ac:ce:c3:ae:56:22:04:56:
00:be:c5:72:23:83:1d:a4:75:d3:67:3d:f0:f4:da:de:24:73:
fa:0f:fa:64:dd:f7:f0:b3:3f:46:b8:e9:fd:be:33:40:7e:1d:
66:80:8d:bf:2b:b2:0e:5c:ff:4c:dc:f7:05:29:3d:06:83:cd:
47:94:39:e0:7a:3e:42:b2:73:7e:d1:2d:c3:76:04:8a:2b:bc:
49:32:e3:28:bb:45:4e:2f:d4:d1:9e:bf:46:ec:d9:01:c5:d0:
e1:b6:8a:ca:a5:c8:d9:12:39:a8:58:d9:fa:56:f3:36:41:cc:
dc:10:db:40:19:c8:b8:c4:a1:58:c1:ef:96:7e:d6:3e:b3:bb:
fa:0a:95:bc
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZMDTHDSjNJaf6YByRGxcmqAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQxMTA2MjEwNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzUwZWExZTAwODM1NGFmZGE3YWQ0YWNmNGQ5NDlhZTI2YTEwNTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdQEnLzN4xWkJuDhXrIHhNym+IUL
qf7sqkAZ4YZYkf0jWaRBnn8sgdMz/RyTAMBnBLeg4EXfH2q///SHLKHqGEjjrZAE
BPjkkP+gv1/lKMJfa420i7EPG0OAM4sGJYTM9QxYN7hGjwd3CYr9xRw6a/qiODdr
ORhOUTG/j/uhcyYKrr+Ts1NhNPfra67AUGr94imodhqT6t+nZZWfRWND+I+L2jig
z0OF1WWpbBbCYzsnO50JbljAiV/mqZ2uDDB5t61DVgjx9WFAntQ+qjFh6yhQ9m64
/0ks99JqWbso4luaXVVcNNOMAMNh7Y5xAQlbfwcZCoHrYNU1LcDUfYNpJQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBxQ6h4Ag1Sv2nrUrPTZSa4moQUNMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvSEZEcUhnQ0RWS19hZXRTczlObEpyaWFoQlEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDURaIAwQC
WbkAAwQAWbkWAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQCgHnivMM/lElakCzsM
8n7Vl65muKavaAyKknB7qNZN3mAzL9UvS6zlAkrO8LH3TXTxFCw0dwqXMNif8ETl
xgXK8KNEDKMLaX+NNm17lQ9I3os4IJQupv8TjBiT7E3UCMnDMoyHE5dKDdLtiClZ
oniebQckaBnkrM7DrlYiBFYAvsVyI4MdpHXTZz3w9NreJHP6D/pk3ffwsz9GuOn9
vjNAfh1mgI2/K7IOXP9M3PcFKT0Gg81HlDngej5CsnN+0S3DdgSKK7xJMuMou0VO
L9TRnr9G7NkBxdDhtorKpcjZEjmoWNn6VvM2QczcENtAGci4xKFYwe+WftY+s7v6
CpW8
-----END CERTIFICATE-----
Generated at Wed Nov 13 14:06:17 2024 by rpki-client on console-ams.rpki-client.org