Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/ITDhciQQaFYzIfbhE0h4uR6Uff8.roa
File: ITDhciQQaFYzIfbhE0h4uR6Uff8.roa (raw, json)
Hash identifier: JnEpSY9WO+tNWwilDFqLKEyS7o4KDI1uvkngTaLmGSQ=
Subject key identifier: 21:30:E1:72:24:10:68:56:33:21:F6:E1:13:48:78:B9:1E:94:7D:FF
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018D2BA4FBC8AAEB7C06B60AA83635B6E3DA
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/ITDhciQQaFYzIfbhE0h4uR6Uff8.roa
Signing time: Sun 21 Jan 2024 10:50:49 +0000
ROA not before: Sun 21 Jan 2024 10:50:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 23
81.22.140.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
109.72.116.0/22 maxlen: 24
109.72.116.0/24 maxlen: 24
109.72.118.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jan 2024 11:20:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:2b:a4:fb:c8:aa:eb:7c:06:b6:0a:a8:36:35:b6:e3:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 21 10:50:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2130e172241068563321f6e1134878b91e947dff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:cc:42:9c:08:8d:f5:88:f1:03:8f:98:3a:26:
f3:5a:88:52:62:de:f8:56:da:46:ef:38:71:1f:b4:
41:ad:4d:f3:e5:76:47:5a:12:6b:33:ad:f9:aa:df:
86:06:a6:bc:dd:69:29:fb:be:14:bb:eb:78:f1:cd:
c1:59:46:60:29:9d:de:4b:bf:0b:ac:d8:24:6e:7e:
87:dc:1d:00:4e:83:d0:3c:dc:38:ef:06:36:4e:2c:
e1:31:c0:44:4d:f5:3c:3d:10:ec:c5:d3:d3:fb:a7:
b4:fd:fb:fa:f6:c5:16:b3:b1:a7:04:33:ef:18:e1:
cf:18:1a:23:57:29:8c:0d:24:af:04:5b:d6:80:e0:
80:3c:88:ab:dc:12:77:0a:e0:b7:bb:a8:a6:eb:6d:
75:a9:21:0a:3f:8f:e3:bd:29:9d:22:af:2f:a2:f9:
f9:cf:6f:11:bf:b2:a1:82:05:ea:26:fc:7d:3a:c2:
bb:e2:00:a5:70:d1:f1:43:3f:73:c0:dc:29:f8:b8:
1b:dc:7c:43:af:7e:75:04:5a:70:25:e3:69:0e:48:
68:06:d0:79:1a:04:94:98:a3:aa:99:56:b3:7a:24:
1c:93:6d:1d:0d:67:62:0a:3e:fa:cc:6e:6c:d6:a7:
59:48:21:f4:aa:c3:19:1e:62:06:01:7d:e0:db:93:
7e:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:30:E1:72:24:10:68:56:33:21:F6:E1:13:48:78:B9:1E:94:7D:FF
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/ITDhciQQaFYzIfbhE0h4uR6Uff8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
31:23:52:80:7b:c4:d5:30:4d:08:65:e9:40:00:a7:ae:dc:0e:
41:01:55:a9:7f:9d:66:66:97:57:d9:26:e6:ae:1d:64:77:21:
08:bd:11:96:f8:72:d0:88:2d:4b:94:e0:2b:e8:70:a9:5e:2c:
55:18:ab:5d:cc:b4:11:07:0c:c2:a8:13:6d:1e:96:80:65:d4:
aa:2b:cd:d3:dc:ce:db:6a:50:b9:99:15:43:91:58:2d:bd:16:
c7:f3:30:3b:0c:85:94:ed:aa:a0:3c:e8:65:7f:7e:4d:9b:b7:
8a:f5:5b:e2:95:b4:f5:bb:ad:6a:f2:ff:89:25:16:79:94:7f:
15:dc:4f:88:10:ce:e1:a5:2c:e8:56:86:22:36:11:5d:f7:49:
04:b0:43:38:61:e6:1c:fa:9a:8b:11:4e:39:ea:12:dd:0e:68:
13:12:e0:77:12:9e:b9:3f:fb:f0:ee:01:62:66:3b:83:fd:d7:
23:19:d6:98:e2:d7:6b:a8:7b:14:10:22:c6:bf:f9:a1:88:a2:
bc:03:f2:88:3d:de:25:41:07:13:15:e7:e1:d8:c5:dd:36:c7:
36:19:1c:0d:67:45:f3:b7:61:f2:21:22:eb:bd:55:87:21:a3:
91:45:d8:23:fd:40:35:aa:2f:ca:29:eb:bb:48:b4:24:f8:d0:
6d:ba:87:67
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY0rpPvIqut8BrYKqDY1tuPaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMTIxMTA1MDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTMwZTE3MjI0MTA2ODU2MzMyMWY2ZTExMzQ4NzhiOTFlOTQ3ZGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsxCnAiN9YjxA4+YOibzWohSYt74
VtpG7zhxH7RBrU3z5XZHWhJrM635qt+GBqa83Wkp+74Uu+t48c3BWUZgKZ3eS78L
rNgkbn6H3B0AToPQPNw47wY2TizhMcBETfU8PRDsxdPT+6e0/fv69sUWs7GnBDPv
GOHPGBojVymMDSSvBFvWgOCAPIir3BJ3CuC3u6im6211qSEKP4/jvSmdIq8vovn5
z28Rv7KhggXqJvx9OsK74gClcNHxQz9zwNwp+Lgb3HxDr351BFpwJeNpDkhoBtB5
GgSUmKOqmVazeiQck20dDWdiCj76zG5s1qdZSCH0qsMZHmIGAX3g25N+EwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCEw4XIkEGhWMyH24RNIeLkelH3/MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvSVREaGNpUVFhRll6SWZiaEUwaDR1UjZVZmY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDURaIAwQC
WbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQAxI1KAe8TVME0IZelAAKeu3A5B
AVWpf51mZpdX2Sbmrh1kdyEIvRGW+HLQiC1LlOAr6HCpXixVGKtdzLQRBwzCqBNt
HpaAZdSqK83T3M7balC5mRVDkVgtvRbH8zA7DIWU7aqgPOhlf35Nm7eK9VvilbT1
u61q8v+JJRZ5lH8V3E+IEM7hpSzoVoYiNhFd90kEsEM4YeYc+pqLEU456hLdDmgT
EuB3Ep65P/vw7gFiZjuD/dcjGdaY4tdrqHsUECLGv/mhiKK8A/KIPd4lQQcTFefh
2MXdNsc2GRwNZ0Xzt2HyISLrvVWHIaORRdgj/UA1qi/KKeu7SLQk+NBtuodn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org