Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/ULmEaJM9dEKjCUjxpxiAFVBCfuI.roa
File: ULmEaJM9dEKjCUjxpxiAFVBCfuI.roa (raw, json)
Hash identifier: JYhNBW+VKMrkls84n1vUIwO4lSr9z70esrVWfrzAfyU=
Subject key identifier: 50:B9:84:68:93:3D:74:42:A3:09:48:F1:A7:18:80:15:50:42:7E:E2
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018AA7FA8E7B08ADAC2B1B62E516ABFFBC39
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/ULmEaJM9dEKjCUjxpxiAFVBCfuI.roa
Signing time: Mon 18 Sep 2023 11:08:50 +0000
ROA not before: Mon 18 Sep 2023 11:08:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.72.114.0/24 maxlen: 24
109.72.115.0/24 maxlen: 24
109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 19 Sep 2023 16:02:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a7:fa:8e:7b:08:ad:ac:2b:1b:62:e5:16:ab:ff:bc:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Sep 18 11:08:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=50b98468933d7442a30948f1a718801550427ee2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:90:0a:15:c2:77:39:2b:b5:ac:c6:27:e3:a0:
d3:46:9f:9b:6c:d9:62:8c:b0:36:3c:6e:46:52:68:
d5:82:d8:1c:8e:aa:a8:af:51:c8:c5:9a:f3:14:31:
2c:0e:7c:07:3f:b5:a6:1c:a4:b1:59:7d:86:e0:2d:
29:0c:74:e5:59:bc:5f:a8:bb:13:d0:59:16:39:2f:
e3:f9:cb:ff:cf:ca:fc:6e:e6:21:00:1a:85:e5:01:
df:01:7e:3b:07:84:52:dc:28:a4:47:a6:8a:74:5c:
e8:97:3e:f4:c9:35:64:b5:2e:d5:59:cc:00:e8:4f:
d7:a9:e2:83:63:d1:2b:55:3c:55:dc:b1:79:45:6f:
11:53:5c:6d:a2:92:db:da:7f:ef:ce:ac:bb:66:28:
eb:2a:40:80:9b:f5:b5:14:80:b9:de:0a:75:91:44:
74:29:ef:91:bb:3d:c0:b2:e1:fe:ac:6d:2b:15:5a:
2f:96:50:42:c9:1c:be:46:ba:a2:e5:49:a6:76:4e:
6e:a5:e0:86:3f:5f:e6:ed:1e:39:f0:91:ba:50:a8:
13:1d:8c:53:24:97:c2:85:a5:8a:15:4b:34:35:0d:
79:ed:c0:77:d4:4b:c0:4b:9e:18:7a:20:92:e9:cc:
a9:70:1e:91:a6:68:d3:d0:34:a8:a1:1a:45:0f:22:
28:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:B9:84:68:93:3D:74:42:A3:09:48:F1:A7:18:80:15:50:42:7E:E2
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/ULmEaJM9dEKjCUjxpxiAFVBCfuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.0.0/22
109.72.114.0-109.72.119.255
Signature Algorithm: sha256WithRSAEncryption
36:35:6e:7d:df:03:cc:58:55:e2:6b:dc:77:87:b4:0a:77:4c:
6d:79:27:04:2d:5c:ff:83:3c:d9:de:5b:7c:a1:8c:be:a9:6c:
17:72:1b:88:ca:33:00:c2:6f:e1:7d:d5:d3:cd:f1:9f:96:44:
48:a5:89:8e:f7:58:38:25:00:28:a0:96:e1:d3:cf:2e:5b:b5:
10:30:67:bf:d7:9b:3d:ec:b7:19:d3:b9:d8:91:2c:bf:6b:c7:
99:7b:2b:a2:18:e5:e0:5a:7d:64:1f:d3:b6:29:96:82:db:f6:
7e:32:e1:f5:82:c0:b5:dc:99:bc:18:80:0a:77:ba:13:bd:cb:
cb:b1:18:55:5c:39:1b:9c:0c:14:7d:59:d7:27:76:6f:23:ea:
24:e4:f3:58:68:8e:08:00:9b:c5:c0:bc:02:04:40:44:4a:db:
15:be:01:2e:a8:36:be:f3:92:4b:46:44:f4:d5:f8:b2:18:62:
65:cc:40:df:20:16:a6:ff:ab:e5:f6:05:ef:91:79:b0:85:b0:
2f:65:d8:46:f0:83:87:e6:fc:45:89:c1:42:01:22:8c:4d:cb:
5b:11:d9:9d:a4:a0:f1:b1:7e:27:10:7a:bb:f7:1a:f0:62:da:
04:10:2d:ea:eb:8c:13:04:50:14:79:e0:4b:35:55:ff:27:2d:
18:f7:98:73
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYqn+o57CK2sKxti5Rar/7w5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwOTE4MTEwODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGI5ODQ2ODkzM2Q3NDQyYTMwOTQ4ZjFhNzE4ODAxNTUwNDI3ZWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpAKFcJ3OSu1rMYn46DTRp+bbNli
jLA2PG5GUmjVgtgcjqqor1HIxZrzFDEsDnwHP7WmHKSxWX2G4C0pDHTlWbxfqLsT
0FkWOS/j+cv/z8r8buYhABqF5QHfAX47B4RS3CikR6aKdFzolz70yTVktS7VWcwA
6E/XqeKDY9ErVTxV3LF5RW8RU1xtopLb2n/vzqy7ZijrKkCAm/W1FIC53gp1kUR0
Ke+Ruz3AsuH+rG0rFVovllBCyRy+Rrqi5Ummdk5upeCGP1/m7R458JG6UKgTHYxT
JJfChaWKFUs0NQ157cB31EvAS54YeiCS6cypcB6RpmjT0DSooRpFDyIoGQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFFC5hGiTPXRCowlI8acYgBVQQn7iMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvVUxtRWFKTTlkRUtqQ1VqeHB4aUFGVkJDZnVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCWbkAMAwD
BAFtSHIDBANtSHAwDQYJKoZIhvcNAQELBQADggEBADY1bn3fA8xYVeJr3HeHtAp3
TG15JwQtXP+DPNneW3yhjL6pbBdyG4jKMwDCb+F91dPN8Z+WREiliY73WDglACig
luHTzy5btRAwZ7/Xmz3stxnTudiRLL9rx5l7K6IY5eBafWQf07YploLb9n4y4fWC
wLXcmbwYgAp3uhO9y8uxGFVcORucDBR9Wdcndm8j6iTk81hojggAm8XAvAIEQERK
2xW+AS6oNr7zkktGRPTV+LIYYmXMQN8gFqb/q+X2Be+RebCFsC9l2Ebwg4fm/EWJ
wUIBIoxNy1sR2Z2koPGxficQerv3GvBi2gQQLerrjBMEUBR54Es1Vf8nLRj3mHM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org