Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/X-X9WGArEi8_QuLIAPJB5sI9dn8.roa
File: X-X9WGArEi8_QuLIAPJB5sI9dn8.roa (raw, json)
Hash identifier: WHajHvrpAEBaNkSyBmO0x7WMlbBnz7LvXXe7WoVjODg=
Subject key identifier: 5F:E5:FD:58:60:2B:12:2F:3F:42:E2:C8:00:F2:41:E6:C2:3D:76:7F
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018D453845BF3B424A369FCBBEA1925FE2E0
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/X-X9WGArEi8_QuLIAPJB5sI9dn8.roa
Signing time: Fri 26 Jan 2024 10:02:12 +0000
ROA not before: Fri 26 Jan 2024 10:02:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.128.0/24 maxlen: 24
81.22.136.0/22 maxlen: 23
81.22.140.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
109.72.116.0/22 maxlen: 24
109.72.116.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 28 Jan 2024 20:45:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:45:38:45:bf:3b:42:4a:36:9f:cb:be:a1:92:5f:e2:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 26 10:02:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5fe5fd58602b122f3f42e2c800f241e6c23d767f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:da:02:80:c1:d0:72:70:f2:b8:08:e3:6b:c5:
15:70:fc:b8:11:8e:57:98:bc:e8:a4:76:ce:a4:c3:
50:90:6c:66:98:29:e8:33:0a:ae:57:c0:02:d8:93:
23:23:34:56:35:4c:41:df:11:94:c0:79:d3:29:12:
ca:87:ca:71:d0:71:78:5e:87:5c:08:5f:3f:e6:f7:
c0:c5:74:96:30:6d:a9:bf:3b:58:2e:30:9f:1a:43:
46:e4:87:4c:f8:ce:1b:67:d4:e4:e4:50:6e:dc:4d:
59:50:d5:fe:7f:20:78:6b:45:6d:31:e9:53:08:d4:
be:8a:1e:c7:88:34:0e:c7:ce:62:fa:24:3e:c9:9a:
8a:0e:2b:68:fd:53:28:57:4e:dc:2c:1c:d0:07:b5:
25:c4:22:c8:b1:26:35:76:8d:3e:54:e4:d1:dd:e0:
23:e5:05:49:ea:58:30:8f:6e:2b:01:7a:7b:40:01:
65:92:76:80:fb:7b:8f:4a:70:2b:24:13:5d:ee:9b:
d0:e7:fd:5f:8c:f3:9c:06:a6:c0:ed:70:56:29:e6:
a3:90:19:79:fa:9c:34:35:c5:0b:fe:ef:af:c9:7a:
2c:98:a2:7e:f0:98:94:4b:a7:40:a7:0d:f2:16:11:
82:8d:24:5a:73:9d:28:f7:97:37:e1:91:85:60:54:
e6:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:E5:FD:58:60:2B:12:2F:3F:42:E2:C8:00:F2:41:E6:C2:3D:76:7F
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/X-X9WGArEi8_QuLIAPJB5sI9dn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.128.0/24
81.22.136.0/21
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:75:7f:5a:b7:ea:1e:2c:35:dd:1f:5f:b7:f2:c5:60:b8:33:
de:1a:b1:44:06:25:ff:ff:5d:96:59:4b:66:d8:27:68:c6:b2:
31:bd:f3:cc:5d:ad:b6:25:44:23:f7:32:b1:e8:d0:95:37:dd:
41:eb:41:62:cd:1e:58:8d:73:68:d3:69:31:21:90:d6:18:0d:
83:18:4c:53:67:84:41:06:a3:cb:38:64:0e:22:58:81:6e:b7:
96:3c:60:59:43:f8:59:b9:f8:df:dd:c2:d8:38:6e:1f:d4:9c:
78:c8:35:e0:21:44:88:36:2a:8f:65:d4:1b:cc:b4:2e:84:0a:
f9:86:34:7b:24:3c:d1:cb:84:54:9f:57:11:e4:f4:12:83:77:
f3:79:4c:6e:78:63:ef:71:06:fd:38:06:99:30:64:f6:bd:93:
be:2e:90:de:b4:c0:e8:56:60:96:f3:13:4c:70:67:59:7a:b9:
3e:03:26:8d:de:9d:e2:d1:6e:30:85:bb:98:d0:a2:06:58:b3:
73:3d:04:3e:cb:d1:11:0b:60:d3:4e:9f:23:05:1f:e5:96:a4:
b7:9e:d7:9b:a5:07:0e:64:3f:67:4e:14:cf:1e:bc:3a:91:76:
ce:b0:d3:e7:cb:7a:82:d4:3c:e2:c5:7a:15:a2:0b:2e:b2:97:
22:44:12:d4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY1FOEW/O0JKNp/LvqGSX+LgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMTI2MTAwMjEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmU1ZmQ1ODYwMmIxMjJmM2Y0MmUyYzgwMGYyNDFlNmMyM2Q3NjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitoCgMHQcnDyuAjja8UVcPy4EY5X
mLzopHbOpMNQkGxmmCnoMwquV8AC2JMjIzRWNUxB3xGUwHnTKRLKh8px0HF4Xodc
CF8/5vfAxXSWMG2pvztYLjCfGkNG5IdM+M4bZ9Tk5FBu3E1ZUNX+fyB4a0VtMelT
CNS+ih7HiDQOx85i+iQ+yZqKDito/VMoV07cLBzQB7UlxCLIsSY1do0+VOTR3eAj
5QVJ6lgwj24rAXp7QAFlknaA+3uPSnArJBNd7pvQ5/1fjPOcBqbA7XBWKeajkBl5
+pw0NcUL/u+vyXosmKJ+8JiUS6dApw3yFhGCjSRac50o95c34ZGFYFTmiQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFF/l/VhgKxIvP0LiyADyQebCPXZ/MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvWC1YOVdHQXJFaThfUXVMSUFQSkI1c0k5ZG44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAURaAAwQD
URaIAwQCWbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQB9dX9at+oeLDXdH1+3
8sVguDPeGrFEBiX//12WWUtm2CdoxrIxvfPMXa22JUQj9zKx6NCVN91B60FizR5Y
jXNo02kxIZDWGA2DGExTZ4RBBqPLOGQOIliBbreWPGBZQ/hZufjf3cLYOG4f1Jx4
yDXgIUSINiqPZdQbzLQuhAr5hjR7JDzRy4RUn1cR5PQSg3fzeUxueGPvcQb9OAaZ
MGT2vZO+LpDetMDoVmCW8xNMcGdZerk+AyaN3p3i0W4whbuY0KIGWLNzPQQ+y9ER
C2DTTp8jBR/llqS3ntebpQcOZD9nThTPHrw6kXbOsNPny3qC1DzixXoVogsuspci
RBLU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org