Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/NtmRbAF5Qqx8Dj_9n_ZtEvmFZAA.roa
File: NtmRbAF5Qqx8Dj_9n_ZtEvmFZAA.roa (raw, json)
Hash identifier: 30M+nMhU1H8I6MPbYM2/4qxERD9PyDPcyC+Mi5aQg3g=
Subject key identifier: 36:D9:91:6C:01:79:42:AC:7C:0E:3F:FD:9F:F6:6D:12:F9:85:64:00
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018F39D64CBA69479567BB88FD124D07F007
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/NtmRbAF5Qqx8Dj_9n_ZtEvmFZAA.roa
Signing time: Thu 02 May 2024 15:04:56 +0000
ROA not before: Thu 02 May 2024 15:04:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 23
81.22.140.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
109.72.116.0/22 maxlen: 24
109.72.116.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 May 2024 09:44:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:39:d6:4c:ba:69:47:95:67:bb:88:fd:12:4d:07:f0:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: May 2 15:04:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36d9916c017942ac7c0e3ffd9ff66d12f9856400
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:28:c4:0e:74:3e:a9:53:0d:d8:55:14:78:59:
e4:c3:92:1d:4f:21:cb:71:e5:52:87:f1:14:ef:06:
b4:b9:ad:4e:5b:c7:6d:73:7c:72:3b:fb:a6:3a:b9:
37:43:d7:e4:bd:7a:59:78:f6:cd:18:c0:a1:09:6a:
e3:8c:c9:09:9b:19:3e:fb:a6:ef:32:c2:0d:6f:c7:
28:4a:81:75:0d:c4:f9:b5:32:f3:8e:c3:83:a2:af:
24:5e:50:d7:9c:61:6f:32:9c:69:17:0a:25:27:af:
23:ee:db:ee:bc:5e:e0:67:39:85:34:f0:52:59:ca:
2a:50:99:5b:75:e5:57:81:c6:24:c7:e4:25:06:b2:
dc:a6:0e:c5:fa:fd:90:ab:55:15:a3:e0:2c:d8:09:
d3:a5:04:29:b9:be:0e:f2:84:15:b3:30:c8:c5:dd:
6d:2b:fa:16:4e:92:92:77:df:b9:56:af:77:84:8b:
be:32:40:0b:75:69:79:e1:32:f0:9d:ce:55:64:6d:
74:dd:ac:00:64:33:e7:e7:8a:c5:30:81:f6:f1:9b:
62:0b:7f:b3:2f:55:ce:c2:9b:96:87:83:07:a7:00:
e9:4b:b0:b4:72:b1:41:d2:b8:ec:09:43:cd:3a:e2:
9d:16:54:27:d7:95:6d:ec:e7:fe:19:03:ef:83:9d:
45:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D9:91:6C:01:79:42:AC:7C:0E:3F:FD:9F:F6:6D:12:F9:85:64:00
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/NtmRbAF5Qqx8Dj_9n_ZtEvmFZAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
05:92:b1:3a:6f:dd:93:3a:70:45:e8:54:59:fa:77:84:b3:5f:
f8:72:18:d7:f8:a4:b6:6f:5a:da:b6:de:e2:28:17:a5:96:35:
a0:5c:13:51:aa:c3:04:42:88:a4:c2:9f:d2:df:c2:cc:6c:85:
2e:89:37:c4:7b:41:99:4e:b5:0b:94:d7:ff:0b:31:be:36:2b:
54:30:19:e7:ba:f9:17:eb:48:95:3e:83:43:8d:a3:9e:e4:fc:
33:75:83:1d:ea:2c:2b:3c:de:30:93:bd:88:9f:ed:75:30:23:
29:b1:0d:e5:b0:88:22:60:0a:73:c5:29:ed:30:ce:bb:ec:fb:
cd:25:08:ee:30:fe:8d:e6:f2:24:66:8e:f3:d4:22:3a:32:5c:
97:07:e6:a2:6e:92:be:b1:f0:4d:59:8f:7b:28:05:0e:74:ed:
b1:9c:34:ec:24:ce:00:72:7e:ab:66:bb:9d:37:2a:9b:05:2c:
f0:dd:3e:b9:28:ca:b3:91:78:a3:04:d5:69:d9:17:16:a2:6d:
8e:50:20:e8:15:5f:c3:e3:fb:57:ac:ef:92:04:40:03:7b:29:
68:f6:1a:bc:b8:3a:7e:c8:4e:7d:9e:c1:de:e4:95:67:12:26:
fd:76:14:ef:dd:f4:d8:3a:e2:9c:d4:cf:28:58:97:38:85:04:
7c:a2:df:da
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY851ky6aUeVZ7uI/RJNB/AHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwNTAyMTUwNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmQ5OTE2YzAxNzk0MmFjN2MwZTNmZmQ5ZmY2NmQxMmY5ODU2NDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwCjEDnQ+qVMN2FUUeFnkw5IdTyHL
ceVSh/EU7wa0ua1OW8dtc3xyO/umOrk3Q9fkvXpZePbNGMChCWrjjMkJmxk++6bv
MsINb8coSoF1DcT5tTLzjsODoq8kXlDXnGFvMpxpFwolJ68j7tvuvF7gZzmFNPBS
WcoqUJlbdeVXgcYkx+QlBrLcpg7F+v2Qq1UVo+As2AnTpQQpub4O8oQVszDIxd1t
K/oWTpKSd9+5Vq93hIu+MkALdWl54TLwnc5VZG103awAZDPn54rFMIH28ZtiC3+z
L1XOwpuWh4MHpwDpS7C0crFB0rjsCUPNOuKdFlQn15Vt7Of+GQPvg51FMQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDbZkWwBeUKsfA4//Z/2bRL5hWQAMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvTnRtUmJBRjVRcXg4RGpfOW5fWnRFdm1GWkFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDURaIAwQC
WbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQAFkrE6b92TOnBF6FRZ+neEs1/4
chjX+KS2b1ratt7iKBelljWgXBNRqsMEQoikwp/S38LMbIUuiTfEe0GZTrULlNf/
CzG+NitUMBnnuvkX60iVPoNDjaOe5PwzdYMd6iwrPN4wk72In+11MCMpsQ3lsIgi
YApzxSntMM677PvNJQjuMP6N5vIkZo7z1CI6MlyXB+aibpK+sfBNWY97KAUOdO2x
nDTsJM4Acn6rZrudNyqbBSzw3T65KMqzkXijBNVp2RcWom2OUCDoFV/D4/tXrO+S
BEADeylo9hq8uDp+yE59nsHe5JVnEib9dhTv3fTYOuKc1M8oWJc4hQR8ot/a
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org