Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/QjK_5qIVraq-qvLOfJk_NCb2ZwQ.roa
File: QjK_5qIVraq-qvLOfJk_NCb2ZwQ.roa (raw, json)
Hash identifier: GW5YkaIpLOKc0WzRywyJsWjFGBg5tAlIDV4Pr/y7LIU=
Subject key identifier: 42:32:BF:E6:A2:15:AD:AA:BE:AA:F2:CE:7C:99:3F:34:26:F6:67:04
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018AB69BC876805349DA64275830D9AF80E5
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/QjK_5qIVraq-qvLOfJk_NCb2ZwQ.roa
Signing time: Thu 21 Sep 2023 07:19:37 +0000
ROA not before: Thu 21 Sep 2023 07:19:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 81.22.140.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
81.22.132.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Sep 2023 08:15:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b6:9b:c8:76:80:53:49:da:64:27:58:30:d9:af:80:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Sep 21 07:19:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4232bfe6a215adaabeaaf2ce7c993f3426f66704
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:ef:7e:fd:4f:10:05:f7:09:e1:0d:33:b5:5c:
c3:1e:af:04:f5:6e:2d:21:de:48:8a:10:6d:df:69:
73:46:2b:95:22:10:be:e8:2f:10:71:f2:af:3e:70:
32:a7:29:63:dc:c2:f0:03:ff:1d:aa:47:8d:02:3f:
fe:8a:33:06:67:5e:12:cf:6c:a3:4c:32:7a:b4:33:
a7:47:b7:a0:8d:0c:88:e7:9c:c0:0a:26:d1:a2:12:
fa:15:08:18:1b:af:77:08:08:44:d6:a1:86:39:ca:
b9:fa:83:64:24:22:9f:17:3c:a0:45:2f:0b:1c:4a:
8e:01:06:fd:1a:a8:dd:0e:8e:c5:4c:07:f1:5d:d0:
00:bd:7b:16:c1:31:82:1c:a8:76:8e:b4:b9:d6:f3:
80:1e:bd:1f:22:5e:12:a1:f8:24:26:00:8e:4f:96:
a7:e3:12:77:a5:90:2a:41:95:fa:2c:60:45:56:b0:
1b:d1:1d:8a:32:17:b7:a8:7e:c9:87:76:0e:da:99:
24:b4:02:fe:94:b1:ce:72:5f:42:e9:b2:7a:4f:01:
cb:c4:fa:d5:4c:77:c6:d3:ed:90:ae:c3:ea:ec:e3:
29:dc:ff:f9:4d:c2:64:fb:3a:69:be:a5:ce:b9:90:
52:e1:a3:a3:bc:90:31:9e:d8:f7:b4:8e:6a:4a:91:
93:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:32:BF:E6:A2:15:AD:AA:BE:AA:F2:CE:7C:99:3F:34:26:F6:67:04
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/QjK_5qIVraq-qvLOfJk_NCb2ZwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.132.0/24
81.22.140.0/22
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
94:f1:27:b2:c0:cd:99:2c:bd:52:98:ce:45:64:a1:53:81:13:
f1:ef:94:37:1b:2c:ad:2f:75:68:06:29:b8:89:ea:e1:86:2c:
6a:1e:9a:01:78:38:a5:01:83:d5:98:c9:c8:32:fc:cb:7b:fc:
be:c5:67:79:21:f1:de:26:fa:4c:8a:c3:d0:bb:65:d8:e9:af:
51:b2:25:48:25:52:8b:9a:99:b3:e0:27:6a:68:f9:53:0f:35:
8c:91:ce:32:0f:c1:ef:a9:2e:15:53:5d:7c:be:33:33:0e:48:
05:e7:f8:25:a2:8a:60:c9:f4:c7:f2:cf:46:ab:2f:cd:8c:90:
3c:ae:2b:44:41:01:21:c3:b3:4b:01:99:fb:89:08:15:9d:78:
bf:68:1a:18:c6:37:de:92:25:81:3b:93:cb:13:75:c3:3f:92:
4d:a5:9d:9d:e3:7a:21:60:66:49:16:fe:78:74:94:20:fb:b4:
f2:c8:3b:30:64:ba:67:f1:c5:aa:29:d1:b9:82:5c:b7:cd:f8:
32:ea:d2:08:4e:33:42:8c:ac:e1:23:b7:e9:78:3f:ec:93:e5:
1c:d9:04:32:38:e4:3c:40:20:37:a7:db:4c:37:32:71:1e:cc:
29:e0:11:18:f8:51:a0:88:79:d6:eb:d5:62:9f:78:a2:7e:e8:
94:f9:ff:47
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYq2m8h2gFNJ2mQnWDDZr4DlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwOTIxMDcxOTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjMyYmZlNmEyMTVhZGFhYmVhYWYyY2U3Yzk5M2YzNDI2ZjY2NzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+u9+/U8QBfcJ4Q0ztVzDHq8E9W4t
Id5IihBt32lzRiuVIhC+6C8QcfKvPnAypylj3MLwA/8dqkeNAj/+ijMGZ14Sz2yj
TDJ6tDOnR7egjQyI55zACibRohL6FQgYG693CAhE1qGGOcq5+oNkJCKfFzygRS8L
HEqOAQb9GqjdDo7FTAfxXdAAvXsWwTGCHKh2jrS51vOAHr0fIl4SofgkJgCOT5an
4xJ3pZAqQZX6LGBFVrAb0R2KMhe3qH7Jh3YO2pkktAL+lLHOcl9C6bJ6TwHLxPrV
THfG0+2QrsPq7OMp3P/5TcJk+zppvqXOuZBS4aOjvJAxntj3tI5qSpGT/wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEIyv+aiFa2qvqryznyZPzQm9mcEMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvUWpLXzVxSVZyYXEtcXZMT2ZKa19OQ2IyWndRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAURaEAwQC
URaMAwQCWbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQCU8SeywM2ZLL1SmM5F
ZKFTgRPx75Q3GyytL3VoBim4ierhhixqHpoBeDilAYPVmMnIMvzLe/y+xWd5IfHe
JvpMisPQu2XY6a9RsiVIJVKLmpmz4CdqaPlTDzWMkc4yD8HvqS4VU118vjMzDkgF
5/gloopgyfTH8s9Gqy/NjJA8ritEQQEhw7NLAZn7iQgVnXi/aBoYxjfekiWBO5PL
E3XDP5JNpZ2d43ohYGZJFv54dJQg+7TyyDswZLpn8cWqKdG5gly3zfgy6tIITjNC
jKzhI7fpeD/sk+Uc2QQyOOQ8QCA3p9tMNzJxHswp4BEY+FGgiHnW69Vin3iifuiU
+f9H
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org