Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/Q7cyXAgWZdcF8vx2MRJ0BTszUSU.roa
File: Q7cyXAgWZdcF8vx2MRJ0BTszUSU.roa (raw, json)
Hash identifier: 2qcvhznyu46zZ8WOEOowEpIsQgpoHtDGUVl/AU9W8K4=
Subject key identifier: 43:B7:32:5C:08:16:65:D7:05:F2:FC:76:31:12:74:05:3B:33:51:25
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0189FD7C3B19F85FF639A23AE4B679FC871E
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/Q7cyXAgWZdcF8vx2MRJ0BTszUSU.roa
Signing time: Wed 16 Aug 2023 08:35:24 +0000
ROA not before: Wed 16 Aug 2023 08:35:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 81.22.135.0/24 maxlen: 24
109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 16 Aug 2023 12:55:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fd:7c:3b:19:f8:5f:f6:39:a2:3a:e4:b6:79:fc:87:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Aug 16 08:35:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43b7325c081665d705f2fc76311274053b335125
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c0:7a:d5:05:5b:18:03:a9:a2:fd:44:77:bd:
c4:07:eb:f9:e8:b5:c0:e7:88:ba:15:43:95:75:98:
9d:69:c3:70:7a:00:53:7c:27:db:c9:b5:c5:a6:e2:
99:70:58:ce:e9:7c:d2:2e:23:91:cc:48:f0:b9:64:
f7:24:84:53:bb:e8:59:24:44:ce:66:c8:1e:c1:68:
3b:70:48:2d:8b:48:5e:c2:b6:e7:5f:0b:06:77:40:
ff:9d:9a:f6:f8:8c:ec:0d:c8:a4:66:07:6d:a6:b6:
53:16:3b:bd:ba:59:21:d1:43:8a:2e:f4:b7:6f:11:
29:99:36:6b:27:51:cf:b6:4a:f9:23:3b:7d:e1:f1:
f9:3f:a4:ba:ca:a8:79:30:d1:09:a8:41:09:e9:a7:
55:42:80:38:ca:dc:83:1e:d1:45:38:f0:26:df:50:
7e:e1:8a:b5:ad:8f:07:b9:81:26:28:8e:89:d3:5e:
81:db:9b:20:78:31:2d:3b:01:23:4f:9b:17:cf:0a:
91:29:ff:27:57:fa:32:0b:69:40:42:e2:89:84:3f:
f2:bd:30:5a:da:fa:e8:a3:0e:09:64:1a:c6:a0:6d:
a0:00:59:b5:67:f5:09:d3:cb:95:80:79:78:9b:1a:
3a:05:8f:2e:31:a3:e3:9a:86:a7:54:d0:11:b9:0f:
29:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:B7:32:5C:08:16:65:D7:05:F2:FC:76:31:12:74:05:3B:33:51:25
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/Q7cyXAgWZdcF8vx2MRJ0BTszUSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.135.0/24
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
34:66:fc:51:dd:b1:a8:e2:72:6e:7d:6a:98:3c:5d:63:73:d6:
d9:da:31:e2:1e:8b:50:71:f0:9b:c4:3a:48:71:9b:05:34:b7:
32:9c:2d:1f:56:32:9e:6f:02:cf:d2:b0:9a:ae:41:b3:20:e0:
18:35:be:c8:ba:b4:7f:65:6f:80:c3:40:66:3b:0f:4b:27:41:
fc:b8:9b:40:f9:ca:96:09:73:b0:a0:f3:fa:10:ad:62:7b:a5:
e0:23:bc:cf:b3:53:f7:8c:53:43:06:15:e1:75:7b:37:79:19:
5d:d3:00:1d:74:f2:48:bd:1d:a7:23:57:f4:94:8b:7f:4f:e0:
42:3f:b2:76:fe:17:5d:a5:58:c8:1b:7d:ce:cd:33:1b:1f:26:
16:b5:7c:64:e6:1d:b0:23:56:9a:8f:e4:25:2f:7e:30:9b:5a:
bb:18:81:f3:5b:2b:62:0c:24:07:8c:25:fd:6c:d1:e5:ee:50:
46:5f:e9:31:fe:68:7b:0d:36:65:6f:40:e2:80:14:f7:3b:d4:
f4:89:1d:f8:d6:1b:37:fe:3b:89:c0:9e:95:28:f5:53:52:b6:
19:b3:99:5b:8d:b3:40:f0:97:a0:2a:bd:e2:b6:1c:e8:f4:06:
50:ff:4f:f9:ba:a3:54:7d:4b:4a:09:38:f5:eb:26:18:16:09:
02:06:61:cc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYn9fDsZ+F/2OaI65LZ5/IceMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwODE2MDgzNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2I3MzI1YzA4MTY2NWQ3MDVmMmZjNzYzMTEyNzQwNTNiMzM1MTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMB61QVbGAOpov1Ed73EB+v56LXA
54i6FUOVdZidacNwegBTfCfbybXFpuKZcFjO6XzSLiORzEjwuWT3JIRTu+hZJETO
ZsgewWg7cEgti0hewrbnXwsGd0D/nZr2+IzsDcikZgdtprZTFju9ulkh0UOKLvS3
bxEpmTZrJ1HPtkr5Izt94fH5P6S6yqh5MNEJqEEJ6adVQoA4ytyDHtFFOPAm31B+
4Yq1rY8HuYEmKI6J016B25sgeDEtOwEjT5sXzwqRKf8nV/oyC2lAQuKJhD/yvTBa
2vroow4JZBrGoG2gAFm1Z/UJ08uVgHl4mxo6BY8uMaPjmoanVNARuQ8pJwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEO3MlwIFmXXBfL8djESdAU7M1ElMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvUTdjeVhBZ1daZGNGOHZ4Mk1SSjBCVHN6VVNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAURaHAwQC
WbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQA0ZvxR3bGo4nJufWqYPF1jc9bZ
2jHiHotQcfCbxDpIcZsFNLcynC0fVjKebwLP0rCarkGzIOAYNb7IurR/ZW+Aw0Bm
Ow9LJ0H8uJtA+cqWCXOwoPP6EK1ie6XgI7zPs1P3jFNDBhXhdXs3eRld0wAddPJI
vR2nI1f0lIt/T+BCP7J2/hddpVjIG33OzTMbHyYWtXxk5h2wI1aaj+QlL34wm1q7
GIHzWytiDCQHjCX9bNHl7lBGX+kx/mh7DTZlb0DigBT3O9T0iR341hs3/juJwJ6V
KPVTUrYZs5lbjbNA8JegKr3ithzo9AZQ/0/5uqNUfUtKCTj16yYYFgkCBmHM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org