Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/Ipk0VrErvIwA0Jw5ZnsnA6mhiy4.roa
File: Ipk0VrErvIwA0Jw5ZnsnA6mhiy4.roa (raw, json)
Hash identifier: nzRXHlQKz3sLr4/k1If+dO6Xcr80nGc8cpZErjaDfIs=
Subject key identifier: 22:99:34:56:B1:2B:BC:8C:00:D0:9C:39:66:7B:27:03:A9:A1:8B:2E
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0187D7FE59DA82C6FADB6368D2B5D0B93FD4
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/Ipk0VrErvIwA0Jw5ZnsnA6mhiy4.roa
Signing time: Mon 01 May 2023 15:46:23 +0000
ROA not before: Mon 01 May 2023 15:46:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.72.127.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 03 May 2023 08:10:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:d7:fe:59:da:82:c6:fa:db:63:68:d2:b5:d0:b9:3f:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: May 1 15:46:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22993456b12bbc8c00d09c39667b2703a9a18b2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ce:88:1f:c7:c7:82:ab:d1:88:13:ca:ad:a2:
c9:e2:47:69:00:12:41:71:ef:6b:68:2a:50:a1:6f:
7f:13:95:59:58:d7:9e:5a:da:c4:30:44:d2:fd:2d:
32:10:d3:b6:c0:a9:d7:27:9d:3b:4f:b1:24:43:f5:
d5:a4:6d:46:a1:c8:50:d6:68:0c:0e:49:c9:3d:e7:
41:51:c7:6f:96:54:58:3f:d4:d5:94:0f:e0:38:cb:
55:24:49:31:e8:47:f8:d2:f2:3a:cc:d2:5c:39:6b:
c5:36:13:16:50:1d:5d:b9:f6:cb:76:3e:08:af:68:
6d:e4:6e:9e:63:55:0b:ae:7e:0d:a0:9f:e3:d3:12:
60:bf:c8:18:50:a9:1b:b2:4e:d5:cf:2d:91:f2:84:
92:a9:82:5c:08:04:17:ef:01:d8:0e:81:f0:41:9c:
db:8b:cf:de:67:8e:75:bb:21:22:77:1b:5e:2e:92:
9f:07:b8:4c:ef:5f:38:27:7a:bb:82:c8:e0:17:87:
ef:0b:8b:a7:b2:ba:47:a0:bf:f6:22:a6:cc:d4:f9:
b7:78:7d:b7:d3:aa:2f:ec:23:13:b1:9c:63:52:87:
da:cc:45:48:cb:35:b9:d5:7a:f0:94:96:94:06:85:
62:b0:c4:e1:9c:48:88:76:e4:c5:d6:e1:22:4a:15:
a9:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:99:34:56:B1:2B:BC:8C:00:D0:9C:39:66:7B:27:03:A9:A1:8B:2E
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/Ipk0VrErvIwA0Jw5ZnsnA6mhiy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.0.0/22
109.72.127.0/24
Signature Algorithm: sha256WithRSAEncryption
46:ac:0e:cf:1c:ad:f0:f5:34:bc:e6:40:6f:2a:c4:50:0c:fb:
96:c4:eb:ab:d2:40:e3:79:15:29:9c:4a:1f:9a:23:83:0a:c9:
cf:85:19:30:1b:e2:f0:b6:12:dd:f0:4f:1b:0a:ab:28:50:a2:
d6:ad:72:22:a2:5f:c0:cf:62:33:90:76:da:da:e5:44:e3:6f:
82:fb:d3:26:79:22:43:e6:2d:36:33:aa:8c:ce:67:ec:8c:84:
f7:09:18:d5:ae:2f:c0:37:da:37:35:cc:cf:1c:b5:20:aa:bb:
2c:20:ee:a4:64:a5:58:43:6f:8a:d8:64:16:74:2c:7d:41:5d:
b7:c8:d0:eb:bc:75:2c:b3:42:c8:f7:c2:5f:ea:52:08:ba:31:
23:95:29:b8:d3:18:b6:00:16:54:54:a6:fb:52:67:c1:e0:bb:
bb:40:4d:9d:15:a5:ad:06:49:4f:7d:4c:7c:13:eb:91:33:95:
79:54:f2:00:7f:de:a2:14:49:6b:7c:fc:d7:a0:70:01:1c:28:
1f:c5:ae:c4:f5:0b:2e:ff:05:e4:3e:52:8b:c0:9c:0a:bb:64:
f7:13:9a:cb:ec:ba:5d:43:5a:c6:67:3b:92:09:32:b9:da:7d:
b8:bd:d1:3e:7f:7c:23:9d:4c:c7:f3:6a:27:24:cf:13:21:0f:
da:8f:bc:48
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYfX/lnagsb622No0rXQuT/UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwNTAxMTU0NjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjk5MzQ1NmIxMmJiYzhjMDBkMDljMzk2NjdiMjcwM2E5YTE4YjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhs6IH8fHgqvRiBPKraLJ4kdpABJB
ce9raCpQoW9/E5VZWNeeWtrEMETS/S0yENO2wKnXJ507T7EkQ/XVpG1GochQ1mgM
DknJPedBUcdvllRYP9TVlA/gOMtVJEkx6Ef40vI6zNJcOWvFNhMWUB1dufbLdj4I
r2ht5G6eY1ULrn4NoJ/j0xJgv8gYUKkbsk7Vzy2R8oSSqYJcCAQX7wHYDoHwQZzb
i8/eZ451uyEidxteLpKfB7hM7184J3q7gsjgF4fvC4unsrpHoL/2IqbM1Pm3eH23
06ov7CMTsZxjUofazEVIyzW51XrwlJaUBoVisMThnEiIduTF1uEiShWpwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCKZNFaxK7yMANCcOWZ7JwOpoYsuMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvSXBrMFZyRXJ2SXdBMEp3NVpuc25BNm1oaXk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWbkAAwQA
bUh/MA0GCSqGSIb3DQEBCwUAA4IBAQBGrA7PHK3w9TS85kBvKsRQDPuWxOur0kDj
eRUpnEofmiODCsnPhRkwG+LwthLd8E8bCqsoUKLWrXIiol/Az2IzkHba2uVE42+C
+9MmeSJD5i02M6qMzmfsjIT3CRjVri/AN9o3NczPHLUgqrssIO6kZKVYQ2+K2GQW
dCx9QV23yNDrvHUss0LI98Jf6lIIujEjlSm40xi2ABZUVKb7UmfB4Lu7QE2dFaWt
BklPfUx8E+uRM5V5VPIAf96iFElrfPzXoHABHCgfxa7E9Qsu/wXkPlKLwJwKu2T3
E5rL7LpdQ1rGZzuSCTK52n24vdE+f3wjnUzH82onJM8TIQ/aj7xI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:45 2024 by rpki-client on console-ams.rpki-client.org