Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/M5ITxwhB7IkSOLhsyVcOzh6bldE.roa
File: M5ITxwhB7IkSOLhsyVcOzh6bldE.roa (raw, json)
Hash identifier: MEXkNLZRD/TTIDJ7kChtzrFp8nkcriXwFatySMilr0A=
Subject key identifier: 33:92:13:C7:08:41:EC:89:12:38:B8:6C:C9:57:0E:CE:1E:9B:95:D1
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0188A4A53B152A65338378139D4D3D6060CE
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/M5ITxwhB7IkSOLhsyVcOzh6bldE.roa
Signing time: Sat 10 Jun 2023 09:31:11 +0000
ROA not before: Sat 10 Jun 2023 09:31:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 81.22.140.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sun 11 Jun 2023 10:06:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a4:a5:3b:15:2a:65:33:83:78:13:9d:4d:3d:60:60:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jun 10 09:31:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=339213c70841ec891238b86cc9570ece1e9b95d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:2a:16:b4:8d:1d:11:0d:e8:ed:fa:2a:7c:50:
33:5f:fa:a3:c7:b5:50:06:3d:d1:8c:dc:b9:44:fa:
1a:aa:77:7a:55:31:e2:c1:51:ca:c3:ee:95:c9:a0:
e5:47:ae:26:1d:a8:ed:2f:14:f0:38:c1:a4:ff:07:
94:be:48:9c:e3:fa:90:d1:c5:49:dc:67:f3:f8:62:
35:23:45:8b:5b:b6:80:28:f3:e3:61:29:df:77:74:
97:d9:ac:36:85:8f:77:80:65:93:27:7c:d9:8e:c0:
89:4e:d7:59:61:e3:4b:34:42:08:9a:f7:1b:61:f0:
5c:fc:8f:29:a3:88:8f:16:b2:4a:af:c0:d4:50:cf:
9a:d8:81:ea:8d:72:1d:46:08:2e:80:4a:64:cb:1c:
7b:f7:72:74:e8:8b:d7:f3:2d:96:fd:1a:36:ca:b2:
3b:f1:c1:10:af:3d:12:d0:60:4b:5f:34:70:a5:97:
ed:75:c1:12:1f:63:8e:4e:6a:93:85:49:b1:23:cb:
06:c4:3c:38:a5:4a:1a:75:b3:c8:99:63:33:8f:b6:
ae:96:c8:74:b7:27:a8:c1:4d:9c:a7:a5:22:e3:f2:
ac:5e:41:79:33:28:bb:2c:40:10:af:4c:d5:e8:25:
29:ec:d4:6c:c8:9e:37:99:73:1f:cb:5b:64:b9:a6:
0c:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:92:13:C7:08:41:EC:89:12:38:B8:6C:C9:57:0E:CE:1E:9B:95:D1
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/M5ITxwhB7IkSOLhsyVcOzh6bldE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.140.0/22
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:dc:9b:1a:6e:6d:44:58:15:cc:30:ff:c1:b7:8d:ef:15:4a:
c9:14:81:40:7a:7b:c8:39:57:30:af:2f:96:0e:18:1f:09:da:
2f:f9:49:69:90:4f:54:20:d0:b3:fb:49:7a:4d:37:99:b2:21:
0d:82:83:22:4a:87:d1:8d:f2:1d:aa:92:9d:bf:51:31:5b:14:
33:c4:ee:8d:4c:3f:5e:ec:70:15:1f:d5:ef:4f:e5:59:0b:99:
90:01:20:5d:0f:4b:c7:b7:1d:5c:d8:66:c7:d3:94:ec:bf:d7:
e5:da:a5:bb:b9:6c:71:d3:f8:c7:ee:3c:8d:00:7e:a9:0f:43:
0b:50:4d:8e:e7:e4:99:1d:ca:c1:e6:74:f5:4f:57:da:e9:cf:
89:fb:03:43:e8:97:2d:1c:b8:ca:79:9c:b9:27:a5:3c:98:32:
8a:95:7c:d3:c7:f5:65:93:3c:6d:63:68:18:a6:d0:3d:50:23:
99:43:fe:ef:c7:87:31:53:55:b9:f4:6c:e8:d9:37:e9:6c:ac:
b5:a9:ce:d0:e3:86:a4:fc:81:8a:b4:6a:27:0c:45:86:1b:61:
a7:ff:9c:c9:d0:a0:7e:a7:23:2f:d2:10:64:57:dd:cf:30:ef:
3a:62:70:de:b4:d3:03:8a:e1:2f:42:61:ba:2f:f1:42:21:7d:
ae:00:40:fc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYikpTsVKmUzg3gTnU09YGDOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwNjEwMDkzMTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzkyMTNjNzA4NDFlYzg5MTIzOGI4NmNjOTU3MGVjZTFlOWI5NWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmioWtI0dEQ3o7foqfFAzX/qjx7VQ
Bj3RjNy5RPoaqnd6VTHiwVHKw+6VyaDlR64mHajtLxTwOMGk/weUvkic4/qQ0cVJ
3Gfz+GI1I0WLW7aAKPPjYSnfd3SX2aw2hY93gGWTJ3zZjsCJTtdZYeNLNEIImvcb
YfBc/I8po4iPFrJKr8DUUM+a2IHqjXIdRggugEpkyxx793J06IvX8y2W/Ro2yrI7
8cEQrz0S0GBLXzRwpZftdcESH2OOTmqThUmxI8sGxDw4pUoadbPImWMzj7aulsh0
tyeowU2cp6Ui4/KsXkF5Myi7LEAQr0zV6CUp7NRsyJ43mXMfy1tkuaYMCQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDOSE8cIQeyJEji4bMlXDs4em5XRMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvTTVJVHh3aEI3SWtTT0xoc3lWY096aDZibGRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCURaMAwQC
WbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQAe3Jsabm1EWBXMMP/Bt43vFUrJ
FIFAenvIOVcwry+WDhgfCdov+UlpkE9UINCz+0l6TTeZsiENgoMiSofRjfIdqpKd
v1ExWxQzxO6NTD9e7HAVH9XvT+VZC5mQASBdD0vHtx1c2GbH05Tsv9fl2qW7uWxx
0/jH7jyNAH6pD0MLUE2O5+SZHcrB5nT1T1fa6c+J+wND6JctHLjKeZy5J6U8mDKK
lXzTx/VlkzxtY2gYptA9UCOZQ/7vx4cxU1W59Gzo2TfpbKy1qc7Q44ak/IGKtGon
DEWGG2Gn/5zJ0KB+pyMv0hBkV93PMO86YnDetNMDiuEvQmG6L/FCIX2uAED8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org