Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/SkJnW3U-IT5iUJXcreawm8rHybI.roa
File: SkJnW3U-IT5iUJXcreawm8rHybI.roa (raw, json)
Hash identifier: a4KTczS3D89Kvng7zo0lWhttfI7PK0VXznK58joHVoM=
Subject key identifier: 4A:42:67:5B:75:3E:21:3E:62:50:95:DC:AD:E6:B0:9B:CA:C7:C9:B2
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018CFD26161E2594FF5CAA6109C21164F0C7
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/SkJnW3U-IT5iUJXcreawm8rHybI.roa
Signing time: Fri 12 Jan 2024 10:09:40 +0000
ROA not before: Fri 12 Jan 2024 10:09:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 23
81.22.140.0/22 maxlen: 24
81.22.141.0/24 maxlen: 24
109.72.112.0/24 maxlen: 24
109.72.116.0/22 maxlen: 24
109.72.113.0/24 maxlen: 24
109.72.123.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sat 13 Jan 2024 11:04:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fd:26:16:1e:25:94:ff:5c:aa:61:09:c2:11:64:f0:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 12 10:09:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4a42675b753e213e625095dcade6b09bcac7c9b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:e9:92:8c:58:86:c2:8b:8b:f2:d3:e4:34:17:
af:e0:2b:72:4a:16:a2:ea:93:69:27:53:6b:ae:66:
8a:5a:77:5b:5c:c1:af:bb:2d:2a:d7:1d:f0:20:60:
99:4f:b3:02:a5:d3:fa:94:e7:87:a8:a7:91:b5:87:
2b:6e:b1:51:1d:41:66:24:35:a4:e6:47:6a:cf:a6:
b7:fd:9e:50:1e:51:b6:66:51:9f:9c:d4:c5:0b:bc:
a8:1e:e4:f3:4e:f3:1f:e1:1f:83:b5:69:94:d0:17:
61:7a:02:6a:8d:69:e9:6f:87:7e:13:cf:1e:73:31:
cd:9f:a5:a7:06:50:ff:53:95:63:ae:62:32:95:6d:
24:91:dc:8e:9b:27:37:3f:d6:19:1f:f5:ea:34:17:
b2:86:74:d6:5f:b0:7c:ea:27:4e:49:ef:51:5e:ef:
54:91:49:10:70:bb:7f:cd:48:99:5b:33:0d:5c:bc:
62:5b:59:fd:2d:6b:4b:24:ed:39:63:1e:a9:3a:da:
b9:fa:cb:70:87:ba:6e:48:d7:94:d8:a1:ce:22:1e:
bd:c3:fa:78:05:7c:13:af:14:95:48:fc:32:0e:ca:
3f:30:de:a3:41:f3:89:24:c0:f2:62:dd:73:d6:8e:
40:3f:aa:3b:b5:ce:65:4c:58:a1:06:a4:4b:55:fc:
2c:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:42:67:5B:75:3E:21:3E:62:50:95:DC:AD:E6:B0:9B:CA:C7:C9:B2
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/SkJnW3U-IT5iUJXcreawm8rHybI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
109.72.112.0/23
109.72.116.0/22
109.72.123.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:eb:ba:51:cf:99:2c:a8:b6:3b:ee:53:fe:87:e1:5b:21:67:
06:f2:8e:34:03:2c:b3:fb:40:47:d3:15:ab:a2:4c:e1:3a:39:
18:47:26:69:06:aa:f4:86:ef:1b:98:f5:a6:d5:c8:e3:8f:60:
2a:15:d0:8f:14:b9:ea:97:ae:80:88:8a:5c:4d:60:19:dd:d0:
ce:80:4d:f9:cb:12:73:1b:b7:ae:e6:83:60:df:5c:51:d5:99:
fc:44:a3:c3:58:67:3b:48:6e:df:a1:b4:2f:41:f7:cb:c8:22:
80:00:3c:b9:35:ca:8f:37:d8:ca:5d:7c:e6:71:f9:a0:f0:84:
7a:87:0d:c8:df:6d:59:c6:88:5e:ae:75:ef:12:92:35:e5:7d:
ad:67:d2:09:74:63:6e:94:a2:5d:90:46:12:a0:9c:e9:99:3a:
76:b2:8a:61:f4:5e:71:63:57:94:3e:74:bf:f2:3a:1a:ea:e5:
8c:69:68:9b:57:95:28:a7:b0:97:e5:cb:ca:8b:e6:ee:fa:91:
d5:f9:1a:ef:7e:c9:91:0d:83:1e:9a:dc:a4:5d:8f:a3:34:3b:
6e:41:93:6d:78:7d:56:5b:7e:57:33:bc:77:c3:f9:bb:c9:81:
7f:0a:97:2b:44:12:02:c5:c0:95:b0:c2:0f:ad:09:2f:d1:f6:
ca:7e:7a:19
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYz9JhYeJZT/XKphCcIRZPDHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMTEyMTAwOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTQyNjc1Yjc1M2UyMTNlNjI1MDk1ZGNhZGU2YjA5YmNhYzdjOWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhemSjFiGwouL8tPkNBev4CtyShai
6pNpJ1NrrmaKWndbXMGvuy0q1x3wIGCZT7MCpdP6lOeHqKeRtYcrbrFRHUFmJDWk
5kdqz6a3/Z5QHlG2ZlGfnNTFC7yoHuTzTvMf4R+DtWmU0BdhegJqjWnpb4d+E88e
czHNn6WnBlD/U5VjrmIylW0kkdyOmyc3P9YZH/XqNBeyhnTWX7B86idOSe9RXu9U
kUkQcLt/zUiZWzMNXLxiW1n9LWtLJO05Yx6pOtq5+stwh7puSNeU2KHOIh69w/p4
BXwTrxSVSPwyDso/MN6jQfOJJMDyYt1z1o5AP6o7tc5lTFihBqRLVfwsXwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEpCZ1t1PiE+YlCV3K3msJvKx8myMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvU2tKblczVS1JVDVpVUpYY3JlYXdtOHJIeWJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDURaIAwQC
WbkAAwQBbUhwAwQCbUh0AwQAbUh7MA0GCSqGSIb3DQEBCwUAA4IBAQAb67pRz5ks
qLY77lP+h+FbIWcG8o40Ayyz+0BH0xWrokzhOjkYRyZpBqr0hu8bmPWm1cjjj2Aq
FdCPFLnql66AiIpcTWAZ3dDOgE35yxJzG7eu5oNg31xR1Zn8RKPDWGc7SG7fobQv
QffLyCKAADy5NcqPN9jKXXzmcfmg8IR6hw3I321ZxohernXvEpI15X2tZ9IJdGNu
lKJdkEYSoJzpmTp2soph9F5xY1eUPnS/8joa6uWMaWibV5Uop7CX5cvKi+bu+pHV
+RrvfsmRDYMemtykXY+jNDtuQZNteH1WW35XM7x3w/m7yYF/CpcrRBICxcCVsMIP
rQkv0fbKfnoZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org