Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/SAhcsbsCsyZf1q91CC4tUyJ-XHE.roa
File: SAhcsbsCsyZf1q91CC4tUyJ-XHE.roa (raw, json)
Hash identifier: 154CPsinUJ2COEItIOFmEVxHlfrMk0+1QDUA6Snni2o=
Subject key identifier: 48:08:5C:B1:BB:02:B3:26:5F:D6:AF:75:08:2E:2D:53:22:7E:5C:71
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018CC649C67A8A7A3F674808F71EDF50DCD7
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/SAhcsbsCsyZf1q91CC4tUyJ-XHE.roa
Signing time: Mon 01 Jan 2024 18:29:32 +0000
ROA not before: Mon 01 Jan 2024 18:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 81.22.138.0/24 maxlen: 24
81.22.137.0/24 maxlen: 24
109.72.123.0/24 maxlen: 24
81.22.128.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Jan 2024 04:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:c6:7a:8a:7a:3f:67:48:08:f7:1e:df:50:dc:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 1 18:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=48085cb1bb02b3265fd6af75082e2d53227e5c71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:90:ff:b3:98:b5:d4:01:50:0d:b0:1d:82:08:
ed:20:44:6a:bf:41:36:9c:d9:23:27:28:05:90:82:
92:ee:e6:94:9d:42:4b:92:9b:f1:c6:18:07:51:60:
07:05:3e:8b:6c:35:41:ae:e2:19:53:85:4e:5d:4c:
09:42:37:eb:d9:5b:15:e2:59:b8:68:dd:4f:f5:75:
03:55:1f:ad:6f:5d:97:ae:5d:7b:0f:59:f3:a1:2e:
44:8b:dd:b0:8b:8f:1f:ed:3b:34:a5:9e:ec:70:b8:
15:58:fa:84:ba:63:52:b6:cd:ac:6a:1e:67:e0:7c:
94:f4:11:98:4a:40:98:69:df:a6:4d:38:98:c0:6c:
a1:fc:b1:b0:00:b5:a7:2e:04:31:d0:20:a1:46:b3:
49:33:91:8f:89:2f:90:50:0d:35:78:ec:c8:4b:c7:
ba:14:57:1f:d0:27:4c:0e:18:a2:14:1d:4a:5e:28:
64:01:4f:ca:c0:96:43:f0:0a:a0:46:25:13:13:1b:
3e:9f:4f:19:30:aa:68:f9:20:c1:bc:e6:b1:c2:91:
df:98:2a:a8:9a:a3:82:38:da:8b:8d:a3:f5:6e:82:
c3:87:d3:20:83:d6:66:30:4a:92:a0:ac:c5:5b:35:
f4:de:72:16:24:ce:4f:8a:fd:c8:e5:8f:0a:fc:29:
02:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:08:5C:B1:BB:02:B3:26:5F:D6:AF:75:08:2E:2D:53:22:7E:5C:71
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/SAhcsbsCsyZf1q91CC4tUyJ-XHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.128.0/24
81.22.137.0-81.22.138.255
109.72.123.0/24
Signature Algorithm: sha256WithRSAEncryption
46:bf:d3:e3:87:84:bf:cb:1a:ab:be:89:3b:5f:2c:73:aa:22:
de:dd:e4:66:54:f8:bc:5b:9f:a5:e3:a6:26:a0:bb:92:27:ea:
fd:0d:63:49:c1:7b:cc:2e:ee:2f:43:8b:57:a7:37:52:e0:76:
4a:3e:fb:58:f2:8f:6e:df:97:e7:0d:69:c8:88:b3:1b:c6:2d:
d4:3c:87:50:fa:45:ec:b6:93:cd:7b:d4:a0:5f:20:b5:a7:00:
3e:56:3a:a8:61:4f:0a:f5:13:6f:40:51:cb:8f:90:cd:68:54:
39:62:d6:87:e0:f0:be:21:7b:cd:50:84:12:7d:b6:e3:fe:fe:
92:d6:97:0b:18:2f:68:99:c2:39:c4:f1:32:f3:31:69:a2:d6:
70:67:09:a1:f8:d5:5c:9c:cd:34:79:e0:9c:b7:37:97:28:64:
e7:a7:97:b2:3a:79:60:7d:c1:63:c3:e3:0e:a7:ad:48:0d:f8:
a0:c0:07:45:01:2b:dd:57:02:b7:74:29:e1:f5:e1:a4:6d:1a:
3e:5f:52:aa:55:ca:9f:1a:cc:e7:8c:cc:a3:c2:41:30:54:57:
8b:a6:ff:da:7f:80:84:79:0a:b7:a7:58:cb:43:66:08:15:32:
05:09:38:ea:46:bc:f4:eb:0e:af:52:f3:29:bd:cb:21:15:11:
3f:29:be:5a
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzGScZ6ino/Z0gI9x7fUNzXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMTAxMTgyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODA4NWNiMWJiMDJiMzI2NWZkNmFmNzUwODJlMmQ1MzIyN2U1YzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpD/s5i11AFQDbAdggjtIERqv0E2
nNkjJygFkIKS7uaUnUJLkpvxxhgHUWAHBT6LbDVBruIZU4VOXUwJQjfr2VsV4lm4
aN1P9XUDVR+tb12Xrl17D1nzoS5Ei92wi48f7Ts0pZ7scLgVWPqEumNSts2sah5n
4HyU9BGYSkCYad+mTTiYwGyh/LGwALWnLgQx0CChRrNJM5GPiS+QUA01eOzIS8e6
FFcf0CdMDhiiFB1KXihkAU/KwJZD8AqgRiUTExs+n08ZMKpo+SDBvOaxwpHfmCqo
mqOCONqLjaP1boLDh9Mgg9ZmMEqSoKzFWzX03nIWJM5Piv3I5Y8K/CkCzwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEgIXLG7ArMmX9avdQguLVMiflxxMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvU0FoY3Nic0NzeVpmMXE5MUNDNHRVeUotWEhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAURaAMAwD
BABRFokDBABRFooDBABtSHswDQYJKoZIhvcNAQELBQADggEBAEa/0+OHhL/LGqu+
iTtfLHOqIt7d5GZU+Lxbn6Xjpiagu5In6v0NY0nBe8wu7i9Di1enN1Lgdko++1jy
j27fl+cNaciIsxvGLdQ8h1D6Rey2k8171KBfILWnAD5WOqhhTwr1E29AUcuPkM1o
VDli1ofg8L4he81QhBJ9tuP+/pLWlwsYL2iZwjnE8TLzMWmi1nBnCaH41VyczTR5
4Jy3N5coZOenl7I6eWB9wWPD4w6nrUgN+KDAB0UBK91XArd0KeH14aRtGj5fUqpV
yp8azOeMzKPCQTBUV4um/9p/gIR5CrenWMtDZggVMgUJOOpGvPTrDq9S8ym9yyEV
ET8pvlo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org