Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/KNlPRv40IeDW0dfx7OGn0Vx-q2Q.roa
File: KNlPRv40IeDW0dfx7OGn0Vx-q2Q.roa (raw, json)
Hash identifier: WWT2QX9GWOPpb5NkVm2wkUSyPj24aVn0kdPDT5PfmD0=
Subject key identifier: 28:D9:4F:46:FE:34:21:E0:D6:D1:D7:F1:EC:E1:A7:D1:5C:7E:AB:64
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018C6C6BFF69E7E014C9F29222FF895630E8
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/KNlPRv40IeDW0dfx7OGn0Vx-q2Q.roa
Signing time: Fri 15 Dec 2023 07:41:06 +0000
ROA not before: Fri 15 Dec 2023 07:41:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 24
81.22.140.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 19 Dec 2023 10:37:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6c:6b:ff:69:e7:e0:14:c9:f2:92:22:ff:89:56:30:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Dec 15 07:41:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28d94f46fe3421e0d6d1d7f1ece1a7d15c7eab64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:dc:23:4f:df:f5:51:74:d9:57:5d:a4:83:ff:
58:c2:bc:5e:ca:95:d1:a8:5e:4c:69:1e:8f:18:e3:
e3:f3:d2:d3:4e:e6:75:4f:ab:2e:1a:5a:03:d2:d9:
4d:7a:69:84:a1:1d:1e:7c:ab:6f:57:12:6b:6b:9e:
4e:75:ed:10:11:1b:ab:ed:cf:94:05:c5:10:28:21:
11:24:a7:59:2b:59:eb:cd:89:05:ef:04:bb:57:ca:
04:63:e0:d4:03:07:25:df:15:24:d9:b0:f9:53:63:
a5:fc:69:f1:62:c2:ac:60:ed:5f:d0:83:7e:14:1e:
86:18:23:fe:94:d0:4d:f9:c7:78:22:1d:8e:a6:91:
b7:da:13:76:54:11:4a:5f:08:08:3e:73:15:2f:62:
0a:1b:1c:95:3b:83:2a:cf:47:a5:01:ec:0a:99:fe:
c4:ef:3e:ae:0a:97:72:9a:7b:91:71:59:65:32:34:
29:6b:40:5c:25:e3:bb:c7:be:48:68:f0:6a:14:08:
80:46:5d:80:02:b2:3d:f5:31:90:06:78:0e:4f:9c:
6a:0c:fa:11:f7:0b:98:56:c8:70:94:b9:7e:4b:47:
3d:09:7a:08:de:d8:d2:ad:2b:83:a6:cb:21:68:88:
fb:1a:72:64:25:6b:98:3f:2a:55:25:a0:5d:35:5d:
b8:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:D9:4F:46:FE:34:21:E0:D6:D1:D7:F1:EC:E1:A7:D1:5C:7E:AB:64
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/KNlPRv40IeDW0dfx7OGn0Vx-q2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
14:b5:23:e6:44:86:87:6c:0f:5c:be:f5:75:af:ce:1c:0d:ae:
fd:68:70:3d:53:ba:1c:dc:4e:e5:be:b5:8f:e3:bf:45:72:4a:
32:0e:e5:8a:4f:0f:e2:91:04:2a:b9:84:66:76:2f:60:59:75:
7e:01:0f:5f:16:48:92:8c:72:2a:de:cb:3a:64:0b:a0:01:00:
c2:f3:9f:d6:61:eb:09:2f:63:27:b5:f4:19:fb:5e:d2:e7:97:
6c:ea:9d:83:ee:5d:12:8a:cb:5d:89:39:2c:af:e1:c3:2a:9a:
dc:4b:1c:a2:56:71:c7:86:97:af:19:21:66:80:c0:82:56:d7:
dd:60:e1:de:20:39:25:49:3a:6d:e7:7e:6d:c7:ba:a8:9c:2c:
af:b3:a8:da:f5:10:18:47:40:d0:f6:43:7d:53:9b:73:a6:12:
88:fc:f4:4e:9a:00:14:e7:37:d1:89:0d:2d:cf:5f:a0:06:f6:
9d:36:f4:5e:ec:b1:48:ce:10:f3:c1:01:4d:36:fb:21:fa:ce:
bf:29:d2:cb:17:d7:97:68:8e:0c:b1:17:1f:59:ac:85:01:c5:
5a:36:2a:46:4c:26:8a:b2:e0:4f:36:34:1e:eb:28:71:d4:23:
cd:51:0c:b4:bc:2a:44:20:6e:40:66:21:57:6e:19:a9:85:c1:
a8:41:fa:6a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYxsa/9p5+AUyfKSIv+JVjDoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMxMjE1MDc0MTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGQ5NGY0NmZlMzQyMWUwZDZkMWQ3ZjFlY2UxYTdkMTVjN2VhYjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNwjT9/1UXTZV12kg/9YwrxeypXR
qF5MaR6PGOPj89LTTuZ1T6suGloD0tlNemmEoR0efKtvVxJra55Ode0QERur7c+U
BcUQKCERJKdZK1nrzYkF7wS7V8oEY+DUAwcl3xUk2bD5U2Ol/GnxYsKsYO1f0IN+
FB6GGCP+lNBN+cd4Ih2OppG32hN2VBFKXwgIPnMVL2IKGxyVO4Mqz0elAewKmf7E
7z6uCpdymnuRcVllMjQpa0BcJeO7x75IaPBqFAiARl2AArI99TGQBngOT5xqDPoR
9wuYVshwlLl+S0c9CXoI3tjSrSuDpsshaIj7GnJkJWuYPypVJaBdNV24vQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCjZT0b+NCHg1tHX8ezhp9FcfqtkMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvS05sUFJ2NDBJZURXMGRmeDdPR24wVngtcTJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDURaIAwQC
WbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQAUtSPmRIaHbA9cvvV1r84cDa79
aHA9U7oc3E7lvrWP479FckoyDuWKTw/ikQQquYRmdi9gWXV+AQ9fFkiSjHIq3ss6
ZAugAQDC85/WYesJL2MntfQZ+17S55ds6p2D7l0SistdiTksr+HDKprcSxyiVnHH
hpevGSFmgMCCVtfdYOHeIDklSTpt535tx7qonCyvs6ja9RAYR0DQ9kN9U5tzphKI
/PROmgAU5zfRiQ0tz1+gBvadNvRe7LFIzhDzwQFNNvsh+s6/KdLLF9eXaI4MsRcf
WayFAcVaNipGTCaKsuBPNjQe6yhx1CPNUQy0vCpEIG5AZiFXbhmphcGoQfpq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org