Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/QyPheLAikBkgF8C4uDHwuxEVmaE.roa
File: QyPheLAikBkgF8C4uDHwuxEVmaE.roa (raw, json)
Hash identifier: laBSgKW2C1yd2S8HVJaAP0mMQoMCWxnvq0U31ra1djc=
Subject key identifier: 43:23:E1:78:B0:22:90:19:20:17:C0:B8:B8:31:F0:BB:11:15:99:A1
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018DD6AD28390A8A994929935FF9D1231A20
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/QyPheLAikBkgF8C4uDHwuxEVmaE.roa
Signing time: Fri 23 Feb 2024 15:54:48 +0000
ROA not before: Fri 23 Feb 2024 15:54:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 81.22.129.0/24 maxlen: 24
81.22.130.0/24 maxlen: 24
81.22.135.0/24 maxlen: 24
89.185.1.0/24 maxlen: 24
89.185.3.0/24 maxlen: 24
109.72.117.0/24 maxlen: 24
109.72.120.0/24 maxlen: 24
109.72.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 09 Mar 2024 18:29:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d6:ad:28:39:0a:8a:99:49:29:93:5f:f9:d1:23:1a:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Feb 23 15:54:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4323e178b02290192017c0b8b831f0bb111599a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:12:e1:22:13:47:e8:1c:89:4d:6c:d3:bf:6d:
f5:83:50:37:0f:61:73:be:33:a2:fe:50:89:f9:91:
fa:a6:6e:c1:2d:2c:04:8c:d5:6e:0e:a1:54:e6:cc:
70:ec:da:d8:1b:f0:2f:83:87:f8:b9:d4:03:42:22:
ee:4b:04:5a:02:b6:2b:6e:56:34:9b:7b:99:8d:0d:
4c:06:f8:e1:a8:9b:a6:07:9a:f1:95:f3:34:cf:0d:
41:22:6a:63:f1:c4:27:ab:5e:d7:15:e7:c9:4b:05:
01:40:42:8b:40:9f:01:35:3b:07:c8:3e:0f:cf:cb:
0e:76:35:2f:28:5b:92:87:6b:35:11:64:d1:c2:80:
0c:35:ef:30:e1:bc:51:8d:6e:e7:78:94:e4:5e:14:
17:f4:87:7c:c9:72:1f:0a:03:f1:0b:44:e5:6d:bf:
6f:71:ae:e9:db:12:a6:a4:fd:26:0c:78:34:b6:48:
24:7a:3a:7c:90:f2:72:09:16:02:72:72:9c:ae:d2:
56:0d:ac:f3:ed:f9:9a:56:1a:bc:5b:74:80:a6:03:
b8:63:26:97:79:ea:34:cf:94:ac:34:aa:e8:cb:98:
ac:74:73:d3:f8:0b:e2:10:bf:61:09:4c:65:b0:e3:
12:6e:0a:00:c6:5c:43:e6:e9:a5:46:1a:b1:80:92:
87:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:23:E1:78:B0:22:90:19:20:17:C0:B8:B8:31:F0:BB:11:15:99:A1
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/QyPheLAikBkgF8C4uDHwuxEVmaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.129.0-81.22.130.255
81.22.135.0/24
89.185.1.0/24
89.185.3.0/24
109.72.117.0/24
109.72.120.0/24
109.72.127.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:60:9e:ca:c7:46:e7:ff:99:48:33:ce:fb:67:0b:5e:c0:01:
48:7f:29:d1:7a:e2:e6:8c:0c:99:fe:21:ef:b8:fa:c5:f3:9d:
82:ea:40:06:07:20:69:52:fc:8c:24:ec:3f:6b:98:d9:d7:d7:
6f:b7:66:c7:a0:e8:b4:42:ce:1a:e6:c4:12:71:8c:39:c3:ce:
c8:d8:61:f0:4a:76:10:b3:f2:a1:1e:14:2a:4c:08:2f:6d:7a:
f4:11:ce:07:ab:3f:56:9e:4a:a9:13:f7:ff:05:45:0c:c3:19:
c0:5b:19:a1:38:24:6c:d4:da:b5:2a:d9:60:87:33:ee:2d:b1:
29:0b:bc:f7:6b:91:a5:49:ff:cf:19:a8:5b:26:72:75:91:75:
9a:64:bd:22:15:00:7b:2f:83:1a:45:50:6c:c5:bb:83:04:c3:
f5:2d:45:ee:a4:d6:38:83:61:b8:91:f4:fd:72:37:7a:f2:b3:
bb:05:67:d7:dc:54:ee:c2:94:30:3a:70:47:ba:61:2f:b5:f5:
f9:67:90:04:98:34:48:bd:1e:27:b5:ef:91:ad:97:8a:4f:4d:
50:4c:a9:a8:58:65:29:9c:2b:dd:20:4c:cf:54:e3:92:b7:1b:
8b:c3:c7:4e:76:ba:1b:d0:c1:3a:dd:8e:75:22:eb:e3:6e:b9:
fd:ba:f7:d7
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAY3WrSg5CoqZSSmTX/nRIxogMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMjIzMTU1NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzIzZTE3OGIwMjI5MDE5MjAxN2MwYjhiODMxZjBiYjExMTU5OWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxLhIhNH6ByJTWzTv231g1A3D2Fz
vjOi/lCJ+ZH6pm7BLSwEjNVuDqFU5sxw7NrYG/Avg4f4udQDQiLuSwRaArYrblY0
m3uZjQ1MBvjhqJumB5rxlfM0zw1BImpj8cQnq17XFefJSwUBQEKLQJ8BNTsHyD4P
z8sOdjUvKFuSh2s1EWTRwoAMNe8w4bxRjW7neJTkXhQX9Id8yXIfCgPxC0Tlbb9v
ca7p2xKmpP0mDHg0tkgkejp8kPJyCRYCcnKcrtJWDazz7fmaVhq8W3SApgO4YyaX
eeo0z5SsNKroy5isdHPT+AviEL9hCUxlsOMSbgoAxlxD5umlRhqxgJKHwwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFEMj4XiwIpAZIBfAuLgx8LsRFZmhMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvUXlQaGVMQWlrQmtnRjhDNHVESHd1eEVWbWFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyMAwDBABRFoED
BABRFoIDBABRFocDBABZuQEDBABZuQMDBABtSHUDBABtSHgDBABtSH8wDQYJKoZI
hvcNAQELBQADggEBAG9gnsrHRuf/mUgzzvtnC17AAUh/KdF64uaMDJn+Ie+4+sXz
nYLqQAYHIGlS/Iwk7D9rmNnX12+3Zseg6LRCzhrmxBJxjDnDzsjYYfBKdhCz8qEe
FCpMCC9tevQRzgerP1aeSqkT9/8FRQzDGcBbGaE4JGzU2rUq2WCHM+4tsSkLvPdr
kaVJ/88ZqFsmcnWRdZpkvSIVAHsvgxpFUGzFu4MEw/UtRe6k1jiDYbiR9P1yN3ry
s7sFZ9fcVO7ClDA6cEe6YS+19flnkASYNEi9Hie175Gtl4pPTVBMqahYZSmcK90g
TM9U45K3G4vDx052uhvQwTrdjnUi6+Nuuf2699c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org