Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/KEzgMy4fn3IKs9Yx-LB38hjLYzY.roa
File: KEzgMy4fn3IKs9Yx-LB38hjLYzY.roa (raw, json)
Hash identifier: YevimMa8+phFkGWJs/aYkV0NHYm0GAbIFaItDpdJHGg=
Subject key identifier: 28:4C:E0:33:2E:1F:9F:72:0A:B3:D6:31:F8:B0:77:F2:18:CB:63:36
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0188D7EB07E2728BC71E9077169A317B8121
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/KEzgMy4fn3IKs9Yx-LB38hjLYzY.roa
Signing time: Tue 20 Jun 2023 08:28:04 +0000
ROA not before: Tue 20 Jun 2023 08:28:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.185.24.0/22 maxlen: 24
81.22.140.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 20 Jun 2023 19:08:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d7:eb:07:e2:72:8b:c7:1e:90:77:16:9a:31:7b:81:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jun 20 08:28:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=284ce0332e1f9f720ab3d631f8b077f218cb6336
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:14:bd:f6:81:02:f9:99:8f:ed:74:61:d2:3c:
df:32:57:4f:de:f8:34:7d:1f:be:2b:b0:b8:8d:d9:
ae:12:15:ae:c8:dd:f3:e6:4f:c7:cf:d9:85:ef:4c:
4a:be:df:9c:d9:ee:bf:e5:8c:af:b3:3b:8b:aa:e2:
03:89:a6:1d:77:b3:a5:bb:cf:fe:f2:2a:e0:99:2e:
df:90:76:18:68:bb:a5:b1:66:64:a7:33:39:54:4e:
18:31:b1:ef:ed:12:5a:8f:2e:0f:e6:0c:17:f1:26:
5d:90:aa:c3:a1:7c:c7:5a:39:37:62:5e:c3:1d:19:
a7:cc:50:46:b6:5f:44:fb:01:be:e2:cf:c6:ac:89:
17:10:2d:b0:ba:c6:35:b7:04:2d:34:e9:1d:da:5b:
1e:c6:53:0a:56:a3:03:0b:6a:7f:e0:85:d4:b6:87:
de:30:fa:df:cf:6d:28:3a:3f:cf:45:04:83:6b:e3:
78:f0:18:19:ca:a5:ec:94:d8:6d:b2:1b:78:ac:a8:
6a:ef:82:2f:44:3e:00:8f:a6:d3:4b:54:06:96:5d:
2a:58:32:ca:92:f5:8e:e0:e3:00:db:35:c8:11:da:
2b:74:a0:a0:bd:5d:9c:ba:fe:eb:2b:25:12:2e:10:
13:48:42:62:a1:61:bd:4c:67:c8:23:46:18:b1:73:
eb:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:4C:E0:33:2E:1F:9F:72:0A:B3:D6:31:F8:B0:77:F2:18:CB:63:36
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/KEzgMy4fn3IKs9Yx-LB38hjLYzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.140.0/22
89.185.0.0/22
89.185.24.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
07:5f:e7:1d:ec:34:15:01:5a:92:b2:6e:e1:1f:11:7b:a1:ab:
35:d1:55:07:8b:14:a4:df:ee:b3:1c:cc:d3:c5:af:2f:dd:13:
29:17:58:ee:1a:23:a9:dd:e6:cf:8d:a9:0b:a7:f4:fd:f0:81:
5c:a4:fb:16:03:3a:e4:5e:4c:8b:62:c4:15:38:66:9d:a4:eb:
e0:1b:39:e4:03:53:d1:05:35:5d:d6:7a:90:06:39:a9:c0:36:
4c:1f:f6:76:91:df:e4:f8:b9:01:06:74:a0:5d:d1:67:64:6d:
8f:0a:37:35:fc:14:bd:41:d0:5c:25:86:e2:4d:1d:ca:2e:b9:
b6:69:8e:a3:c2:98:c4:de:d0:7c:cb:8d:4f:7d:6c:f7:72:78:
6f:a4:9d:17:85:0b:e0:df:bb:ab:3b:92:f9:49:b8:73:b8:ff:
7a:22:9a:cf:46:55:bf:2d:b6:59:6b:01:54:6b:bb:8f:36:83:
54:5b:16:2b:19:b2:11:5b:1b:78:04:c2:20:d7:c3:8f:7c:1f:
95:cc:4a:3e:ca:64:57:00:36:9e:6b:de:78:b0:24:92:56:50:
31:1e:9d:a1:fc:04:9a:1f:34:a6:81:e6:db:32:88:72:83:b2:
a0:c7:69:83:8e:20:3b:8e:94:bd:f2:72:34:ee:c0:00:66:2f:
13:24:1e:50
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYjX6wficovHHpB3Fpoxe4EhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwNjIwMDgyODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODRjZTAzMzJlMWY5ZjcyMGFiM2Q2MzFmOGIwNzdmMjE4Y2I2MzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRS99oEC+ZmP7XRh0jzfMldP3vg0
fR++K7C4jdmuEhWuyN3z5k/Hz9mF70xKvt+c2e6/5YyvszuLquIDiaYdd7Olu8/+
8irgmS7fkHYYaLulsWZkpzM5VE4YMbHv7RJajy4P5gwX8SZdkKrDoXzHWjk3Yl7D
HRmnzFBGtl9E+wG+4s/GrIkXEC2wusY1twQtNOkd2lsexlMKVqMDC2p/4IXUtofe
MPrfz20oOj/PRQSDa+N48BgZyqXslNhtsht4rKhq74IvRD4Aj6bTS1QGll0qWDLK
kvWO4OMA2zXIEdordKCgvV2cuv7rKyUSLhATSEJioWG9TGfII0YYsXPrmwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFChM4DMuH59yCrPWMfiwd/IYy2M2MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvS0V6Z015NGZuM0lLczlZeC1MQjM4aGpMWXpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCURaMAwQC
WbkAAwQCWbkYAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQAHX+cd7DQVAVqSsm7h
HxF7oas10VUHixSk3+6zHMzTxa8v3RMpF1juGiOp3ebPjakLp/T98IFcpPsWAzrk
XkyLYsQVOGadpOvgGznkA1PRBTVd1nqQBjmpwDZMH/Z2kd/k+LkBBnSgXdFnZG2P
Cjc1/BS9QdBcJYbiTR3KLrm2aY6jwpjE3tB8y41PfWz3cnhvpJ0XhQvg37urO5L5
SbhzuP96IprPRlW/LbZZawFUa7uPNoNUWxYrGbIRWxt4BMIg18OPfB+VzEo+ymRX
ADaea954sCSSVlAxHp2h/ASaHzSmgebbMohyg7Kgx2mDjiA7jpS98nI07sAAZi8T
JB5Q
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:45 2024 by rpki-client on console-ams.rpki-client.org