Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/KyvhKz8WP-xDkm3uw9ZARppxF6c.roa
File: KyvhKz8WP-xDkm3uw9ZARppxF6c.roa (raw, json)
Hash identifier: lL9V+KDpzSU9x2xEm+mrzuVjmyFQ3+m/C3ltD7HFwQQ=
Subject key identifier: 2B:2B:E1:2B:3F:16:3F:EC:43:92:6D:EE:C3:D6:40:46:9A:71:17:A7
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018B70433BB13F2E83133D12CDFF8213EEAA
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/KyvhKz8WP-xDkm3uw9ZARppxF6c.roa
Signing time: Fri 27 Oct 2023 08:32:16 +0000
ROA not before: Fri 27 Oct 2023 08:32:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.185.24.0/22 maxlen: 24
81.22.140.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Nov 2023 16:45:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:70:43:3b:b1:3f:2e:83:13:3d:12:cd:ff:82:13:ee:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Oct 27 08:32:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b2be12b3f163fec43926deec3d640469a7117a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:e4:d4:58:3e:70:ca:c3:0f:3f:1e:e9:6b:2a:
c8:99:5e:bb:83:e1:7c:eb:b2:a5:66:c7:9d:c8:ef:
bf:7a:35:c0:a4:8f:42:5c:b8:34:47:91:63:98:b1:
78:c7:e2:f6:b1:b6:5e:97:ae:97:b1:4c:be:8b:89:
5c:6d:ff:5f:e1:67:4e:97:48:92:b7:64:e9:0f:0a:
99:c9:83:35:f6:11:ce:73:fb:b5:3d:26:1b:2f:39:
91:26:54:d3:d5:03:06:c4:01:8f:50:ee:e1:4f:d1:
a5:c2:fd:c8:c3:07:1d:e4:0c:71:c0:d9:0b:8d:56:
bb:68:62:fa:1c:41:a0:23:93:69:02:dc:46:0a:ef:
c6:55:8e:2e:f5:43:96:0d:b3:4f:ad:e5:fe:06:75:
45:3e:fa:c4:f3:4b:cf:eb:77:24:ce:28:f6:df:5e:
95:05:8c:ae:1f:d7:97:7f:eb:3b:86:5e:75:ba:af:
d5:d3:53:15:ad:22:cd:03:34:41:f8:b6:8d:ab:7e:
e7:0f:83:51:c0:81:4d:9c:d6:d1:fa:14:c5:04:19:
a4:dc:59:28:62:e2:be:ca:12:f8:da:65:a1:3b:fb:
d9:9d:82:38:60:b6:1b:7c:62:88:5f:5d:3a:77:02:
3e:1d:ae:d5:8e:f7:26:90:e9:89:15:a1:48:07:22:
3d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:2B:E1:2B:3F:16:3F:EC:43:92:6D:EE:C3:D6:40:46:9A:71:17:A7
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/KyvhKz8WP-xDkm3uw9ZARppxF6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.140.0/22
89.185.0.0/22
89.185.24.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:97:45:c2:fa:13:39:a7:38:44:46:50:5f:e3:84:9a:58:38:
0c:f6:b6:39:ea:af:36:a4:bd:91:01:d6:86:0f:6f:8e:e8:2e:
9b:57:27:37:b8:1f:b4:92:98:8f:5b:23:f0:bf:2f:9a:3e:5f:
28:cf:ec:17:67:b5:2b:07:f2:ab:64:ca:4b:11:ec:63:63:56:
28:9e:5d:2b:41:62:0b:d0:ac:0f:7c:88:d3:32:a5:0c:1b:6b:
1f:0f:88:bb:f5:6c:c2:7a:b6:63:49:04:8b:ee:25:38:d6:d3:
31:ca:4d:43:dc:49:93:77:ec:9e:00:23:7f:8a:18:1c:78:03:
6d:d4:f3:6c:2b:0b:41:07:c8:94:c7:b8:26:0a:48:29:f2:f6:
19:75:3f:cf:bc:65:9f:34:58:76:16:07:48:38:5e:ab:06:32:
00:29:46:90:2d:b7:29:6d:c6:06:c2:b6:11:69:19:06:fb:92:
34:e3:8d:27:0d:0c:bd:f4:9a:fb:9d:21:a9:48:ff:92:49:91:
10:1a:e4:07:37:ac:b2:73:4f:71:96:23:a3:0f:bc:c4:c7:0f:
e2:8c:f0:24:82:10:a9:65:4c:b2:8a:be:3d:ef:04:1d:74:a0:
59:a2:c5:55:b7:8d:5c:70:ad:a1:4c:3b:84:64:6a:be:19:72:
73:52:82:50
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYtwQzuxPy6DEz0Szf+CE+6qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMxMDI3MDgzMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjJiZTEyYjNmMTYzZmVjNDM5MjZkZWVjM2Q2NDA0NjlhNzExN2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+TUWD5wysMPPx7payrImV67g+F8
67KlZsedyO+/ejXApI9CXLg0R5FjmLF4x+L2sbZel66XsUy+i4lcbf9f4WdOl0iS
t2TpDwqZyYM19hHOc/u1PSYbLzmRJlTT1QMGxAGPUO7hT9Glwv3Iwwcd5AxxwNkL
jVa7aGL6HEGgI5NpAtxGCu/GVY4u9UOWDbNPreX+BnVFPvrE80vP63ckzij2316V
BYyuH9eXf+s7hl51uq/V01MVrSLNAzRB+LaNq37nD4NRwIFNnNbR+hTFBBmk3Fko
YuK+yhL42mWhO/vZnYI4YLYbfGKIX106dwI+Ha7VjvcmkOmJFaFIByI9/wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCsr4Ss/Fj/sQ5Jt7sPWQEaacRenMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvS3l2aEt6OFdQLXhEa20zdXc5WkFScHB4RjZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCURaMAwQC
WbkAAwQCWbkYAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQCgl0XC+hM5pzhERlBf
44SaWDgM9rY56q82pL2RAdaGD2+O6C6bVyc3uB+0kpiPWyPwvy+aPl8oz+wXZ7Ur
B/KrZMpLEexjY1Yonl0rQWIL0KwPfIjTMqUMG2sfD4i79WzCerZjSQSL7iU41tMx
yk1D3EmTd+yeACN/ihgceANt1PNsKwtBB8iUx7gmCkgp8vYZdT/PvGWfNFh2FgdI
OF6rBjIAKUaQLbcpbcYGwrYRaRkG+5I0440nDQy99Jr7nSGpSP+SSZEQGuQHN6yy
c09xliOjD7zExw/ijPAkghCpZUyyir497wQddKBZosVVt41ccK2hTDuEZGq+GXJz
UoJQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org