Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/KU8KGWoQMH5kUwuukl0ZX_cLW0w.roa
File: KU8KGWoQMH5kUwuukl0ZX_cLW0w.roa (raw, json)
Hash identifier: pyNS+0y7xA3V0qg/lmd+HY+9tujdtuzH1BY484deqWo=
Subject key identifier: 29:4F:0A:19:6A:10:30:7E:64:53:0B:AE:92:5D:19:5F:F7:0B:5B:4C
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018B382C3D8E7BFEA2AFCE0CC90C31331743
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/KU8KGWoQMH5kUwuukl0ZX_cLW0w.roa
Signing time: Mon 16 Oct 2023 11:08:25 +0000
ROA not before: Mon 16 Oct 2023 11:08:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.185.24.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
109.72.117.0/24 maxlen: 24
109.72.118.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 17 Oct 2023 09:18:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:38:2c:3d:8e:7b:fe:a2:af:ce:0c:c9:0c:31:33:17:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Oct 16 11:08:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=294f0a196a10307e64530bae925d195ff70b5b4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:fb:2d:f1:01:1b:fc:50:a1:e5:7f:fd:ff:54:
e5:ee:6c:73:03:11:2a:04:f8:93:70:6c:e0:d6:ab:
a4:46:86:37:ed:7e:75:b3:8b:e0:51:4b:f5:e2:ba:
f3:19:94:03:81:b3:da:04:a6:51:0a:d2:d2:59:ac:
13:b6:dd:43:15:4b:b7:69:91:dd:11:47:50:2c:b3:
d3:95:61:2e:4b:b6:31:85:10:65:60:7d:3b:73:c2:
42:74:a1:87:77:6b:dd:98:88:a3:86:7d:0a:3d:2d:
2f:fd:25:49:d1:82:fb:91:54:f6:0b:95:2a:06:c1:
de:c4:c9:69:00:37:d7:3a:dd:1d:96:7a:1f:d7:28:
1a:8a:9c:59:b7:ce:55:5e:a0:27:54:71:7b:db:2e:
f1:d2:d0:cf:41:79:e8:fe:d2:0e:70:42:4b:9a:6a:
ec:a9:48:5e:f4:64:93:78:7c:a6:0b:e2:66:74:cb:
ba:be:8d:a5:45:28:67:27:14:d6:30:7f:3c:d7:65:
85:4e:82:f3:4a:5d:7c:26:f4:56:ee:03:77:03:35:
b5:ce:40:08:11:cd:ed:d3:85:e7:7e:ea:71:47:2d:
8d:61:d9:46:01:92:ad:f7:5c:d7:c4:fe:fa:bd:26:
44:a0:f7:68:49:20:2c:b3:06:8e:47:63:d1:9a:24:
77:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:4F:0A:19:6A:10:30:7E:64:53:0B:AE:92:5D:19:5F:F7:0B:5B:4C
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/KU8KGWoQMH5kUwuukl0ZX_cLW0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.0.0/22
89.185.24.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:f6:22:0d:1a:d1:9b:06:06:16:b1:3d:96:c9:4f:5e:a4:82:
cd:b8:9a:8c:ff:4f:b3:1d:3e:ab:c5:1f:eb:f9:8f:9d:00:06:
5e:1b:5b:7c:c3:3a:77:a2:31:dc:47:b2:25:14:7d:fe:28:f6:
c7:cb:5a:e1:51:9d:10:b4:c4:12:a4:be:34:2d:83:5b:d6:4a:
ed:98:0e:90:cd:7a:29:15:e7:ac:0b:aa:1c:36:c4:45:68:b6:
92:64:70:28:e0:29:fa:2f:b6:bd:3c:1d:c0:f0:71:35:5b:08:
db:c7:c1:b5:45:b4:d8:0c:34:11:53:4e:fa:86:dd:91:69:11:
03:b2:18:0f:51:51:61:49:74:85:10:76:90:dc:41:d2:b8:20:
b9:96:c3:f0:dd:46:81:c2:50:2f:b3:83:60:2c:d8:a0:76:ff:
79:f4:a2:10:d8:aa:a0:fc:89:f4:61:b0:14:e3:de:c6:d1:af:
a0:fe:38:42:45:5b:01:52:0c:7b:70:ba:0a:e5:48:3c:2c:d2:
3e:7c:45:e2:b6:75:66:93:75:de:70:77:cd:bb:28:6b:be:83:
08:7f:ed:91:7c:d8:a7:91:19:39:27:95:b0:b9:87:a4:49:b0:
1e:1a:81:72:0d:a6:55:3e:59:b5:c2:c9:1e:dc:09:f1:29:65:
47:4d:d2:69
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYs4LD2Oe/6ir84MyQwxMxdDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMxMDE2MTEwODI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTRmMGExOTZhMTAzMDdlNjQ1MzBiYWU5MjVkMTk1ZmY3MGI1YjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvst8QEb/FCh5X/9/1Tl7mxzAxEq
BPiTcGzg1qukRoY37X51s4vgUUv14rrzGZQDgbPaBKZRCtLSWawTtt1DFUu3aZHd
EUdQLLPTlWEuS7YxhRBlYH07c8JCdKGHd2vdmIijhn0KPS0v/SVJ0YL7kVT2C5Uq
BsHexMlpADfXOt0dlnof1ygaipxZt85VXqAnVHF72y7x0tDPQXno/tIOcEJLmmrs
qUhe9GSTeHymC+JmdMu6vo2lRShnJxTWMH8812WFToLzSl18JvRW7gN3AzW1zkAI
Ec3t04XnfupxRy2NYdlGAZKt91zXxP76vSZEoPdoSSAsswaOR2PRmiR3nwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFClPChlqEDB+ZFMLrpJdGV/3C1tMMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvS1U4S0dXb1FNSDVrVXd1dWtsMFpYX2NMVzB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCWbkAAwQC
WbkYAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQA69iINGtGbBgYWsT2WyU9epILN
uJqM/0+zHT6rxR/r+Y+dAAZeG1t8wzp3ojHcR7IlFH3+KPbHy1rhUZ0QtMQSpL40
LYNb1krtmA6QzXopFeesC6ocNsRFaLaSZHAo4Cn6L7a9PB3A8HE1Wwjbx8G1RbTY
DDQRU076ht2RaREDshgPUVFhSXSFEHaQ3EHSuCC5lsPw3UaBwlAvs4NgLNigdv95
9KIQ2Kqg/In0YbAU497G0a+g/jhCRVsBUgx7cLoK5Ug8LNI+fEXitnVmk3XecHfN
uyhrvoMIf+2RfNinkRk5J5WwuYekSbAeGoFyDaZVPlm1wske3AnxKWVHTdJp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org