Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/V4AqG8I0ioQHBWnd7Yw3bNUQ4oA.roa
File: V4AqG8I0ioQHBWnd7Yw3bNUQ4oA.roa (raw, json)
Hash identifier: EHCgBQxUxyV/lc3o8tDTmSEzpl/DIxMEjt3UzIHUkQk=
Subject key identifier: 57:80:2A:1B:C2:34:8A:84:07:05:69:DD:ED:8C:37:6C:D5:10:E2:80
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018DA8C7760A28E5CF4EC0C8F45F295E5FD8
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/V4AqG8I0ioQHBWnd7Yw3bNUQ4oA.roa
Signing time: Wed 14 Feb 2024 18:01:00 +0000
ROA not before: Wed 14 Feb 2024 18:01:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 23
81.22.138.0/24 maxlen: 24
81.22.140.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
109.72.112.0/24 maxlen: 24
109.72.116.0/22 maxlen: 24
109.72.123.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Feb 2024 15:29:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a8:c7:76:0a:28:e5:cf:4e:c0:c8:f4:5f:29:5e:5f:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Feb 14 18:01:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=57802a1bc2348a84070569dded8c376cd510e280
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:45:6b:7b:87:56:3d:a7:e1:81:91:a7:0e:a9:
9e:d1:1e:bd:46:89:fa:37:a0:05:dd:3a:f3:2a:51:
c6:33:55:ed:45:8f:b6:d3:86:17:4d:8c:3d:95:42:
a9:8e:87:06:ca:7c:55:6f:91:4e:70:20:e7:ce:9a:
a5:30:ec:5e:e6:29:3d:1f:d0:75:5c:d8:48:57:f4:
47:7e:f4:5e:6e:c2:c3:dd:b2:b5:90:e4:7d:49:5b:
84:dd:49:e7:72:b6:e2:6d:c3:8b:95:d3:15:cb:4a:
4d:36:91:a5:39:ef:c1:67:67:f7:a8:c4:c3:68:a9:
94:3f:82:d2:28:67:e1:48:a2:56:52:12:9c:a6:26:
ee:17:ae:84:33:d8:c0:2c:23:1b:94:17:3e:6c:19:
cd:7b:76:60:63:84:be:48:91:0f:bc:50:b1:83:b9:
85:dd:9d:a5:b9:40:5a:96:9f:ea:cb:24:8b:af:db:
43:3e:11:f9:ca:c7:70:af:83:37:1b:c2:b6:9d:2f:
6b:49:f4:42:4a:ba:1d:69:c8:e1:53:3a:0a:ea:c2:
de:a0:f9:c4:a8:23:59:6b:e0:1b:89:26:3d:b4:2d:
57:7d:f7:a3:6e:6e:a7:7b:78:d0:2a:9b:eb:e1:f0:
aa:dd:fe:23:8e:c6:82:14:05:00:9b:5e:07:68:9b:
79:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:80:2A:1B:C2:34:8A:84:07:05:69:DD:ED:8C:37:6C:D5:10:E2:80
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/V4AqG8I0ioQHBWnd7Yw3bNUQ4oA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
109.72.112.0/24
109.72.116.0/22
109.72.123.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:56:f4:6f:3f:76:64:39:32:60:2f:62:b1:9a:01:a5:4e:7e:
3c:ec:6c:be:4b:10:1c:f5:19:25:72:c1:22:b7:41:55:9c:32:
d3:3e:f0:42:b9:a3:fd:6c:17:3d:7f:1b:f5:c7:d7:ef:dc:7d:
d3:39:a4:5c:46:68:55:e8:ae:01:9c:65:e0:87:3b:a5:cc:99:
08:18:d9:31:6f:8d:64:8d:07:e2:be:b3:ec:22:c8:96:c5:6e:
e5:95:1a:6f:6d:d4:c1:6f:cd:f2:8b:3e:bb:61:50:a2:2b:d9:
69:1e:08:a2:d9:ae:43:0d:9b:23:bf:af:10:96:ca:91:84:80:
33:a2:b7:53:26:1f:43:c2:08:47:ff:59:59:01:bc:79:92:e9:
1b:21:8d:62:07:07:05:53:88:50:74:c3:dc:11:13:c7:ba:da:
60:a8:32:e1:46:2f:11:3d:e4:84:63:b3:20:e4:1b:b4:d3:f1:
38:d1:83:d3:77:14:21:e7:dc:06:df:88:39:e0:bc:a2:cd:ba:
e1:0b:b5:92:5d:64:90:9a:b0:4b:c6:10:bf:18:09:ed:d1:5a:
4e:ff:01:8b:91:ee:a0:b6:2e:6a:d9:38:aa:a8:ac:fb:d6:17:
1d:3f:ac:f4:1f:f7:77:0b:28:97:e9:06:2d:ca:77:dd:37:e5:
cf:1c:5b:48
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY2ox3YKKOXPTsDI9F8pXl/YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMjE0MTgwMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzgwMmExYmMyMzQ4YTg0MDcwNTY5ZGRlZDhjMzc2Y2Q1MTBlMjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0Vre4dWPafhgZGnDqme0R69Ron6
N6AF3TrzKlHGM1XtRY+204YXTYw9lUKpjocGynxVb5FOcCDnzpqlMOxe5ik9H9B1
XNhIV/RHfvRebsLD3bK1kOR9SVuE3UnncrbibcOLldMVy0pNNpGlOe/BZ2f3qMTD
aKmUP4LSKGfhSKJWUhKcpibuF66EM9jALCMblBc+bBnNe3ZgY4S+SJEPvFCxg7mF
3Z2luUBalp/qyySLr9tDPhH5ysdwr4M3G8K2nS9rSfRCSrodacjhUzoK6sLeoPnE
qCNZa+AbiSY9tC1Xffejbm6ne3jQKpvr4fCq3f4jjsaCFAUAm14HaJt58wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFeAKhvCNIqEBwVp3e2MN2zVEOKAMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvVjRBcUc4STBpb1FIQlduZDdZdzNiTlVRNG9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDURaIAwQC
WbkAAwQAbUhwAwQCbUh0AwQAbUh7MA0GCSqGSIb3DQEBCwUAA4IBAQB6VvRvP3Zk
OTJgL2KxmgGlTn487Gy+SxAc9RklcsEit0FVnDLTPvBCuaP9bBc9fxv1x9fv3H3T
OaRcRmhV6K4BnGXghzulzJkIGNkxb41kjQfivrPsIsiWxW7llRpvbdTBb83yiz67
YVCiK9lpHgii2a5DDZsjv68QlsqRhIAzordTJh9DwghH/1lZAbx5kukbIY1iBwcF
U4hQdMPcERPHutpgqDLhRi8RPeSEY7Mg5Bu00/E40YPTdxQh59wG34g54Lyizbrh
C7WSXWSQmrBLxhC/GAnt0VpO/wGLke6gti5q2TiqqKz71hcdP6z0H/d3CyiX6QYt
ynfdN+XPHFtI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org