Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/TrKxNzK7PVwayBFzzIHtztg9hkI.roa
File: TrKxNzK7PVwayBFzzIHtztg9hkI.roa (raw, json)
Hash identifier: kfkmJVb2tfBkKqEwqLmfYwhJJ7ff1FnuhYBdSmQGwN4=
Subject key identifier: 4E:B2:B1:37:32:BB:3D:5C:1A:C8:11:73:CC:81:ED:CE:D8:3D:86:42
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018861A330FA63729A52DFC6B2A591C0817B
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/TrKxNzK7PVwayBFzzIHtztg9hkI.roa
Signing time: Sun 28 May 2023 09:14:24 +0000
ROA not before: Sun 28 May 2023 09:14:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 81.22.134.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sun 04 Jun 2023 22:08:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:61:a3:30:fa:63:72:9a:52:df:c6:b2:a5:91:c0:81:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: May 28 09:14:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4eb2b13732bb3d5c1ac81173cc81edced83d8642
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:3e:9f:0f:7c:4c:e8:1d:26:17:27:a0:99:a0:
9d:01:24:ae:de:7a:2d:33:ba:dc:91:f7:9d:07:f7:
ce:37:57:be:67:eb:3d:83:69:17:c7:da:f1:69:57:
3a:70:5c:7a:cd:e1:54:a4:8d:e6:4d:c0:19:cf:67:
39:c4:7a:d3:1a:a6:42:77:cb:99:2d:56:f9:33:fd:
e1:ff:0c:a4:c6:6e:78:c0:3b:99:79:01:9a:f2:bc:
e0:24:ae:a3:7c:4a:28:e4:e9:87:9c:ed:21:54:97:
cd:be:54:d4:d9:4c:d6:62:75:40:95:d0:3c:8e:b5:
68:21:78:64:95:63:f5:97:ef:cc:a7:62:0e:0b:49:
34:63:76:02:76:66:90:7b:5e:45:9e:f8:77:81:b6:
b6:a0:81:fe:19:d6:b1:88:3e:43:ab:f7:54:b1:42:
fe:9e:e3:e9:29:84:49:0d:91:f5:2a:49:45:e1:f4:
9a:6c:98:5f:26:92:1e:3d:14:73:4a:8f:94:be:03:
6c:b6:ba:3e:73:dd:1b:0a:ef:ce:19:c2:21:25:43:
25:98:1f:ee:7e:2c:b9:bb:2a:b3:9d:ac:26:e3:66:
6f:00:dd:9b:3e:12:5b:fd:82:36:59:e4:8b:ca:09:
cb:ac:c8:36:fd:b9:b8:74:fa:3b:84:fa:b0:fa:00:
96:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:B2:B1:37:32:BB:3D:5C:1A:C8:11:73:CC:81:ED:CE:D8:3D:86:42
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/TrKxNzK7PVwayBFzzIHtztg9hkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.134.0/24
89.185.0.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:20:3c:1c:1e:25:80:55:10:d2:88:6c:23:62:56:4a:f9:99:
60:d3:8a:e9:95:57:b7:c0:78:5c:7b:bc:cf:38:c9:da:92:03:
c8:cf:7c:24:13:92:a0:c7:95:4d:e6:bf:b6:6f:05:ea:86:51:
40:d5:f0:52:0d:55:92:d5:7a:5e:f9:51:90:20:35:26:4a:60:
ad:9e:d4:b4:f1:19:5f:6d:c2:d1:b6:98:39:f0:23:17:58:a0:
d8:2d:b3:09:b0:a2:98:fb:fd:a5:c8:4a:c9:24:b6:78:b2:6f:
13:8f:5a:f1:b5:ed:b6:c5:ad:a8:99:76:c5:31:71:74:7e:d2:
4f:09:a4:29:ca:c2:7b:b4:32:69:c8:41:7b:13:c1:3d:ab:2f:
8a:f4:2b:fd:5a:e6:89:f5:e0:df:ac:32:af:c3:83:e6:54:5d:
c9:1d:3a:75:ee:4b:55:37:16:c8:7e:fa:b7:40:a6:15:ac:42:
85:9d:93:44:6b:09:ae:b4:d3:b6:91:2a:9b:61:ef:bd:1a:35:
f9:6a:e3:02:2b:b8:3e:05:f2:be:40:cb:0c:6c:61:00:f7:7a:
7c:32:55:72:d6:1a:ff:17:c5:b7:5a:12:f2:72:fa:59:36:05:
dd:d8:a1:48:b0:53:f1:bf:49:55:08:ec:9b:d2:5d:ac:21:fa:
48:df:a3:03
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYhhozD6Y3KaUt/GsqWRwIF7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwNTI4MDkxNDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWIyYjEzNzMyYmIzZDVjMWFjODExNzNjYzgxZWRjZWQ4M2Q4NjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwD6fD3xM6B0mFyegmaCdASSu3not
M7rckfedB/fON1e+Z+s9g2kXx9rxaVc6cFx6zeFUpI3mTcAZz2c5xHrTGqZCd8uZ
LVb5M/3h/wykxm54wDuZeQGa8rzgJK6jfEoo5OmHnO0hVJfNvlTU2UzWYnVAldA8
jrVoIXhklWP1l+/Mp2IOC0k0Y3YCdmaQe15Fnvh3gba2oIH+GdaxiD5Dq/dUsUL+
nuPpKYRJDZH1KklF4fSabJhfJpIePRRzSo+UvgNstro+c90bCu/OGcIhJUMlmB/u
fiy5uyqznawm42ZvAN2bPhJb/YI2WeSLygnLrMg2/bm4dPo7hPqw+gCWuQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE6ysTcyuz1cGsgRc8yB7c7YPYZCMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvVHJLeE56SzdQVndheUJGenpJSHR6dGc5aGtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAURaGAwQC
WbkAMA0GCSqGSIb3DQEBCwUAA4IBAQB6IDwcHiWAVRDSiGwjYlZK+Zlg04rplVe3
wHhce7zPOMnakgPIz3wkE5Kgx5VN5r+2bwXqhlFA1fBSDVWS1Xpe+VGQIDUmSmCt
ntS08RlfbcLRtpg58CMXWKDYLbMJsKKY+/2lyErJJLZ4sm8Tj1rxte22xa2omXbF
MXF0ftJPCaQpysJ7tDJpyEF7E8E9qy+K9Cv9WuaJ9eDfrDKvw4PmVF3JHTp17ktV
NxbIfvq3QKYVrEKFnZNEawmutNO2kSqbYe+9GjX5auMCK7g+BfK+QMsMbGEA93p8
MlVy1hr/F8W3WhLycvpZNgXd2KFIsFPxv0lVCOyb0l2sIfpI36MD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org