Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/TjKgo4Pvtdj_BqU93Jk86vyddDY.roa
File: TjKgo4Pvtdj_BqU93Jk86vyddDY.roa (raw, json)
Hash identifier: MWkBBxt9/xAOTzpgDGJEhLpiW26MvcBg+elhQ6t2mHs=
Subject key identifier: 4E:32:A0:A3:83:EF:B5:D8:FF:06:A5:3D:DC:99:3C:EA:FC:9D:74:36
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018A17DE19A11B40C1393EFE037264D097CE
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/TjKgo4Pvtdj_BqU93Jk86vyddDY.roa
Signing time: Mon 21 Aug 2023 11:32:26 +0000
ROA not before: Mon 21 Aug 2023 11:32:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
81.22.132.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Aug 2023 08:29:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:17:de:19:a1:1b:40:c1:39:3e:fe:03:72:64:d0:97:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Aug 21 11:32:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e32a0a383efb5d8ff06a53ddc993ceafc9d7436
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b2:0f:f2:7b:be:f6:c2:25:da:f7:15:ab:5c:
d2:cd:29:7f:01:da:c7:d9:06:cd:f5:f3:81:ca:b6:
ef:b2:bf:b4:1d:d8:36:77:75:e0:ba:85:17:c1:65:
10:ea:42:ad:5c:e1:48:96:af:f5:55:1a:10:0b:5f:
08:ff:c4:a2:81:5d:c2:5b:2b:94:46:9d:ea:7e:94:
9f:5e:a0:dd:bb:b5:91:93:b1:6e:35:70:1c:d9:47:
4c:fe:63:f3:4f:03:e0:22:cf:62:79:a8:83:0d:2e:
26:6b:42:e1:d0:73:ea:e7:68:4f:e7:de:0c:18:58:
7b:df:b4:6e:ab:86:1f:92:de:41:18:ea:ad:48:87:
95:82:9d:fd:f3:60:c1:08:a9:b4:b6:d7:f7:5c:e7:
17:19:4b:7a:df:d3:7a:18:18:3a:a2:54:99:ef:81:
78:1f:02:89:79:63:3a:94:74:ca:d5:34:c5:f5:67:
05:d3:bc:92:e9:4e:a3:6b:21:ca:af:62:aa:fa:78:
74:c8:ce:92:56:ab:08:91:b9:29:ce:ce:75:2a:7e:
e9:62:91:88:68:f1:98:dc:b3:d6:01:0f:47:cc:71:
1d:07:2b:37:bd:75:1b:7f:c6:43:58:7e:83:8a:24:
da:4a:b5:6d:db:8f:a1:bf:22:05:1b:68:55:69:c1:
b8:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:32:A0:A3:83:EF:B5:D8:FF:06:A5:3D:DC:99:3C:EA:FC:9D:74:36
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/TjKgo4Pvtdj_BqU93Jk86vyddDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.132.0/24
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
70:a2:cc:a8:c3:5e:3c:bf:44:06:05:21:24:87:d6:78:86:85:
21:5d:de:f9:66:ff:80:b0:c7:f5:ac:0e:56:65:11:e2:76:c5:
5e:9b:04:e6:70:e9:01:a5:25:ed:ed:90:31:63:96:3e:cd:61:
5f:34:3f:de:61:84:c3:61:8a:77:37:72:00:dd:91:a5:94:ed:
b3:94:01:8b:50:59:2d:de:f1:69:c3:6b:4c:ba:4c:d1:99:ca:
5c:bd:b7:26:62:6d:fa:57:33:35:b4:5c:af:46:b2:34:72:9e:
98:87:8a:bf:f9:5e:26:0a:af:de:d1:49:f7:99:56:18:32:38:
fc:e5:56:63:9f:11:cd:cc:b6:2c:77:ef:e1:ff:8e:8b:06:29:
aa:9f:86:51:dd:73:c0:e0:bc:2e:4f:93:ec:a9:c6:e4:fb:b9:
6c:3a:1f:57:4d:d8:6b:cb:73:e2:d1:73:9c:59:de:d0:3b:4c:
1a:73:94:ba:0a:f5:1c:4a:2c:5a:82:5b:0a:eb:1c:c1:cd:01:
06:ff:f6:c5:b0:32:68:02:03:9f:fa:3d:df:05:eb:02:e9:38:
12:ed:c7:d1:e1:91:ae:78:f3:42:97:83:fc:5f:80:ec:f6:c4:
cf:66:ae:51:13:46:dc:ae:9d:36:b2:eb:71:c7:f2:f6:65:c8:
47:a8:76:ee
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYoX3hmhG0DBOT7+A3Jk0JfOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwODIxMTEzMjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTMyYTBhMzgzZWZiNWQ4ZmYwNmE1M2RkYzk5M2NlYWZjOWQ3NDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLIP8nu+9sIl2vcVq1zSzSl/AdrH
2QbN9fOByrbvsr+0Hdg2d3XguoUXwWUQ6kKtXOFIlq/1VRoQC18I/8SigV3CWyuU
Rp3qfpSfXqDdu7WRk7FuNXAc2UdM/mPzTwPgIs9ieaiDDS4ma0Lh0HPq52hP594M
GFh737Ruq4Yfkt5BGOqtSIeVgp3982DBCKm0ttf3XOcXGUt639N6GBg6olSZ74F4
HwKJeWM6lHTK1TTF9WcF07yS6U6jayHKr2Kq+nh0yM6SVqsIkbkpzs51Kn7pYpGI
aPGY3LPWAQ9HzHEdBys3vXUbf8ZDWH6DiiTaSrVt24+hvyIFG2hVacG4lQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE4yoKOD77XY/walPdyZPOr8nXQ2MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvVGpLZ280UHZ0ZGpfQnFVOTNKazg2dnlkZERZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAURaEAwQC
WbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQBwosyow148v0QGBSEkh9Z4hoUh
Xd75Zv+AsMf1rA5WZRHidsVemwTmcOkBpSXt7ZAxY5Y+zWFfND/eYYTDYYp3N3IA
3ZGllO2zlAGLUFkt3vFpw2tMukzRmcpcvbcmYm36VzM1tFyvRrI0cp6Yh4q/+V4m
Cq/e0Un3mVYYMjj85VZjnxHNzLYsd+/h/46LBimqn4ZR3XPA4LwuT5Psqcbk+7ls
Oh9XTdhry3Pi0XOcWd7QO0wac5S6CvUcSixaglsK6xzBzQEG//bFsDJoAgOf+j3f
BesC6TgS7cfR4ZGuePNCl4P8X4Ds9sTPZq5RE0bcrp02sutxx/L2ZchHqHbu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org