Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/IJ6PkakA1wsFiSxd_3FLvbR0u_w.roa
File: IJ6PkakA1wsFiSxd_3FLvbR0u_w.roa (raw, json)
Hash identifier: J2k6EcPqGTZY5RJu/9nx6JGBrqhRro2WqEyzL8t7t6g=
Subject key identifier: 20:9E:8F:91:A9:00:D7:0B:05:89:2C:5D:FF:71:4B:BD:B4:74:BB:FC
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018CF27CE6BD83F659FB36604EF113FD13A1
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/IJ6PkakA1wsFiSxd_3FLvbR0u_w.roa
Signing time: Wed 10 Jan 2024 08:28:40 +0000
ROA not before: Wed 10 Jan 2024 08:28:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 23
81.22.140.0/22 maxlen: 24
81.22.141.0/24 maxlen: 24
109.72.116.0/22 maxlen: 24
109.72.113.0/24 maxlen: 24
109.72.123.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 12 Jan 2024 10:09:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f2:7c:e6:bd:83:f6:59:fb:36:60:4e:f1:13:fd:13:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 10 08:28:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=209e8f91a900d70b05892c5dff714bbdb474bbfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:66:62:d6:53:f4:ff:b6:50:0f:6a:e5:43:ea:
11:71:23:3d:e0:a1:7c:35:51:ac:51:17:e5:e2:d3:
5f:bc:b4:a3:19:6e:e2:7c:f5:c0:31:85:c8:50:e4:
f6:99:13:52:57:94:ed:6f:f9:f7:f7:7f:28:5c:45:
59:a1:e5:52:b6:33:53:a8:9d:b4:6d:30:91:3a:8e:
e3:6a:e1:26:4e:30:cc:7d:01:9c:a2:7d:c9:85:21:
f2:1a:dd:29:e8:49:40:f5:70:48:1f:db:dd:6a:5e:
ba:d3:9c:6b:cd:9b:f6:1d:a8:85:32:93:d1:ab:74:
c2:64:29:b5:99:de:7b:6c:af:5e:b4:0d:44:55:0c:
70:d6:39:c4:a1:1f:e5:13:f1:f0:68:36:3f:5d:27:
9f:35:f9:48:9c:d7:c1:e0:5a:dc:5b:23:e0:9f:31:
11:e0:bd:0a:bc:1d:0a:32:07:58:c9:46:f4:8b:05:
e6:5e:c8:c6:05:88:15:17:d5:14:2d:40:b3:04:38:
28:0d:8f:01:c7:44:ae:5a:8e:ce:90:d8:20:4b:cc:
b9:4b:c5:26:a6:be:68:54:64:61:cc:c7:2a:7f:49:
44:e1:a4:54:f9:2d:ba:dd:1b:61:71:38:ef:b1:3d:
45:cf:8b:5b:62:94:f4:18:3a:5c:61:67:3d:f1:0e:
7e:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:9E:8F:91:A9:00:D7:0B:05:89:2C:5D:FF:71:4B:BD:B4:74:BB:FC
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/IJ6PkakA1wsFiSxd_3FLvbR0u_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
109.72.113.0/24
109.72.116.0/22
109.72.123.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:40:5e:38:3c:d0:0d:85:da:7c:63:df:f4:3a:dd:3a:56:58:
fc:2b:91:d3:09:96:03:a7:99:d4:4a:df:7b:60:ca:67:8b:6f:
f5:e7:31:4d:f2:b9:cb:df:4d:db:ac:85:d0:e1:99:49:d7:70:
9e:be:3d:36:e4:66:ad:89:b4:ad:1d:d9:c8:c4:b1:51:ac:11:
8b:46:b7:69:5b:8a:b4:7b:c1:41:fb:e5:28:03:08:c1:a6:7f:
2c:86:09:8f:3a:2a:b2:08:e0:d2:3e:d8:f6:8b:6f:bc:42:b2:
c0:fc:73:f2:c7:26:37:30:e1:55:ef:97:10:f4:b2:87:bf:2f:
fe:2d:38:c5:be:34:8c:a4:35:86:b4:c2:8f:4b:94:cf:ce:58:
0f:1f:46:e0:56:58:61:9e:5d:22:56:55:8c:7e:c4:0e:5d:97:
03:bc:c2:91:55:1d:24:c9:24:3e:9e:71:03:5b:89:1e:9d:66:
0a:d0:e0:fc:d9:74:9b:f3:06:05:37:c8:34:15:f4:64:c2:c0:
0c:0b:ef:f6:4b:a6:ee:c0:da:c2:63:af:d1:b0:b1:db:f7:c9:
27:e8:80:1e:e3:68:04:b0:1d:81:33:1f:71:3f:ed:57:82:0a:
6a:ad:7d:5c:22:44:75:91:0b:c2:26:2d:b6:71:19:5f:27:07:
0a:5f:94:ec
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzyfOa9g/ZZ+zZgTvET/ROhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMTEwMDgyODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDllOGY5MWE5MDBkNzBiMDU4OTJjNWRmZjcxNGJiZGI0NzRiYmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGZi1lP0/7ZQD2rlQ+oRcSM94KF8
NVGsURfl4tNfvLSjGW7ifPXAMYXIUOT2mRNSV5Ttb/n3938oXEVZoeVStjNTqJ20
bTCROo7jauEmTjDMfQGcon3JhSHyGt0p6ElA9XBIH9vdal6605xrzZv2HaiFMpPR
q3TCZCm1md57bK9etA1EVQxw1jnEoR/lE/HwaDY/XSefNflInNfB4FrcWyPgnzER
4L0KvB0KMgdYyUb0iwXmXsjGBYgVF9UULUCzBDgoDY8Bx0SuWo7OkNggS8y5S8Um
pr5oVGRhzMcqf0lE4aRU+S263RthcTjvsT1Fz4tbYpT0GDpcYWc98Q5+xQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCCej5GpANcLBYksXf9xS720dLv8MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvSUo2UGtha0Exd3NGaVN4ZF8zRkx2YlIwdV93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDURaIAwQC
WbkAAwQAbUhxAwQCbUh0AwQAbUh7MA0GCSqGSIb3DQEBCwUAA4IBAQBdQF44PNAN
hdp8Y9/0Ot06Vlj8K5HTCZYDp5nUSt97YMpni2/15zFN8rnL303brIXQ4ZlJ13Ce
vj025GatibStHdnIxLFRrBGLRrdpW4q0e8FB++UoAwjBpn8shgmPOiqyCODSPtj2
i2+8QrLA/HPyxyY3MOFV75cQ9LKHvy/+LTjFvjSMpDWGtMKPS5TPzlgPH0bgVlhh
nl0iVlWMfsQOXZcDvMKRVR0kySQ+nnEDW4kenWYK0OD82XSb8wYFN8g0FfRkwsAM
C+/2S6buwNrCY6/RsLHb98kn6IAe42gEsB2BMx9xP+1XggpqrX1cIkR1kQvCJi22
cRlfJwcKX5Ts
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:45 2024 by rpki-client on console-ams.rpki-client.org