Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/KugQb2NIbW5IKbFw4dDTM1BA6YQ.roa
File: KugQb2NIbW5IKbFw4dDTM1BA6YQ.roa (raw, json)
Hash identifier: j0QEjOjPoEO7gsYMTZiaXgGxMY4BKhFgrYLuq6Bu4+c=
Subject key identifier: 2A:E8:10:6F:63:48:6D:6E:48:29:B1:70:E1:D0:D3:33:50:40:E9:84
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0189E3961BE9DACACEE65C4D8C33D5268FEE
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/KugQb2NIbW5IKbFw4dDTM1BA6YQ.roa
Signing time: Fri 11 Aug 2023 07:53:32 +0000
ROA not before: Fri 11 Aug 2023 07:53:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.185.24.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
109.72.116.0/24 maxlen: 24
109.72.117.0/24 maxlen: 24
109.72.118.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
81.22.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Aug 2023 08:09:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e3:96:1b:e9:da:ca:ce:e6:5c:4d:8c:33:d5:26:8f:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Aug 11 07:53:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ae8106f63486d6e4829b170e1d0d3335040e984
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:89:99:49:af:b4:2e:7a:a3:63:e5:db:fc:92:
fb:10:b6:a6:c4:22:19:c3:fc:31:11:43:9c:54:fe:
9f:4f:cd:37:32:db:25:1e:89:8b:7a:a3:62:c3:1e:
5f:67:fb:78:0a:bf:83:0d:58:25:26:25:7d:a9:93:
46:54:e5:93:76:1e:a0:88:51:4c:80:40:91:12:3b:
29:7a:33:77:83:87:85:0b:16:60:91:12:3d:52:b7:
c8:b4:e2:f2:bc:0e:8c:00:9a:4d:43:c9:eb:e5:0f:
6e:65:ce:8d:a0:d7:92:83:c8:4b:8a:35:80:4d:e3:
af:1a:0e:4f:65:ec:6d:94:11:d7:ec:dc:a8:22:ad:
39:5a:4e:08:96:4b:f7:46:6a:63:cc:d8:ff:5b:7e:
c1:5f:7d:66:1c:79:42:a7:b9:10:2a:6d:82:ab:74:
64:54:7a:b8:91:40:bc:78:3e:ed:2a:b9:23:5f:a5:
17:3d:96:68:e7:f7:a7:11:5b:87:37:af:42:c3:c0:
2a:65:4a:1f:84:4e:6c:be:56:07:9b:b1:6e:dd:79:
6e:cf:d1:56:e0:76:af:8b:e4:79:0a:4c:7b:1e:48:
34:1c:71:5c:27:4f:55:88:d8:5e:64:3f:8b:9a:e7:
c7:49:dc:17:54:e5:2a:cd:36:ad:ba:6f:4b:95:9d:
c0:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:E8:10:6F:63:48:6D:6E:48:29:B1:70:E1:D0:D3:33:50:40:E9:84
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/KugQb2NIbW5IKbFw4dDTM1BA6YQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.129.0/24
89.185.0.0/22
89.185.24.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
20:67:9d:ec:7d:a0:04:ff:2e:7f:53:2d:9c:00:0f:b3:86:63:
0f:77:b4:4d:21:e5:58:be:61:34:b7:d7:1a:09:93:39:60:fc:
88:87:27:ad:80:d8:e5:67:9b:db:77:c6:58:e8:65:e5:ab:1d:
10:fb:f2:56:f0:9d:a6:23:5c:39:c7:dd:ed:7d:cb:91:22:46:
4f:69:24:42:fa:9c:3e:3f:bb:35:82:01:72:d9:60:49:1e:f8:
d4:28:42:50:39:32:8b:49:b8:16:01:5b:47:69:c9:fa:26:05:
63:4c:7c:dc:a7:40:18:7c:e2:81:fe:6b:ce:cd:7d:da:16:57:
50:1f:df:d5:10:a0:12:87:d7:87:8e:36:9c:7c:ba:2f:68:23:
74:11:4d:d6:77:85:9a:3f:3e:2c:b8:f1:00:d9:55:f8:8f:bf:
3d:f0:80:c9:f6:19:81:89:b6:cd:9b:f5:d3:73:c7:e6:42:39:
5b:54:6a:d2:42:2e:2c:e0:8f:c8:6f:62:10:b9:c3:bf:a6:03:
d9:cc:5e:ec:e7:fd:dc:16:f9:e2:35:a3:2f:19:d5:6d:d9:3b:
2e:e4:b9:ae:34:5d:9c:8f:71:88:42:c9:54:d0:b9:fc:17:3f:
4e:49:e3:88:d2:a5:cd:2c:1b:d9:18:ba:f8:d6:b8:20:64:97:
35:1b:e9:19
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYnjlhvp2srO5lxNjDPVJo/uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwODExMDc1MzMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWU4MTA2ZjYzNDg2ZDZlNDgyOWIxNzBlMWQwZDMzMzUwNDBlOTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApImZSa+0LnqjY+Xb/JL7ELamxCIZ
w/wxEUOcVP6fT803MtslHomLeqNiwx5fZ/t4Cr+DDVglJiV9qZNGVOWTdh6giFFM
gECREjspejN3g4eFCxZgkRI9UrfItOLyvA6MAJpNQ8nr5Q9uZc6NoNeSg8hLijWA
TeOvGg5PZextlBHX7NyoIq05Wk4Ilkv3RmpjzNj/W37BX31mHHlCp7kQKm2Cq3Rk
VHq4kUC8eD7tKrkjX6UXPZZo5/enEVuHN69Cw8AqZUofhE5svlYHm7Fu3Xluz9FW
4Havi+R5Ckx7Hkg0HHFcJ09ViNheZD+LmufHSdwXVOUqzTatum9LlZ3AmQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCroEG9jSG1uSCmxcOHQ0zNQQOmEMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvS3VnUWIyTkliVzVJS2JGdzRkRFRNMUJBNllRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAURaBAwQC
WbkAAwQCWbkYAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQAgZ53sfaAE/y5/Uy2c
AA+zhmMPd7RNIeVYvmE0t9caCZM5YPyIhyetgNjlZ5vbd8ZY6GXlqx0Q+/JW8J2m
I1w5x93tfcuRIkZPaSRC+pw+P7s1ggFy2WBJHvjUKEJQOTKLSbgWAVtHacn6JgVj
THzcp0AYfOKB/mvOzX3aFldQH9/VEKASh9eHjjacfLovaCN0EU3Wd4WaPz4suPEA
2VX4j7898IDJ9hmBibbNm/XTc8fmQjlbVGrSQi4s4I/Ib2IQucO/pgPZzF7s5/3c
FvniNaMvGdVt2Tsu5LmuNF2cj3GIQslU0Ln8Fz9OSeOI0qXNLBvZGLr41rggZJc1
G+kZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org