Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/Ty4wtaCLrpH3AR447AukNKw-pIo.roa
File: Ty4wtaCLrpH3AR447AukNKw-pIo.roa (raw, json)
Hash identifier: 0DhzG/Y66XKZ3ZChRLQeo9h8fk92IuzGotW1nQUjnXw=
Subject key identifier: 4F:2E:30:B5:A0:8B:AE:91:F7:01:1E:38:EC:0B:A4:34:AC:3E:A4:8A
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018A613CBAE219CF08CB38A17DA2C30084C4
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/Ty4wtaCLrpH3AR447AukNKw-pIo.roa
Signing time: Mon 04 Sep 2023 17:28:04 +0000
ROA not before: Mon 04 Sep 2023 17:28:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.185.22.0/24 maxlen: 24
109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 05 Sep 2023 10:19:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:61:3c:ba:e2:19:cf:08:cb:38:a1:7d:a2:c3:00:84:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Sep 4 17:28:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f2e30b5a08bae91f7011e38ec0ba434ac3ea48a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:b0:0a:c9:1c:13:04:18:8a:d3:10:5f:6f:2d:
aa:fd:41:1f:20:b8:80:57:44:fd:79:8e:5e:78:b5:
2f:1a:0a:37:da:75:52:4c:ac:5c:ab:c6:02:c8:0c:
9d:f5:a7:02:cd:7b:2d:e6:7c:4d:0c:5d:5d:72:28:
b5:04:3a:19:94:c5:3f:4f:86:6c:16:35:d5:f2:c2:
76:0e:fe:2d:fc:22:c1:bf:19:6d:03:12:16:9e:dd:
62:39:28:aa:2c:37:09:a7:b4:88:18:22:08:b7:26:
32:0e:5b:89:45:b3:b2:3b:11:3b:46:e3:3b:73:37:
40:06:71:ce:d4:35:ed:ae:25:7e:60:2c:50:1b:94:
1e:23:08:57:a7:67:56:1a:ee:57:59:cc:13:74:13:
f6:f4:2d:6e:f3:be:6e:76:d0:17:f7:eb:b4:56:20:
10:9c:9f:52:78:68:7c:8d:9e:b1:df:61:43:d4:f5:
21:ff:71:51:12:62:2c:cf:20:b3:09:9e:b3:dd:4d:
32:32:3b:df:3a:2f:97:3d:eb:95:91:ab:a5:8e:d9:
a1:72:d9:ce:9c:00:65:bf:c8:3e:f2:e9:07:a4:49:
e3:d4:5e:ce:cb:c7:7e:33:c7:cb:31:ed:c8:23:3d:
d9:df:96:74:43:44:57:53:d5:f3:b6:b1:ad:b9:1a:
cd:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:2E:30:B5:A0:8B:AE:91:F7:01:1E:38:EC:0B:A4:34:AC:3E:A4:8A
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/Ty4wtaCLrpH3AR447AukNKw-pIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.0.0/22
89.185.22.0/24
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
18:19:df:54:33:d5:8f:b4:e3:cd:1f:f4:b6:b8:d6:ec:1b:0f:
0a:b4:eb:d2:ba:19:60:e1:7c:64:f0:fb:5a:b4:10:93:6b:5c:
55:b7:51:fb:4f:ea:11:e7:00:20:9d:ae:6f:5f:af:71:7b:d2:
5b:be:0f:3c:fc:eb:55:6e:f6:b7:27:44:0f:0b:9d:70:d0:1e:
e4:62:8e:e0:6f:f6:0b:a3:ad:e9:9e:8a:a2:9b:a1:43:9f:ab:
3f:96:30:b2:92:53:42:b2:26:e4:be:ed:18:03:de:77:aa:db:
f3:23:fb:94:1e:41:f7:23:0b:eb:14:59:80:87:5a:89:fa:12:
70:1e:63:b2:3b:d0:96:f9:d9:ce:f7:17:df:db:4a:f1:45:f0:
b7:be:36:1b:ff:96:9f:24:57:27:6a:b4:e6:d6:e7:b2:b0:14:
10:4b:2b:e8:56:64:18:1b:cf:db:c9:48:e1:ce:55:6b:30:f1:
4a:c9:99:21:5e:e4:5e:8a:a3:e5:27:82:cc:b6:2e:a0:93:40:
9c:f4:76:64:56:89:17:fa:a7:c5:6f:ed:a6:ac:7c:ba:e0:ab:
29:c6:42:19:cc:a2:2c:0f:a5:4d:11:bc:60:f0:f6:eb:7e:e2:
16:a3:66:e0:91:71:b3:1a:f1:30:40:ae:35:81:58:76:82:6b:
f9:c2:95:0c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYphPLriGc8IyzihfaLDAITEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwOTA0MTcyODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjJlMzBiNWEwOGJhZTkxZjcwMTFlMzhlYzBiYTQzNGFjM2VhNDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/LAKyRwTBBiK0xBfby2q/UEfILiA
V0T9eY5eeLUvGgo32nVSTKxcq8YCyAyd9acCzXst5nxNDF1dcii1BDoZlMU/T4Zs
FjXV8sJ2Dv4t/CLBvxltAxIWnt1iOSiqLDcJp7SIGCIItyYyDluJRbOyOxE7RuM7
czdABnHO1DXtriV+YCxQG5QeIwhXp2dWGu5XWcwTdBP29C1u875udtAX9+u0ViAQ
nJ9SeGh8jZ6x32FD1PUh/3FREmIszyCzCZ6z3U0yMjvfOi+XPeuVkauljtmhctnO
nABlv8g+8ukHpEnj1F7Oy8d+M8fLMe3IIz3Z35Z0Q0RXU9XztrGtuRrNlwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE8uMLWgi66R9wEeOOwLpDSsPqSKMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvVHk0d3RhQ0xycEgzQVI0NDdBdWtOS3ctcElvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCWbkAAwQA
WbkWAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQAYGd9UM9WPtOPNH/S2uNbsGw8K
tOvSuhlg4Xxk8PtatBCTa1xVt1H7T+oR5wAgna5vX69xe9Jbvg88/OtVbva3J0QP
C51w0B7kYo7gb/YLo63pnoqim6FDn6s/ljCyklNCsibkvu0YA953qtvzI/uUHkH3
IwvrFFmAh1qJ+hJwHmOyO9CW+dnO9xff20rxRfC3vjYb/5afJFcnarTm1ueysBQQ
SyvoVmQYG8/byUjhzlVrMPFKyZkhXuReiqPlJ4LMti6gk0Cc9HZkVokX+qfFb+2m
rHy64KspxkIZzKIsD6VNEbxg8PbrfuIWo2bgkXGzGvEwQK41gVh2gmv5wpUM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org