Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/W0l9LDuXh75t89Q3SyMP1vvTAzA.roa
File: W0l9LDuXh75t89Q3SyMP1vvTAzA.roa (raw, json)
Hash identifier: gvDzX2j9JIlIjnsUJ1qVLdVx5EHcuCVB153YoSpQ9Gw=
Subject key identifier: 5B:49:7D:2C:3B:97:87:BE:6D:F3:D4:37:4B:23:0F:D6:FB:D3:03:30
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018D6E1092C50C43BFCBFC7C46B30C4625BE
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/W0l9LDuXh75t89Q3SyMP1vvTAzA.roa
Signing time: Sat 03 Feb 2024 08:23:16 +0000
ROA not before: Sat 03 Feb 2024 08:23:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 23
81.22.140.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
109.72.116.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 08 Feb 2024 09:40:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6e:10:92:c5:0c:43:bf:cb:fc:7c:46:b3:0c:46:25:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Feb 3 08:23:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5b497d2c3b9787be6df3d4374b230fd6fbd30330
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:55:50:dd:81:08:98:5b:7e:d4:47:be:26:e9:
5d:9f:43:1d:51:7c:ce:3e:f7:6f:2a:fa:bf:3d:01:
61:ef:ff:f2:1f:1a:9c:1f:e7:b1:e9:28:17:43:fc:
60:90:44:e1:7b:a7:d7:56:82:52:5e:e6:ec:9d:a4:
ab:67:6a:a6:89:42:b6:d7:db:fc:c8:89:3d:27:a9:
b2:3b:c4:65:cb:70:15:21:64:ac:19:b6:49:18:e1:
64:f6:b8:33:f9:ba:5d:db:1b:54:bb:cb:a9:c6:e5:
73:13:01:95:8b:da:20:ad:d9:1c:57:18:cb:f2:5c:
a4:de:dd:14:d5:19:a2:66:f2:ef:0b:a5:5d:6e:a1:
c2:dd:71:0d:cf:e1:35:73:7f:f6:f2:9d:22:fc:97:
74:45:d6:0d:84:9a:da:f2:33:99:58:18:ce:75:4a:
4b:a7:be:3d:fb:8f:38:01:55:c6:4a:33:41:15:22:
e6:aa:c1:bf:4e:8f:b3:1a:51:d1:86:08:52:76:bc:
5f:07:71:e0:cf:4c:73:27:18:40:b3:de:c5:b9:ec:
3a:81:36:70:9f:e7:49:4c:c3:4f:bc:ec:37:19:e9:
07:a9:55:ed:b0:bf:68:44:b9:36:f1:3f:1b:db:bc:
0a:c2:b5:fe:7b:67:ba:7f:cf:8a:be:3c:64:e4:71:
c2:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:49:7D:2C:3B:97:87:BE:6D:F3:D4:37:4B:23:0F:D6:FB:D3:03:30
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/W0l9LDuXh75t89Q3SyMP1vvTAzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
15:26:5e:22:d7:f1:28:be:20:9e:ed:9c:63:fa:46:2c:b8:5e:
0e:60:87:17:d2:9a:09:0d:a2:16:f5:2b:2c:18:8f:3c:9a:5e:
44:e9:78:b6:2c:3f:c0:04:57:69:37:42:ce:34:5b:6e:36:6d:
a5:65:b7:81:90:7d:f8:fe:4d:70:c7:30:46:64:70:91:df:c8:
70:eb:b4:11:5d:bd:ca:23:c3:de:78:9d:35:36:bd:7b:d1:f6:
49:0e:2f:0f:47:be:df:c8:ab:a0:54:b8:32:40:0f:1e:50:8b:
cd:2b:d0:0d:d5:59:a6:fc:56:ae:79:d5:15:b0:89:a7:52:bc:
77:7f:af:da:8b:57:44:3f:89:59:80:a7:d0:38:1a:9b:ee:b6:
c4:5b:db:94:27:87:16:1f:26:8f:c9:4f:b7:7b:9f:63:f1:6b:
87:a1:46:d5:eb:cf:8c:17:58:58:f9:95:10:42:0f:a5:5a:a3:
33:08:4f:f9:03:5c:17:73:de:ec:99:3f:42:5f:ee:a1:27:ae:
f7:1d:f3:01:64:3d:27:89:bb:ec:31:2e:e9:36:8d:71:74:03:
fc:ab:1e:49:31:cc:0f:4a:8c:c1:66:1d:b0:24:ba:49:2d:64:
46:0a:74:5b:f4:2a:1f:93:cb:94:4e:60:0b:83:5e:29:11:7b:
ff:fe:41:a5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1uEJLFDEO/y/x8RrMMRiW+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMjAzMDgyMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjQ5N2QyYzNiOTc4N2JlNmRmM2Q0Mzc0YjIzMGZkNmZiZDMwMzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1VQ3YEImFt+1Ee+Juldn0MdUXzO
PvdvKvq/PQFh7//yHxqcH+ex6SgXQ/xgkEThe6fXVoJSXubsnaSrZ2qmiUK219v8
yIk9J6myO8Rly3AVIWSsGbZJGOFk9rgz+bpd2xtUu8upxuVzEwGVi9ogrdkcVxjL
8lyk3t0U1RmiZvLvC6VdbqHC3XENz+E1c3/28p0i/Jd0RdYNhJra8jOZWBjOdUpL
p749+484AVXGSjNBFSLmqsG/To+zGlHRhghSdrxfB3Hgz0xzJxhAs97Fuew6gTZw
n+dJTMNPvOw3GekHqVXtsL9oRLk28T8b27wKwrX+e2e6f8+Kvjxk5HHCgQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFtJfSw7l4e+bfPUN0sjD9b70wMwMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvVzBsOUxEdVhoNzV0ODlRM1N5TVAxdnZUQXpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDURaIAwQC
WbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQAVJl4i1/EoviCe7Zxj+kYsuF4O
YIcX0poJDaIW9SssGI88ml5E6Xi2LD/ABFdpN0LONFtuNm2lZbeBkH34/k1wxzBG
ZHCR38hw67QRXb3KI8PeeJ01Nr170fZJDi8PR77fyKugVLgyQA8eUIvNK9AN1Vmm
/FauedUVsImnUrx3f6/ai1dEP4lZgKfQOBqb7rbEW9uUJ4cWHyaPyU+3e59j8WuH
oUbV68+MF1hY+ZUQQg+lWqMzCE/5A1wXc97smT9CX+6hJ673HfMBZD0nibvsMS7p
No1xdAP8qx5JMcwPSozBZh2wJLpJLWRGCnRb9Cofk8uUTmALg14pEXv//kGl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org