Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/X0tIk7lJxcZHarw2QChWWXKUJu0.roa
File: X0tIk7lJxcZHarw2QChWWXKUJu0.roa (raw, json)
Hash identifier: YUc9uSP9Ifvuq3SvifEzU78ZYcNBNWvDTKoav0fd0UU=
Subject key identifier: 5F:4B:48:93:B9:49:C5:C6:47:6A:BC:36:40:28:56:59:72:94:26:ED
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018D8816DA4B75FB518C1BF3AECDECD53DE9
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/X0tIk7lJxcZHarw2QChWWXKUJu0.roa
Signing time: Thu 08 Feb 2024 09:40:15 +0000
ROA not before: Thu 08 Feb 2024 09:40:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 23
81.22.137.0/24 maxlen: 24
81.22.138.0/24 maxlen: 24
81.22.140.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
109.72.116.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Feb 2024 08:40:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:88:16:da:4b:75:fb:51:8c:1b:f3:ae:cd:ec:d5:3d:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Feb 8 09:40:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f4b4893b949c5c6476abc3640285659729426ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:8a:2d:79:23:90:0a:a3:20:cc:f9:6d:91:00:
e2:7f:25:1f:76:5f:0d:d4:d8:80:ac:bf:9a:0f:a3:
fa:a1:f6:22:90:41:79:b2:63:78:0f:45:e9:bf:df:
30:43:fb:af:29:90:6c:ae:14:77:50:ce:23:28:fb:
11:5e:48:8e:cd:75:ee:f7:ca:2b:37:89:4a:63:d3:
ea:5f:a3:03:2e:4a:4d:02:d8:a3:82:4e:f4:1a:a3:
df:4e:57:a3:54:fa:9f:f6:54:92:bb:65:6c:c6:2a:
51:72:43:a0:04:ba:36:e6:ee:ed:ad:a9:55:73:16:
d8:6e:ff:4b:ba:5c:a1:0d:c2:6a:eb:d8:fd:67:17:
f9:75:36:f6:5b:34:c0:6c:95:b6:69:90:0e:e4:6d:
74:5c:23:e1:e7:4b:29:8b:ec:d2:d8:e3:49:39:4f:
96:0e:f7:f4:92:ed:a2:f0:cc:13:4d:7d:f0:51:08:
73:4e:7d:8f:21:5e:a9:36:80:b9:10:ea:bf:02:6d:
b6:b8:e0:13:33:d0:b0:90:77:70:82:2b:f7:2b:a9:
ac:f0:a3:c4:8c:7f:3a:57:7a:f5:8f:23:7a:f1:af:
19:e8:9a:64:2d:57:a7:bb:b7:f7:90:d0:83:97:b0:
aa:85:bb:8c:68:e4:ac:10:e3:3c:f5:72:8f:c4:8e:
e9:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:4B:48:93:B9:49:C5:C6:47:6A:BC:36:40:28:56:59:72:94:26:ED
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/X0tIk7lJxcZHarw2QChWWXKUJu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
38:73:58:9b:d0:48:5c:82:6c:13:1f:71:28:94:43:78:48:3f:
d9:4e:81:3f:a5:0b:73:f2:d4:15:fe:80:f2:55:72:d4:4d:1d:
7f:af:38:b1:4f:e7:46:7b:03:ee:b6:63:2c:4a:6b:42:3f:27:
ad:07:16:06:3e:be:a2:3f:1e:e9:b0:14:3f:86:04:71:e1:f7:
8b:6c:4e:57:b8:cc:e1:05:4c:43:00:f3:d2:c5:54:a4:7a:08:
be:52:75:3f:54:ba:95:97:14:d1:12:ce:1f:ef:46:b5:b2:ce:
8f:a3:a0:f1:f8:18:a1:78:aa:3a:05:f2:10:2a:26:60:58:b7:
56:79:53:1f:64:b6:fb:4b:cd:03:03:2a:f9:a0:ea:b3:e0:5b:
d3:56:6f:1c:1b:53:40:b9:7b:9d:dc:4f:68:5b:79:b4:b1:62:
5c:78:86:b7:30:41:91:0a:bb:d1:d3:29:51:21:e5:47:c5:1f:
72:92:57:44:90:a0:6c:22:c9:16:96:5f:bf:a8:01:20:29:9e:
f8:b1:ea:39:6c:47:10:35:65:3a:5c:b7:e2:31:3e:62:c4:97:
ee:1b:e3:db:cd:7f:fc:b8:85:83:68:15:8d:fb:8b:fc:a8:8c:
bd:ba:01:96:f0:98:98:8b:e2:11:8f:c7:59:a8:b4:49:fb:fc:
5d:b1:82:dd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2IFtpLdftRjBvzrs3s1T3pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMjA4MDk0MDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjRiNDg5M2I5NDljNWM2NDc2YWJjMzY0MDI4NTY1OTcyOTQyNmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgooteSOQCqMgzPltkQDifyUfdl8N
1NiArL+aD6P6ofYikEF5smN4D0Xpv98wQ/uvKZBsrhR3UM4jKPsRXkiOzXXu98or
N4lKY9PqX6MDLkpNAtijgk70GqPfTlejVPqf9lSSu2VsxipRckOgBLo25u7tralV
cxbYbv9LulyhDcJq69j9Zxf5dTb2WzTAbJW2aZAO5G10XCPh50spi+zS2ONJOU+W
Dvf0ku2i8MwTTX3wUQhzTn2PIV6pNoC5EOq/Am22uOATM9CwkHdwgiv3K6ms8KPE
jH86V3r1jyN68a8Z6JpkLVenu7f3kNCDl7CqhbuMaOSsEOM89XKPxI7puQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF9LSJO5ScXGR2q8NkAoVllylCbtMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvWDB0SWs3bEp4Y1pIYXJ3MlFDaFdXWEtVSnUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDURaIAwQC
WbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQA4c1ib0EhcgmwTH3EolEN4SD/Z
ToE/pQtz8tQV/oDyVXLUTR1/rzixT+dGewPutmMsSmtCPyetBxYGPr6iPx7psBQ/
hgRx4feLbE5XuMzhBUxDAPPSxVSkegi+UnU/VLqVlxTREs4f70a1ss6Po6Dx+Bih
eKo6BfIQKiZgWLdWeVMfZLb7S80DAyr5oOqz4FvTVm8cG1NAuXud3E9oW3m0sWJc
eIa3MEGRCrvR0ylRIeVHxR9ykldEkKBsIskWll+/qAEgKZ74seo5bEcQNWU6XLfi
MT5ixJfuG+PbzX/8uIWDaBWN+4v8qIy9ugGW8JiYi+IRj8dZqLRJ+/xdsYLd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org