Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/X9IPUvmDxOsupIMu9thvlrUBi6A.roa
File: X9IPUvmDxOsupIMu9thvlrUBi6A.roa (raw, json)
Hash identifier: MCmIRHQxoudEeN9UDbbJK4X2YxzrUUD5pWWy0NilZXQ=
Subject key identifier: 5F:D2:0F:52:F9:83:C4:EB:2E:A4:83:2E:F6:D8:6F:96:B5:01:8B:A0
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018D51D217F05715BD6FB731F6008A5A8EB3
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/X9IPUvmDxOsupIMu9thvlrUBi6A.roa
Signing time: Sun 28 Jan 2024 20:45:39 +0000
ROA not before: Sun 28 Jan 2024 20:45:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.128.0/24 maxlen: 24
81.22.136.0/22 maxlen: 23
81.22.140.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
109.72.116.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jan 2024 09:09:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:51:d2:17:f0:57:15:bd:6f:b7:31:f6:00:8a:5a:8e:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 28 20:45:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5fd20f52f983c4eb2ea4832ef6d86f96b5018ba0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:dc:ef:1c:48:ce:7b:d5:09:c4:cf:81:55:2b:
b6:18:0b:f1:a9:9e:33:09:4c:dd:29:dc:a4:89:d9:
1d:d7:1f:11:b3:ca:d0:38:ff:d0:a0:6c:31:b8:09:
63:bc:14:54:bd:73:2c:de:52:2a:55:a0:a8:d5:7e:
1a:69:74:55:40:ed:ae:79:44:ad:19:65:66:f5:56:
d7:d3:d6:3c:b6:4b:af:45:03:39:3e:45:80:f2:f0:
e0:73:50:54:8f:b4:c5:39:43:69:8d:6a:f7:42:1d:
78:dd:87:cd:99:74:43:bf:31:79:4b:3a:1e:66:32:
76:a8:8d:f5:5f:e9:b4:fb:7b:f8:16:2f:9f:81:75:
f4:98:67:26:50:93:1b:25:7a:62:5b:6c:d7:9d:a9:
99:a4:26:55:15:92:ef:d9:f3:94:3e:3d:79:80:db:
75:68:aa:09:08:c5:e0:8d:ae:90:71:76:aa:25:3f:
99:93:c3:e7:01:e0:eb:e7:6c:7b:c3:51:f6:cf:a4:
13:53:46:7a:91:df:fc:80:2b:b0:59:29:fa:56:b1:
ca:8d:5d:f3:56:85:b4:3d:d0:61:71:8a:c9:e4:6d:
ad:17:7c:ee:c1:69:df:bb:ad:27:58:19:56:a6:ac:
b5:49:68:65:76:b1:b7:30:f3:51:1f:f3:a7:a9:38:
4e:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:D2:0F:52:F9:83:C4:EB:2E:A4:83:2E:F6:D8:6F:96:B5:01:8B:A0
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/X9IPUvmDxOsupIMu9thvlrUBi6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.128.0/24
81.22.136.0/21
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:28:2a:ec:c0:d1:b8:06:9f:08:6a:a3:49:6d:3b:ee:db:9d:
4e:12:24:6e:72:d9:d5:60:3b:b4:6d:dc:de:15:9f:01:1d:08:
bf:2a:69:9b:0a:81:9e:fb:42:6f:b9:59:eb:e8:1e:5c:fb:11:
a0:fd:ea:c3:61:a9:b2:b9:22:47:04:b0:7b:18:35:16:e4:6a:
03:93:91:70:a6:af:a9:80:f5:57:e5:11:5b:0e:41:19:ee:9a:
e7:29:c6:1e:ef:16:4e:a4:c9:23:f4:24:c6:69:0e:13:4e:0a:
64:45:b1:15:50:0c:6c:a1:3e:30:39:b5:70:8d:f4:81:43:17:
95:83:b8:e9:ac:c8:89:2b:c1:95:69:5a:38:e8:15:e4:e4:d9:
34:5f:63:38:68:4a:25:66:5c:ed:15:35:d6:ac:d1:8a:74:59:
df:bf:50:95:05:83:a7:09:08:25:ce:e4:f9:42:bf:c0:0d:7a:
19:3e:9c:b3:db:85:05:ec:8e:5f:bb:0a:73:82:80:89:aa:4d:
c7:cf:3b:47:24:c0:00:54:08:ee:7f:68:fd:86:18:1e:ef:b9:
ea:f9:62:6a:60:12:b5:26:71:ad:33:b5:c0:6d:f4:e4:a4:17:
dc:b6:23:cc:7c:8c:91:6b:7b:75:5f:3d:1f:b9:9d:df:a1:d5:
ea:88:f7:00
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY1R0hfwVxW9b7cx9gCKWo6zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMTI4MjA0NTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmQyMGY1MmY5ODNjNGViMmVhNDgzMmVmNmQ4NmY5NmI1MDE4YmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNzvHEjOe9UJxM+BVSu2GAvxqZ4z
CUzdKdykidkd1x8Rs8rQOP/QoGwxuAljvBRUvXMs3lIqVaCo1X4aaXRVQO2ueUSt
GWVm9VbX09Y8tkuvRQM5PkWA8vDgc1BUj7TFOUNpjWr3Qh143YfNmXRDvzF5Szoe
ZjJ2qI31X+m0+3v4Fi+fgXX0mGcmUJMbJXpiW2zXnamZpCZVFZLv2fOUPj15gNt1
aKoJCMXgja6QcXaqJT+Zk8PnAeDr52x7w1H2z6QTU0Z6kd/8gCuwWSn6VrHKjV3z
VoW0PdBhcYrJ5G2tF3zuwWnfu60nWBlWpqy1SWhldrG3MPNRH/OnqThOHwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFF/SD1L5g8TrLqSDLvbYb5a1AYugMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvWDlJUFV2bUR4T3N1cElNdTl0aHZsclVCaTZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAURaAAwQD
URaIAwQCWbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQA8KCrswNG4Bp8IaqNJ
bTvu251OEiRuctnVYDu0bdzeFZ8BHQi/KmmbCoGe+0JvuVnr6B5c+xGg/erDYamy
uSJHBLB7GDUW5GoDk5Fwpq+pgPVX5RFbDkEZ7prnKcYe7xZOpMkj9CTGaQ4TTgpk
RbEVUAxsoT4wObVwjfSBQxeVg7jprMiJK8GVaVo46BXk5Nk0X2M4aEolZlztFTXW
rNGKdFnfv1CVBYOnCQglzuT5Qr/ADXoZPpyz24UF7I5fuwpzgoCJqk3HzztHJMAA
VAjuf2j9hhge77nq+WJqYBK1JnGtM7XAbfTkpBfctiPMfIyRa3t1Xz0fuZ3fodXq
iPcA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org