Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/TICtilzzNmQKJxQdQQI2HYQIQIg.roa
File: TICtilzzNmQKJxQdQQI2HYQIQIg.roa (raw, json)
Hash identifier: 7YLSgPxrNtCYVfpXzge+m2ROXAUNauW8CrVYnYcbCbU=
Subject key identifier: 4C:80:AD:8A:5C:F3:36:64:0A:27:14:1D:41:02:36:1D:84:08:40:88
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018F20D1BADFDE7609CD18B13A9DAB27C42A
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/TICtilzzNmQKJxQdQQI2HYQIQIg.roa
Signing time: Sat 27 Apr 2024 18:29:26 +0000
ROA not before: Sat 27 Apr 2024 18:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 23
81.22.140.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
109.72.116.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Apr 2024 15:55:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:20:d1:ba:df:de:76:09:cd:18:b1:3a:9d:ab:27:c4:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Apr 27 18:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c80ad8a5cf336640a27141d4102361d84084088
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:1f:bb:73:94:75:02:11:af:10:e8:90:eb:92:
a7:8d:41:66:59:3e:2e:dd:90:00:2b:7f:a6:4e:73:
f4:b4:a1:12:b4:55:38:73:b0:d5:45:77:8b:7f:cf:
25:d6:0a:0c:1f:fe:91:f7:24:6b:9f:39:07:37:8e:
78:ab:87:37:79:b6:3c:24:bc:e7:e0:9a:17:55:f8:
50:33:86:5c:7f:44:45:86:5f:ff:01:5a:d3:84:06:
e6:72:b6:63:62:ef:0b:15:46:f2:72:1b:cb:45:f6:
25:d7:cc:e8:85:c3:e9:36:13:b9:09:54:46:24:90:
a9:42:1f:46:74:c3:f3:42:73:64:b7:e9:d2:e5:4e:
a8:a8:e0:4e:a5:af:2a:db:15:9e:d8:3b:28:c5:6d:
40:e2:a7:68:a0:21:30:ff:d1:f8:f9:a4:3e:9c:97:
32:50:d8:7c:c0:d4:77:a0:d3:60:96:19:bd:4e:5f:
63:03:d5:79:16:d9:0c:80:4e:03:f8:0d:64:7c:87:
6d:7d:73:a8:37:14:e1:eb:23:27:6b:e4:d1:05:4e:
a4:d7:86:27:e3:c7:b0:b1:61:83:a1:ea:60:9f:14:
c0:20:60:f0:2f:b2:a8:c3:1d:fe:ee:cb:31:58:7f:
96:60:07:3d:66:a7:2d:4c:c4:26:72:c5:bd:87:b6:
9f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:80:AD:8A:5C:F3:36:64:0A:27:14:1D:41:02:36:1D:84:08:40:88
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/TICtilzzNmQKJxQdQQI2HYQIQIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:c0:1b:d2:24:25:69:37:34:14:4c:84:6e:b6:05:bb:2c:92:
a5:3b:c2:ca:72:12:b2:18:8e:07:aa:c5:0a:b7:06:e2:f6:f0:
e8:2c:96:69:ad:b3:ac:7e:ca:0d:96:a5:ce:10:46:b5:19:cc:
46:1a:c1:9b:4c:d5:25:23:03:4f:9a:4c:a4:6f:31:0f:b6:da:
13:5a:db:6e:b2:31:cb:8a:2f:3f:3c:cb:b0:ae:b6:d1:60:28:
55:85:f9:38:f3:64:f1:dc:b9:66:5b:90:21:7c:90:74:d0:ba:
b8:4a:41:c2:23:f2:9b:d3:8b:32:23:5f:3f:f1:50:81:45:73:
f4:63:fe:75:e8:48:f8:f6:7f:fd:8b:0e:00:3e:16:db:b0:02:
22:21:f2:45:5d:46:56:49:c2:29:1a:de:19:db:df:22:c8:3a:
c8:18:f6:ca:f4:c2:41:1e:93:d9:ae:37:5f:0e:7c:90:36:a4:
ec:56:f2:de:29:a9:d0:24:17:b8:21:ec:fd:dc:77:c2:5e:e5:
6c:58:3f:d4:c7:f6:39:b9:5b:eb:02:00:59:6f:b4:1a:fc:a3:
7c:cd:ed:1d:d6:ff:8d:d1:0c:1e:4d:1c:69:40:56:e5:91:c9:
61:e6:1a:6c:ad:38:f1:56:31:cb:bf:e7:9b:8c:56:be:2f:ac:
e9:b1:d7:80
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY8g0brf3nYJzRixOp2rJ8QqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwNDI3MTgyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzgwYWQ4YTVjZjMzNjY0MGEyNzE0MWQ0MTAyMzYxZDg0MDg0MDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqh+7c5R1AhGvEOiQ65KnjUFmWT4u
3ZAAK3+mTnP0tKEStFU4c7DVRXeLf88l1goMH/6R9yRrnzkHN454q4c3ebY8JLzn
4JoXVfhQM4Zcf0RFhl//AVrThAbmcrZjYu8LFUbychvLRfYl18zohcPpNhO5CVRG
JJCpQh9GdMPzQnNkt+nS5U6oqOBOpa8q2xWe2DsoxW1A4qdooCEw/9H4+aQ+nJcy
UNh8wNR3oNNglhm9Tl9jA9V5FtkMgE4D+A1kfIdtfXOoNxTh6yMna+TRBU6k14Yn
48ewsWGDoepgnxTAIGDwL7Kowx3+7ssxWH+WYAc9ZqctTMQmcsW9h7afWwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEyArYpc8zZkCicUHUECNh2ECECIMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvVElDdGlsenpObVFLSnhRZFFRSTJIWVFJUUlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDURaIAwQC
WbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQAOwBvSJCVpNzQUTIRutgW7LJKl
O8LKchKyGI4HqsUKtwbi9vDoLJZprbOsfsoNlqXOEEa1GcxGGsGbTNUlIwNPmkyk
bzEPttoTWttusjHLii8/PMuwrrbRYChVhfk482Tx3LlmW5AhfJB00Lq4SkHCI/Kb
04syI18/8VCBRXP0Y/516Ej49n/9iw4APhbbsAIiIfJFXUZWScIpGt4Z298iyDrI
GPbK9MJBHpPZrjdfDnyQNqTsVvLeKanQJBe4Iez93HfCXuVsWD/Ux/Y5uVvrAgBZ
b7Qa/KN8ze0d1v+N0QweTRxpQFblkclh5hpsrTjxVjHLv+ebjFa+L6zpsdeA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org