Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/UzVAP9EofHtNwYwobfKtazC4SLY.roa
File: UzVAP9EofHtNwYwobfKtazC4SLY.roa (raw, json)
Hash identifier: B7dJnaML2eHhhFVnkM6DFQ4O+4/WncyOUVgLhgyfNyo=
Subject key identifier: 53:35:40:3F:D1:28:7C:7B:4D:C1:8C:28:6D:F2:AD:6B:30:B8:48:B6
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018ACC47E0CFD0B2BE694FEBA88AFE030388
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/UzVAP9EofHtNwYwobfKtazC4SLY.roa
Signing time: Mon 25 Sep 2023 12:19:37 +0000
ROA not before: Mon 25 Sep 2023 12:19:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 81.22.140.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
81.22.128.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Sep 2023 19:44:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cc:47:e0:cf:d0:b2:be:69:4f:eb:a8:8a:fe:03:03:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Sep 25 12:19:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5335403fd1287c7b4dc18c286df2ad6b30b848b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:6a:92:0a:61:89:46:50:3a:fa:77:bd:73:a0:
ef:49:8d:75:59:30:68:ff:2b:5b:42:5d:e2:67:cd:
b1:a4:7b:2b:5b:d8:a0:68:ac:67:85:65:c8:01:57:
d8:c2:b4:a3:54:82:7d:2f:3b:f6:5f:7a:68:81:3e:
40:52:d5:37:71:de:ae:43:a8:fe:47:5a:9f:a5:8f:
4f:a5:d7:70:0a:3b:0a:2d:6e:f5:16:1e:ce:b3:0f:
34:06:ff:ba:63:2b:5c:f3:12:71:72:c9:90:11:e2:
91:9a:8c:bf:f5:b4:fe:55:99:31:19:9f:50:db:03:
74:b2:df:a9:ea:f6:da:1d:1c:ed:bc:11:82:15:84:
bb:07:ff:53:df:ed:fd:b1:f3:d6:1a:9e:24:df:0f:
80:b8:0f:56:b8:8a:fc:c2:ff:c8:73:fd:a3:17:38:
6f:9a:14:cb:5d:d9:5f:7d:73:7c:b6:aa:ac:1f:8b:
33:58:7d:ae:ab:f3:89:55:f5:9e:d9:e9:27:29:57:
4c:6f:46:29:79:b3:21:97:a4:0f:53:c7:7b:7b:de:
36:7a:4f:1e:95:09:e7:46:e7:c0:b4:52:6c:b1:59:
8b:81:d6:e3:a8:32:3d:33:16:66:ff:14:6f:ed:45:
d0:09:44:61:4c:a7:df:82:16:41:07:35:44:5f:44:
ce:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:35:40:3F:D1:28:7C:7B:4D:C1:8C:28:6D:F2:AD:6B:30:B8:48:B6
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/UzVAP9EofHtNwYwobfKtazC4SLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.128.0/24
81.22.140.0/22
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:5f:2b:01:59:c1:42:bd:7d:f5:b0:36:5b:91:29:8a:09:cb:
09:64:48:f1:ac:d7:ca:d6:1b:86:51:b2:25:9b:69:a8:a4:77:
f6:f0:74:b0:21:f1:2c:4f:5b:7a:08:a5:01:3b:d3:86:b2:81:
b5:10:6c:69:74:d1:78:e3:20:30:0e:6e:4a:74:2f:b0:35:c7:
38:a7:81:15:4b:7a:c4:b7:0a:5c:06:61:6d:76:35:3b:b9:d2:
41:74:26:53:b9:53:f9:43:6c:73:d0:de:e4:aa:6e:21:4d:c7:
fa:65:a5:86:f4:90:8b:d4:1f:22:7a:8d:e4:ea:75:05:dd:c2:
e4:e6:90:ba:19:75:af:c5:d9:e4:55:22:e9:38:7d:e2:4a:67:
94:f3:09:e8:95:58:7f:76:c0:b6:a6:1b:b0:5f:ea:41:17:4a:
fa:e0:da:4a:38:91:fc:96:06:68:bc:c3:e7:84:78:ef:5d:f7:
f2:58:ad:56:eb:46:04:42:cb:b9:ff:0c:69:13:00:24:6b:48:
41:d9:b3:1e:58:66:5e:25:12:7a:7c:0c:55:ed:42:d0:d0:e0:
dd:2d:b1:2c:ca:1b:76:43:fa:81:e1:ff:6f:3e:79:39:05:2e:
64:3f:02:e4:10:eb:d3:88:b0:d0:f9:de:e4:5d:36:8f:0d:c9:
16:ec:4d:7e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYrMR+DP0LK+aU/rqIr+AwOIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwOTI1MTIxOTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzM1NDAzZmQxMjg3YzdiNGRjMThjMjg2ZGYyYWQ2YjMwYjg0OGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmqSCmGJRlA6+ne9c6DvSY11WTBo
/ytbQl3iZ82xpHsrW9igaKxnhWXIAVfYwrSjVIJ9Lzv2X3pogT5AUtU3cd6uQ6j+
R1qfpY9PpddwCjsKLW71Fh7Osw80Bv+6Yytc8xJxcsmQEeKRmoy/9bT+VZkxGZ9Q
2wN0st+p6vbaHRztvBGCFYS7B/9T3+39sfPWGp4k3w+AuA9WuIr8wv/Ic/2jFzhv
mhTLXdlffXN8tqqsH4szWH2uq/OJVfWe2eknKVdMb0YpebMhl6QPU8d7e942ek8e
lQnnRufAtFJssVmLgdbjqDI9MxZm/xRv7UXQCURhTKffghZBBzVEX0TO7wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFM1QD/RKHx7TcGMKG3yrWswuEi2MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvVXpWQVA5RW9mSHROd1l3b2JmS3RhekM0U0xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAURaAAwQC
URaMAwQCWbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQCcXysBWcFCvX31sDZb
kSmKCcsJZEjxrNfK1huGUbIlm2mopHf28HSwIfEsT1t6CKUBO9OGsoG1EGxpdNF4
4yAwDm5KdC+wNcc4p4EVS3rEtwpcBmFtdjU7udJBdCZTuVP5Q2xz0N7kqm4hTcf6
ZaWG9JCL1B8ieo3k6nUF3cLk5pC6GXWvxdnkVSLpOH3iSmeU8wnolVh/dsC2phuw
X+pBF0r64NpKOJH8lgZovMPnhHjvXffyWK1W60YEQsu5/wxpEwAka0hB2bMeWGZe
JRJ6fAxV7ULQ0ODdLbEsyht2Q/qB4f9vPnk5BS5kPwLkEOvTiLDQ+d7kXTaPDckW
7E1+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org