Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/NKkfDQ5N_yrxmpZNrktn1EBTRWM.roa
File: NKkfDQ5N_yrxmpZNrktn1EBTRWM.roa (raw, json)
Hash identifier: 65ZLhAgSsG7NMIpZjgqFV1LtZmwxY51Fsb+1elMA9t4=
Subject key identifier: 34:A9:1F:0D:0E:4D:FF:2A:F1:9A:96:4D:AE:4B:67:D4:40:53:45:63
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018C52BFF3DBE2695858EE5670C946F6BB7B
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/NKkfDQ5N_yrxmpZNrktn1EBTRWM.roa
Signing time: Sun 10 Dec 2023 08:02:40 +0000
ROA not before: Sun 10 Dec 2023 08:02:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61135
IP address blocks: 81.22.141.0/24 maxlen: 24
109.72.113.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:52:bf:f3:db:e2:69:58:58:ee:56:70:c9:46:f6:bb:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Dec 10 08:02:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34a91f0d0e4dff2af19a964dae4b67d440534563
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:9d:bb:f1:4e:8a:50:44:fd:49:d7:94:48:1b:
d4:c2:52:d7:14:06:f9:67:b3:28:26:9c:b3:9e:43:
65:95:b9:92:fd:19:90:d1:d5:11:6e:ce:d1:ca:2c:
02:2c:12:1c:c4:17:d0:2b:fa:56:25:73:aa:6f:fb:
2c:29:2e:80:71:89:f2:62:d5:87:e3:89:89:0b:75:
ab:88:ee:73:fd:b3:a9:ea:9f:91:70:6a:0f:e9:36:
f8:a5:87:37:82:72:20:5c:e9:6e:b8:89:f4:6f:76:
81:71:f3:86:a4:3f:3d:9d:2b:cb:98:c2:ae:15:72:
30:80:c3:82:f6:f1:70:35:71:c7:e9:70:ff:a1:f1:
b2:19:e3:12:78:e1:33:47:89:e1:f5:39:e2:52:ab:
66:fe:86:2c:c2:f7:8c:ba:6f:10:f4:dd:84:ff:06:
03:f1:a2:a3:ca:4a:d1:bb:b0:76:cd:2e:4c:3a:a1:
a4:86:43:2b:7d:9c:74:7f:f7:b6:b5:8e:49:80:4e:
7b:c3:5b:e9:8a:53:04:a5:1a:b6:71:b8:7d:f7:e8:
c6:d6:79:8b:dc:90:6b:84:9e:39:34:87:e9:5b:ac:
02:19:c3:6f:68:11:45:ad:09:90:e9:f1:ad:d7:19:
c5:98:55:d1:50:cd:0b:13:08:37:46:7a:3b:ed:39:
de:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:A9:1F:0D:0E:4D:FF:2A:F1:9A:96:4D:AE:4B:67:D4:40:53:45:63
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/NKkfDQ5N_yrxmpZNrktn1EBTRWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.141.0/24
109.72.113.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:be:05:48:d0:51:e6:d8:4b:0d:51:4f:a0:37:af:b3:0f:25:
84:32:d1:38:90:41:24:01:1e:77:e7:27:5e:10:99:99:7c:cb:
9b:48:e1:b4:1a:27:44:d6:77:be:af:01:a4:e6:7b:0e:f4:3f:
d9:d2:81:ed:52:6c:c1:26:4d:17:e5:f4:d6:72:8e:1f:f7:90:
1f:ab:d4:08:9c:31:aa:36:e0:90:45:4c:23:98:40:60:01:d7:
aa:81:4a:1e:16:0e:d8:0a:ff:4f:e2:1a:ec:a0:11:55:38:f2:
15:15:e8:cc:f8:79:f0:2b:61:e4:92:3e:4a:e2:a1:3d:56:1e:
20:24:be:1f:53:10:3d:bc:27:48:d6:6c:79:87:de:ab:30:0b:
a2:5e:de:d3:2e:2b:ff:a8:2b:08:c5:c9:eb:28:7d:a1:6e:08:
88:cb:9b:1d:d0:63:b2:e6:40:d8:3c:20:05:b0:3f:a6:51:8e:
b1:79:eb:da:4a:b3:4b:43:b2:4c:51:d4:88:b4:30:74:57:5f:
64:59:84:c0:ae:45:a6:16:27:65:de:2e:5c:33:2a:99:74:05:
ed:b3:d1:76:ec:ad:cb:cb:8f:5d:a4:c8:2e:83:9e:2b:d6:30:
2a:10:51:c5:3c:80:90:95:d8:fe:f0:79:5a:f3:b9:04:8f:1a:
0b:8a:26:73
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYxSv/Pb4mlYWO5WcMlG9rt7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMxMjEwMDgwMjQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGE5MWYwZDBlNGRmZjJhZjE5YTk2NGRhZTRiNjdkNDQwNTM0NTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6J278U6KUET9SdeUSBvUwlLXFAb5
Z7MoJpyznkNllbmS/RmQ0dURbs7RyiwCLBIcxBfQK/pWJXOqb/ssKS6AcYnyYtWH
44mJC3WriO5z/bOp6p+RcGoP6Tb4pYc3gnIgXOluuIn0b3aBcfOGpD89nSvLmMKu
FXIwgMOC9vFwNXHH6XD/ofGyGeMSeOEzR4nh9TniUqtm/oYswveMum8Q9N2E/wYD
8aKjykrRu7B2zS5MOqGkhkMrfZx0f/e2tY5JgE57w1vpilMEpRq2cbh99+jG1nmL
3JBrhJ45NIfpW6wCGcNvaBFFrQmQ6fGt1xnFmFXRUM0LEwg3Rno77Tne2wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDSpHw0OTf8q8ZqWTa5LZ9RAU0VjMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvTktrZkRRNU5feXJ4bXBaTnJrdG4xRUJUUldNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAURaNAwQA
bUhxMA0GCSqGSIb3DQEBCwUAA4IBAQCOvgVI0FHm2EsNUU+gN6+zDyWEMtE4kEEk
AR535ydeEJmZfMubSOG0GidE1ne+rwGk5nsO9D/Z0oHtUmzBJk0X5fTWco4f95Af
q9QInDGqNuCQRUwjmEBgAdeqgUoeFg7YCv9P4hrsoBFVOPIVFejM+HnwK2Hkkj5K
4qE9Vh4gJL4fUxA9vCdI1mx5h96rMAuiXt7TLiv/qCsIxcnrKH2hbgiIy5sd0GOy
5kDYPCAFsD+mUY6xeevaSrNLQ7JMUdSItDB0V19kWYTArkWmFidl3i5cMyqZdAXt
s9F27K3Ly49dpMgug54r1jAqEFHFPICQldj+8Hla87kEjxoLiiZz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org