Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/WEDy7Zfba6T9XdxikJVdeXIPHmQ.roa
File: WEDy7Zfba6T9XdxikJVdeXIPHmQ.roa (raw, json)
Hash identifier: DuCe03z7j1VsUe6AiaxQmNVFJ+YJQu1lCPcoIMi5JTA=
Subject key identifier: 58:40:F2:ED:97:DB:6B:A4:FD:5D:DC:62:90:95:5D:79:72:0F:1E:64
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018B3D4CD1562CD9363AAA47E7CFB0848672
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/WEDy7Zfba6T9XdxikJVdeXIPHmQ.roa
Signing time: Tue 17 Oct 2023 11:02:06 +0000
ROA not before: Tue 17 Oct 2023 11:02:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.185.24.0/22 maxlen: 24
109.72.116.0/24 maxlen: 24
109.72.116.0/22 maxlen: 24
109.72.117.0/24 maxlen: 24
109.72.118.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
81.22.130.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 19 Oct 2023 10:39:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3d:4c:d1:56:2c:d9:36:3a:aa:47:e7:cf:b0:84:86:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Oct 17 11:02:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5840f2ed97db6ba4fd5ddc6290955d79720f1e64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e6:7d:fa:34:23:ed:e8:ef:7c:71:88:24:95:
53:bb:46:4b:2e:5f:c5:cf:c2:9b:af:55:94:04:ba:
07:b3:71:ef:60:9d:46:dd:4a:4b:74:b0:d5:94:f3:
74:2c:c4:18:a2:6d:c7:a0:2d:fc:11:76:3f:17:ef:
3a:08:78:b7:90:e2:87:a3:ba:ea:e1:13:a5:8d:c8:
79:90:d0:95:86:fb:bd:03:69:46:b0:06:ad:b6:83:
39:a0:df:de:ef:9b:c8:83:c3:08:86:42:c5:d3:90:
a3:8d:76:73:32:7f:be:43:3c:ea:45:a6:00:b9:fc:
75:13:78:98:62:bc:fe:2f:cc:bd:11:5a:fc:7d:ad:
33:9c:81:a8:c6:ea:5f:3a:2f:90:4c:07:2a:92:ce:
19:c8:3b:13:e7:bf:e7:61:1c:c2:43:2e:89:3f:3e:
12:c9:0a:d3:36:aa:ff:ad:9d:c9:0b:f7:f7:d3:85:
aa:69:96:87:bf:46:f7:1e:0d:e5:46:97:f2:78:43:
47:52:f1:b1:82:86:c6:ed:16:66:14:bc:44:2b:86:
b4:8d:b1:ff:9d:64:32:cd:11:cf:1e:0a:30:90:55:
2a:45:8b:71:67:39:60:8c:61:31:69:e3:5e:24:da:
c2:58:ec:67:55:3e:00:03:0e:cb:3d:ad:08:d4:05:
60:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:40:F2:ED:97:DB:6B:A4:FD:5D:DC:62:90:95:5D:79:72:0F:1E:64
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/WEDy7Zfba6T9XdxikJVdeXIPHmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.130.0/24
89.185.0.0/22
89.185.24.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
86:6a:59:a3:cc:b2:f2:1e:80:af:25:3d:d8:1e:cb:1d:07:ca:
92:9c:43:85:9d:82:4b:ba:6c:17:7f:9f:f1:c7:fa:d3:77:5f:
5a:7f:ec:9d:a1:e0:a1:68:21:20:2e:52:13:17:af:8d:84:c9:
fc:08:1c:97:8f:82:5f:7d:67:9b:32:65:21:f0:fe:81:81:c1:
c6:62:4b:4f:f0:62:4e:16:a7:40:cc:75:6e:c8:8c:1c:f1:47:
da:06:e8:4a:c4:2c:0e:e5:16:8d:37:24:48:89:a2:aa:01:36:
d2:eb:31:72:ad:a6:cd:61:fe:2e:5a:78:ed:e0:c2:ea:c0:7b:
35:40:ec:0a:69:50:72:e8:ca:9c:fe:b8:24:2e:a7:00:f8:8b:
29:aa:57:af:17:42:9b:33:6b:00:9e:42:f6:cc:e8:8a:76:02:
a1:d2:ba:d6:3d:4f:e4:0b:3e:d3:fd:92:de:79:0d:31:dc:87:
55:84:05:b1:26:65:cc:a7:db:50:d1:0a:4b:b5:5e:ce:d6:e0:
46:6e:bb:35:bb:c7:da:c7:63:ae:12:f8:5c:27:b2:e2:5b:cd:
35:a4:14:d7:c1:87:31:e3:1b:91:90:2e:83:7b:b5:8e:80:3d:
1e:f5:54:61:2d:18:fe:bd:87:51:60:52:76:31:86:cc:a8:f7:
a2:e2:15:2d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYs9TNFWLNk2OqpH58+whIZyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMxMDE3MTEwMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODQwZjJlZDk3ZGI2YmE0ZmQ1ZGRjNjI5MDk1NWQ3OTcyMGYxZTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOZ9+jQj7ejvfHGIJJVTu0ZLLl/F
z8Kbr1WUBLoHs3HvYJ1G3UpLdLDVlPN0LMQYom3HoC38EXY/F+86CHi3kOKHo7rq
4ROljch5kNCVhvu9A2lGsAattoM5oN/e75vIg8MIhkLF05CjjXZzMn++QzzqRaYA
ufx1E3iYYrz+L8y9EVr8fa0znIGoxupfOi+QTAcqks4ZyDsT57/nYRzCQy6JPz4S
yQrTNqr/rZ3JC/f304WqaZaHv0b3Hg3lRpfyeENHUvGxgobG7RZmFLxEK4a0jbH/
nWQyzRHPHgowkFUqRYtxZzlgjGExaeNeJNrCWOxnVT4AAw7LPa0I1AVgUwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFhA8u2X22uk/V3cYpCVXXlyDx5kMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvV0VEeTdaZmJhNlQ5WGR4aWtKVmRlWElQSG1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAURaCAwQC
WbkAAwQCWbkYAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQCGalmjzLLyHoCvJT3Y
HssdB8qSnEOFnYJLumwXf5/xx/rTd19af+ydoeChaCEgLlITF6+NhMn8CByXj4Jf
fWebMmUh8P6BgcHGYktP8GJOFqdAzHVuyIwc8UfaBuhKxCwO5RaNNyRIiaKqATbS
6zFyrabNYf4uWnjt4MLqwHs1QOwKaVBy6Mqc/rgkLqcA+IspqlevF0KbM2sAnkL2
zOiKdgKh0rrWPU/kCz7T/ZLeeQ0x3IdVhAWxJmXMp9tQ0QpLtV7O1uBGbrs1u8fa
x2OuEvhcJ7LiW801pBTXwYcx4xuRkC6De7WOgD0e9VRhLRj+vYdRYFJ2MYbMqPei
4hUt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org