Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/Lx50dLIcmqxc1YKnbMyn4-kNEL0.roa
File: Lx50dLIcmqxc1YKnbMyn4-kNEL0.roa (raw, json)
Hash identifier: 8nudcd3n41PsWUofoXUaRYn/Rs+G3DYfxZpNyfPwuIY=
Subject key identifier: 2F:1E:74:74:B2:1C:9A:AC:5C:D5:82:A7:6C:CC:A7:E3:E9:0D:10:BD
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018C2B1A20CCC31D4FA538AA2564C4CE2AAE
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/Lx50dLIcmqxc1YKnbMyn4-kNEL0.roa
Signing time: Sat 02 Dec 2023 15:16:21 +0000
ROA not before: Sat 02 Dec 2023 15:16:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 24
89.185.24.0/22 maxlen: 24
81.22.140.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
109.72.123.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 05 Dec 2023 08:41:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:2b:1a:20:cc:c3:1d:4f:a5:38:aa:25:64:c4:ce:2a:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Dec 2 15:16:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f1e7474b21c9aac5cd582a76ccca7e3e90d10bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:26:d9:45:70:78:89:13:59:5e:be:8c:e9:9e:
5f:91:2e:73:e0:7b:91:ef:23:8f:9d:5e:6c:ad:85:
fe:dd:14:b4:5c:2a:ae:aa:a1:f5:bc:b6:af:9a:c2:
32:fe:47:ed:26:c4:81:45:ed:91:0b:d6:88:3a:ec:
68:d7:53:ee:3f:70:12:46:29:5d:e7:6d:89:12:5c:
7f:7f:7b:2c:ba:df:1a:a5:8b:79:1f:fe:6e:db:3b:
40:5e:30:ec:b0:8f:72:60:90:43:ac:2a:cd:d4:e2:
5c:7b:c1:38:cf:b8:0c:a9:20:b7:36:2b:0c:a7:ed:
de:08:69:31:29:ea:3b:f0:15:b5:5b:75:80:55:c1:
7f:99:6f:f4:b1:8a:18:19:af:a5:b7:98:2e:40:5f:
54:b9:b0:cf:b3:ff:f5:05:bc:7e:e2:b0:42:c5:22:
7b:af:a3:e1:db:4a:f6:cf:66:e0:42:d2:5b:8e:53:
47:dc:66:42:a7:79:dd:6d:10:b9:5c:77:9a:47:32:
63:0b:f3:c3:31:5e:2f:a9:ee:de:80:16:5c:fc:1e:
7f:9f:9b:d8:e7:29:19:20:a2:7c:d5:eb:a6:69:05:
9a:83:7f:8b:16:84:eb:e4:82:f4:61:4b:2e:8c:e1:
c4:ba:ba:ae:bb:71:bb:c8:39:97:66:a8:fa:f9:31:
47:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:1E:74:74:B2:1C:9A:AC:5C:D5:82:A7:6C:CC:A7:E3:E9:0D:10:BD
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/Lx50dLIcmqxc1YKnbMyn4-kNEL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
89.185.24.0/22
109.72.116.0/22
109.72.123.0/24
Signature Algorithm: sha256WithRSAEncryption
28:6e:91:0a:0a:33:15:ed:a2:89:44:83:3d:a3:bb:0c:11:74:
c0:6e:36:59:e2:10:ef:b7:26:90:89:e2:79:15:3c:60:ea:2d:
b7:d3:9d:65:d9:7c:ba:6a:b4:e5:c2:f2:ca:1f:64:27:9e:e5:
b1:04:dd:fb:51:3a:ec:7e:ae:8d:c2:4f:33:73:fc:1b:c8:f5:
c0:61:cd:2c:8c:bc:4e:34:1c:c0:4f:57:1e:db:d9:09:90:7c:
2d:44:56:91:4f:af:1c:c3:2e:78:a1:bb:9a:e2:2f:a2:9e:fb:
8d:38:92:0d:43:ff:c3:b0:36:e3:7a:18:6d:50:81:d2:a6:7c:
bd:13:9a:90:b2:37:bd:a3:c8:f9:d3:6f:d1:1e:c5:e7:14:a7:
2f:b0:fe:a6:8d:83:07:14:b1:10:56:c3:ce:19:dc:82:a4:45:
e6:65:ed:f3:af:1e:36:63:e6:d0:cd:f6:a1:d3:ec:99:ec:86:
65:07:b2:93:d2:04:9e:75:4f:4d:4f:88:bc:b7:d2:01:cb:32:
66:06:d8:8d:82:c0:1b:5b:2e:bb:cb:f1:06:33:e8:05:4a:d3:
13:bc:62:83:76:45:72:8c:44:b7:d1:80:14:4e:a6:9f:b9:84:
65:cb:48:95:d8:4b:b7:f8:98:ef:81:cb:4f:8c:78:88:ad:2d:
3a:13:94:08
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYwrGiDMwx1PpTiqJWTEziquMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMxMjAyMTUxNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjFlNzQ3NGIyMWM5YWFjNWNkNTgyYTc2Y2NjYTdlM2U5MGQxMGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApybZRXB4iRNZXr6M6Z5fkS5z4HuR
7yOPnV5srYX+3RS0XCquqqH1vLavmsIy/kftJsSBRe2RC9aIOuxo11PuP3ASRild
522JElx/f3ssut8apYt5H/5u2ztAXjDssI9yYJBDrCrN1OJce8E4z7gMqSC3NisM
p+3eCGkxKeo78BW1W3WAVcF/mW/0sYoYGa+lt5guQF9UubDPs//1Bbx+4rBCxSJ7
r6Ph20r2z2bgQtJbjlNH3GZCp3ndbRC5XHeaRzJjC/PDMV4vqe7egBZc/B5/n5vY
5ykZIKJ81eumaQWag3+LFoTr5IL0YUsujOHEurquu3G7yDmXZqj6+TFHGQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFC8edHSyHJqsXNWCp2zMp+PpDRC9MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvTHg1MGRMSWNtcXhjMVlLbmJNeW40LWtORUwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDURaIAwQC
WbkAAwQCWbkYAwQCbUh0AwQAbUh7MA0GCSqGSIb3DQEBCwUAA4IBAQAobpEKCjMV
7aKJRIM9o7sMEXTAbjZZ4hDvtyaQieJ5FTxg6i23051l2Xy6arTlwvLKH2QnnuWx
BN37UTrsfq6Nwk8zc/wbyPXAYc0sjLxONBzAT1ce29kJkHwtRFaRT68cwy54obua
4i+invuNOJINQ//DsDbjehhtUIHSpny9E5qQsje9o8j502/RHsXnFKcvsP6mjYMH
FLEQVsPOGdyCpEXmZe3zrx42Y+bQzfah0+yZ7IZlB7KT0gSedU9NT4i8t9IByzJm
BtiNgsAbWy67y/EGM+gFStMTvGKDdkVyjES30YAUTqafuYRly0iV2Eu3+JjvgctP
jHiIrS06E5QI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org