Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/NkoDHLLoTCQX5Jx0jc8OLvt0GCo.roa
File: NkoDHLLoTCQX5Jx0jc8OLvt0GCo.roa (raw, json)
Hash identifier: 2AuI/R7t2qVOZ4DgARGHFfnqrv/SsFhSmI+3OpXAfBw=
Subject key identifier: 36:4A:03:1C:B2:E8:4C:24:17:E4:9C:74:8D:CF:0E:2E:FB:74:18:2A
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018570672CF2E06A173A4BC263EE9743C9C4
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/NkoDHLLoTCQX5Jx0jc8OLvt0GCo.roa
Signing time: Mon 02 Jan 2023 02:54:47 +0000
ROA not before: Mon 02 Jan 2023 02:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 81.22.134.0/24 maxlen: 24
81.22.133.0/24 maxlen: 24
89.185.24.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 21 Jan 2023 00:05:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:2c:f2:e0:6a:17:3a:4b:c2:63:ee:97:43:c9:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 2 02:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=364a031cb2e84c2417e49c748dcf0e2efb74182a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:7a:eb:79:46:37:5f:f4:c7:ed:c7:25:62:21:
6c:5c:c8:0d:57:bb:69:d8:50:f0:0c:23:ad:02:77:
72:57:2c:1e:ec:c3:f2:ac:2f:bc:8a:96:2a:08:7b:
2f:3f:2f:33:da:0d:02:55:e2:a6:45:af:cc:4d:de:
aa:e2:b9:0e:19:c4:59:3b:4c:9f:f1:97:fc:5f:b8:
b3:6d:72:1b:e5:7b:38:3c:ff:22:df:37:a9:48:f8:
d1:3c:6f:c9:0a:34:30:7f:1c:b1:8d:9f:96:5a:a5:
b1:1a:04:ff:d9:0f:36:65:4c:d3:49:c9:0e:71:bd:
73:6d:8f:e7:ae:1f:52:89:7e:6e:b6:a0:0a:cf:e5:
a5:97:19:59:47:d8:96:62:76:d6:c6:39:c5:9a:77:
af:db:40:e5:aa:3f:7b:ac:8a:1d:d2:4e:e9:de:37:
3d:68:15:35:d4:74:17:73:28:c2:75:0f:7a:22:23:
59:69:3a:6c:79:bb:c5:a3:75:c5:54:48:c2:0e:6f:
3b:8e:f9:7d:71:be:a1:5c:67:be:69:7b:0c:0f:fb:
a5:29:31:de:cf:2f:a9:d8:af:df:20:ba:1a:d6:cd:
c1:b7:df:e0:ec:db:87:6e:3b:2c:93:38:07:56:31:
d5:2d:3c:41:29:73:03:a3:83:75:be:63:37:2b:30:
d6:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:4A:03:1C:B2:E8:4C:24:17:E4:9C:74:8D:CF:0E:2E:FB:74:18:2A
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/NkoDHLLoTCQX5Jx0jc8OLvt0GCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.133.0-81.22.134.255
89.185.24.0/22
Signature Algorithm: sha256WithRSAEncryption
08:ea:1c:86:83:ea:72:8a:23:2e:d4:48:f5:6a:ba:b7:b9:48:
ae:98:8a:39:fb:a5:d3:40:e3:88:a4:21:53:96:4a:0f:d4:8a:
ea:86:6f:1e:dc:c5:15:80:84:1a:04:b7:23:77:81:1c:50:5e:
70:45:15:2b:fd:7c:2c:3d:74:04:32:69:9b:0c:51:9b:c2:95:
22:41:0e:37:98:f6:5b:52:a1:9c:e5:54:08:42:87:76:4b:fd:
09:6c:f3:7c:b1:88:d3:17:f3:4b:f0:d5:ce:a5:b9:32:07:de:
d0:a4:ae:ea:ef:b2:17:be:2f:bd:04:71:54:36:11:9e:43:b2:
0d:45:3c:6b:fb:e4:ed:80:49:65:c5:5b:73:1d:70:8c:91:00:
99:c1:ea:0d:5c:5c:38:d4:66:e9:e3:52:6f:b8:96:d8:c3:6e:
49:c1:ff:f0:9a:c6:4b:4f:a7:83:78:36:2a:c9:37:5d:b2:b3:
9b:66:c8:14:98:68:99:0c:ce:8c:ea:b2:04:3c:e0:fc:d6:94:
2a:1d:93:9e:7f:fa:21:78:bd:57:21:39:39:e0:57:17:c7:41:
c5:a0:8d:34:13:fa:79:d0:36:7a:6f:85:b5:23:02:a1:72:17:
08:7b:ef:bb:2d:72:06:f8:69:24:73:49:50:69:bd:70:4f:10:
92:b2:58:c1
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVwZyzy4GoXOkvCY+6XQ8nEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwMTAyMDI1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjRhMDMxY2IyZTg0YzI0MTdlNDljNzQ4ZGNmMGUyZWZiNzQxODJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXrreUY3X/TH7cclYiFsXMgNV7tp
2FDwDCOtAndyVywe7MPyrC+8ipYqCHsvPy8z2g0CVeKmRa/MTd6q4rkOGcRZO0yf
8Zf8X7izbXIb5Xs4PP8i3zepSPjRPG/JCjQwfxyxjZ+WWqWxGgT/2Q82ZUzTSckO
cb1zbY/nrh9SiX5utqAKz+WllxlZR9iWYnbWxjnFmnev20Dlqj97rIod0k7p3jc9
aBU11HQXcyjCdQ96IiNZaTpsebvFo3XFVEjCDm87jvl9cb6hXGe+aXsMD/ulKTHe
zy+p2K/fILoa1s3Bt9/g7NuHbjsskzgHVjHVLTxBKXMDo4N1vmM3KzDWKQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDZKAxyy6EwkF+ScdI3PDi77dBgqMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvTmtvREhMTG9UQ1FYNUp4MGpjOE9MdnQwR0NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABRFoUD
BABRFoYDBAJZuRgwDQYJKoZIhvcNAQELBQADggEBAAjqHIaD6nKKIy7USPVqure5
SK6Yijn7pdNA44ikIVOWSg/UiuqGbx7cxRWAhBoEtyN3gRxQXnBFFSv9fCw9dAQy
aZsMUZvClSJBDjeY9ltSoZzlVAhCh3ZL/Qls83yxiNMX80vw1c6luTIH3tCkrurv
she+L70EcVQ2EZ5Dsg1FPGv75O2ASWXFW3MdcIyRAJnB6g1cXDjUZunjUm+4ltjD
bknB//CaxktPp4N4NirJN12ys5tmyBSYaJkMzozqsgQ84PzWlCodk55/+iF4vVch
OTngVxfHQcWgjTQT+nnQNnpvhbUjAqFyFwh777stcgb4aSRzSVBpvXBPEJKyWME=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org