Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/KynWgULCkispbQ6u6OIHE2y9RAU.roa
File: KynWgULCkispbQ6u6OIHE2y9RAU.roa (raw, json)
Hash identifier: vUI+wSbL1A/GKhPaovelei0mAWWeYl91ofoUMt/SOS4=
Subject key identifier: 2B:29:D6:81:42:C2:92:2B:29:6D:0E:AE:E8:E2:07:13:6C:BD:44:05
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018CC649CABC68D03D85B914F0F913058090
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/KynWgULCkispbQ6u6OIHE2y9RAU.roa
Signing time: Mon 01 Jan 2024 18:29:33 +0000
ROA not before: Mon 01 Jan 2024 18:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 81.22.135.0/24 maxlen: 24
109.72.117.0/24 maxlen: 24
109.72.120.0/24 maxlen: 24
109.72.127.0/24 maxlen: 24
89.185.1.0/24 maxlen: 24
89.185.3.0/24 maxlen: 24
81.22.129.0/24 maxlen: 24
81.22.130.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jan 2024 10:06:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:ca:bc:68:d0:3d:85:b9:14:f0:f9:13:05:80:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 1 18:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b29d68142c2922b296d0eaee8e207136cbd4405
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:9e:95:b2:4e:1a:0d:3a:3d:b4:9b:8f:3e:d1:
e5:bd:d7:ec:1e:a3:53:1e:2c:15:c3:21:f4:17:aa:
a9:69:9b:f5:91:8e:9f:08:ee:36:b7:25:cc:55:ba:
d8:6a:2d:bd:4c:56:0a:e2:0b:cf:de:8c:95:01:5a:
00:cf:24:0b:b8:de:42:8f:f4:5f:c5:ca:6d:d7:a9:
20:88:51:a7:50:27:a4:49:c5:28:bb:69:f5:cf:94:
16:a0:bc:cd:9d:8d:e7:7a:7f:ee:50:b8:4b:f3:e9:
87:0f:44:e5:f8:07:d9:1d:05:72:f1:ab:dd:4e:d9:
f6:21:c7:4c:e5:d6:8f:d9:eb:04:9a:36:a0:63:64:
2a:a2:bb:e2:e6:1a:a5:cc:f4:06:ca:aa:a7:aa:87:
26:44:f9:d3:a6:51:bc:9f:4d:b6:d8:e8:e5:1e:6f:
73:6f:06:54:ec:b1:dd:3c:eb:c7:d9:9f:2b:9d:7d:
6b:f2:e9:36:44:98:3b:b2:57:3b:63:46:45:5e:0d:
97:ac:dc:1b:f1:b2:50:58:4b:1f:f1:5f:d3:78:12:
80:08:62:2d:15:40:b2:73:56:92:f7:39:10:7b:72:
c4:58:9a:62:f7:1e:f7:d6:72:51:4e:a3:11:b6:4e:
dc:1a:3e:f7:a1:6a:f5:80:00:66:4f:6a:86:83:61:
d3:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:29:D6:81:42:C2:92:2B:29:6D:0E:AE:E8:E2:07:13:6C:BD:44:05
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/KynWgULCkispbQ6u6OIHE2y9RAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.129.0-81.22.130.255
81.22.135.0/24
89.185.1.0/24
89.185.3.0/24
109.72.117.0/24
109.72.120.0/24
109.72.127.0/24
Signature Algorithm: sha256WithRSAEncryption
60:42:31:f3:1b:48:83:f9:a4:05:d7:0a:19:7d:09:9c:b5:61:
ca:63:a3:56:5b:c9:fd:a2:b4:2d:45:05:13:18:7f:c5:a6:39:
e7:28:e8:1a:99:ae:67:2a:ef:71:82:c8:ed:9f:04:83:83:67:
39:f1:17:8f:22:51:1f:c9:c0:af:6a:68:10:de:bf:b0:3d:f2:
9f:c8:7d:7b:ce:00:ce:57:89:71:b5:7f:eb:61:84:36:ff:ae:
fe:0e:ab:c4:ad:7a:bc:19:86:27:a0:90:66:a4:e9:c1:f9:e0:
3e:d3:07:75:67:cc:6b:d1:f8:14:e5:ab:39:d8:53:eb:5c:78:
19:d5:d0:25:91:55:20:b8:55:2b:64:3e:d6:b7:93:b6:22:cc:
f6:11:05:df:bd:7e:25:b3:6f:b8:56:8c:6c:89:74:80:41:a0:
d6:17:e9:c0:c8:ff:ed:3a:21:56:32:9f:76:13:cf:32:d5:cf:
7d:2b:b5:98:14:66:60:11:30:9f:d9:5b:0c:ea:33:5c:c8:1a:
70:4e:81:51:a9:cb:48:ed:bd:08:b0:69:5c:41:0c:d3:61:a0:
7f:ff:4e:74:3b:35:32:23:45:23:20:a8:e5:72:5b:d9:de:48:
72:1d:7d:b8:8b:f2:27:92:39:4b:e6:94:8c:7b:58:b0:42:a3:
95:18:b7:7c
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYzGScq8aNA9hbkU8PkTBYCQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMTAxMTgyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjI5ZDY4MTQyYzI5MjJiMjk2ZDBlYWVlOGUyMDcxMzZjYmQ0NDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZ6Vsk4aDTo9tJuPPtHlvdfsHqNT
HiwVwyH0F6qpaZv1kY6fCO42tyXMVbrYai29TFYK4gvP3oyVAVoAzyQLuN5Cj/Rf
xcpt16kgiFGnUCekScUou2n1z5QWoLzNnY3nen/uULhL8+mHD0Tl+AfZHQVy8avd
Ttn2IcdM5daP2esEmjagY2Qqorvi5hqlzPQGyqqnqocmRPnTplG8n0222OjlHm9z
bwZU7LHdPOvH2Z8rnX1r8uk2RJg7slc7Y0ZFXg2XrNwb8bJQWEsf8V/TeBKACGIt
FUCyc1aS9zkQe3LEWJpi9x731nJRTqMRtk7cGj73oWr1gABmT2qGg2HTWQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFCsp1oFCwpIrKW0OrujiBxNsvUQFMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvS3luV2dVTENraXNwYlE2dTZPSUhFMnk5UkFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyMAwDBABRFoED
BABRFoIDBABRFocDBABZuQEDBABZuQMDBABtSHUDBABtSHgDBABtSH8wDQYJKoZI
hvcNAQELBQADggEBAGBCMfMbSIP5pAXXChl9CZy1Ycpjo1Zbyf2itC1FBRMYf8Wm
Oeco6BqZrmcq73GCyO2fBIODZznxF48iUR/JwK9qaBDev7A98p/IfXvOAM5XiXG1
f+thhDb/rv4Oq8SterwZhiegkGak6cH54D7TB3VnzGvR+BTlqznYU+tceBnV0CWR
VSC4VStkPta3k7YizPYRBd+9fiWzb7hWjGyJdIBBoNYX6cDI/+06IVYyn3YTzzLV
z30rtZgUZmARMJ/ZWwzqM1zIGnBOgVGpy0jtvQiwaVxBDNNhoH//TnQ7NTIjRSMg
qOVyW9neSHIdfbiL8ieSOUvmlIx7WLBCo5UYt3w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org