Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/POr35JLgsdK3ATOPDKCHYO4KAms.roa
File: POr35JLgsdK3ATOPDKCHYO4KAms.roa (raw, json)
Hash identifier: K2c4lscbaR/9O+Y5DTE5eWnHURTHGbJPP3ge9n7UN64=
Subject key identifier: 3C:EA:F7:E4:92:E0:B1:D2:B7:01:33:8F:0C:A0:87:60:EE:0A:02:6B
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 01917943F6CF102FC8F235F4D8BACFD92D26
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/POr35JLgsdK3ATOPDKCHYO4KAms.roa
Signing time: Thu 22 Aug 2024 08:46:22 +0000
ROA not before: Thu 22 Aug 2024 08:46:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 81.22.129.0/24 maxlen: 24
81.22.131.0/24 maxlen: 24
81.22.138.0/24 maxlen: 24
81.22.141.0/24 maxlen: 24
89.185.0.0/24 maxlen: 24
109.72.119.0/24 maxlen: 24
109.72.121.0/24 maxlen: 24
109.72.123.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 13 Oct 2024 09:16:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:79:43:f6:cf:10:2f:c8:f2:35:f4:d8:ba:cf:d9:2d:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Aug 22 08:46:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ceaf7e492e0b1d2b701338f0ca08760ee0a026b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:81:86:c1:47:e9:98:e6:d9:6c:b8:53:ff:9e:
bc:c0:5e:df:fc:ff:06:f4:f9:27:d7:0b:98:7d:a7:
67:fa:8f:92:37:23:da:4f:51:dd:f5:ba:e4:7a:09:
35:8c:1c:f3:f9:e8:ac:28:62:08:13:f2:7a:0b:89:
28:23:5e:a0:2f:1b:c4:e8:d9:14:c8:c9:c3:7d:7f:
a9:a0:6f:a9:a3:24:35:e5:1d:d4:ab:21:50:b4:84:
4c:58:dd:ed:05:b5:0f:e9:fd:24:92:b9:40:4a:18:
96:85:7b:12:aa:b0:5c:f4:50:67:94:9e:84:b0:17:
1b:d0:5b:67:55:13:c2:a9:5e:de:50:6f:6b:85:58:
3c:e2:0b:b4:fb:c4:6f:3c:fb:f9:20:da:fa:d6:30:
37:ef:7a:5c:3b:74:82:b9:d8:0b:1b:5f:1d:fc:d1:
26:3f:45:b6:ec:78:f1:e1:b0:27:b7:23:19:8d:89:
75:06:45:cc:53:46:dc:2a:18:83:6d:c1:ef:37:6f:
cd:d1:5f:15:bb:ab:6f:df:a0:67:2d:4a:19:99:47:
4c:c4:1f:27:79:89:77:d2:f9:d2:f2:51:b2:b5:21:
6d:79:48:11:90:fd:77:ae:f4:d0:30:e2:e4:ff:ca:
8b:c5:be:07:01:fc:2e:bd:17:d7:23:72:e3:c9:d2:
22:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:EA:F7:E4:92:E0:B1:D2:B7:01:33:8F:0C:A0:87:60:EE:0A:02:6B
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/POr35JLgsdK3ATOPDKCHYO4KAms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.129.0/24
81.22.131.0/24
81.22.138.0/24
81.22.141.0/24
89.185.0.0/24
109.72.119.0/24
109.72.121.0/24
109.72.123.0/24
Signature Algorithm: sha256WithRSAEncryption
50:71:15:4b:48:22:b8:6a:85:a3:e6:ae:11:ed:57:90:7c:4c:
2d:f4:e2:13:02:9d:f7:9e:5a:2c:02:fd:74:bd:53:5d:96:e1:
63:49:30:ef:a1:84:25:2b:da:0d:8a:f1:27:43:86:e1:9f:39:
66:ac:6c:5e:b2:25:2e:50:7a:25:93:ef:1f:b3:67:41:5f:8a:
1d:ae:c1:28:b6:2b:d2:b7:7d:72:79:cd:ca:d9:dc:8a:70:57:
4d:8b:cf:02:cd:67:84:37:cc:30:97:4f:21:a9:fb:73:cd:e0:
69:48:f2:a6:ac:18:fe:e2:86:57:f5:0e:68:04:f5:27:09:3f:
b2:68:d0:40:d9:58:55:5d:cf:27:49:f3:55:a2:92:7e:5c:b9:
f5:0b:5c:41:56:bb:cb:72:8c:f4:dd:95:3c:f3:0e:35:3c:5f:
71:e5:37:eb:27:cd:d5:52:56:7c:f0:ab:37:af:9c:2c:4d:05:
15:48:ab:03:9d:f7:ed:a9:86:8b:ed:19:5e:ab:70:59:75:d9:
df:93:d0:2d:4b:e9:ba:ea:3c:8e:26:0e:34:bc:c0:61:81:0e:
d6:f5:cb:51:19:9c:dc:67:58:10:02:ee:6a:39:3e:46:23:1d:
fd:91:48:ce:9a:31:db:f9:0b:7c:3a:dd:d9:f3:2b:cd:22:10:
d9:ac:49:01
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZF5Q/bPEC/I8jX02LrP2S0mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwODIyMDg0NjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2VhZjdlNDkyZTBiMWQyYjcwMTMzOGYwY2EwODc2MGVlMGEwMjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoGGwUfpmObZbLhT/568wF7f/P8G
9Pkn1wuYfadn+o+SNyPaT1Hd9brkegk1jBzz+eisKGIIE/J6C4koI16gLxvE6NkU
yMnDfX+poG+poyQ15R3UqyFQtIRMWN3tBbUP6f0kkrlAShiWhXsSqrBc9FBnlJ6E
sBcb0FtnVRPCqV7eUG9rhVg84gu0+8RvPPv5INr61jA373pcO3SCudgLG18d/NEm
P0W27Hjx4bAntyMZjYl1BkXMU0bcKhiDbcHvN2/N0V8Vu6tv36BnLUoZmUdMxB8n
eYl30vnS8lGytSFteUgRkP13rvTQMOLk/8qLxb4HAfwuvRfXI3LjydIipwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFDzq9+SS4LHStwEzjwygh2DuCgJrMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvUE9yMzVKTGdzZEszQVRPUERLQ0hZTzRLQW1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAURaBAwQA
URaDAwQAURaKAwQAURaNAwQAWbkAAwQAbUh3AwQAbUh5AwQAbUh7MA0GCSqGSIb3
DQEBCwUAA4IBAQBQcRVLSCK4aoWj5q4R7VeQfEwt9OITAp33nlosAv10vVNdluFj
STDvoYQlK9oNivEnQ4bhnzlmrGxesiUuUHolk+8fs2dBX4odrsEotivSt31yec3K
2dyKcFdNi88CzWeEN8wwl08hqftzzeBpSPKmrBj+4oZX9Q5oBPUnCT+yaNBA2VhV
Xc8nSfNVopJ+XLn1C1xBVrvLcoz03ZU88w41PF9x5TfrJ83VUlZ88Ks3r5wsTQUV
SKsDnfftqYaL7Rleq3BZddnfk9AtS+m66jyOJg40vMBhgQ7W9ctRGZzcZ1gQAu5q
OT5GIx39kUjOmjHb+Qt8Ot3Z8yvNIhDZrEkB
-----END CERTIFICATE-----
Generated at Sun Oct 13 11:06:04 2024 by rpki-client on console-fra.rpki-client.org