Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/XSkMysiiZrLE4RYXG5z8Pi9hNec.roa
File: XSkMysiiZrLE4RYXG5z8Pi9hNec.roa (raw, json)
Hash identifier: xx2XsSc8GAJLo64jYeIlykGb3NnfR9bi1G6nehxLkvc=
Subject key identifier: 5D:29:0C:CA:C8:A2:66:B2:C4:E1:16:17:1B:9C:FC:3E:2F:61:35:E7
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018B4C3E0A7C01D6769B61764017C54B56E6
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/XSkMysiiZrLE4RYXG5z8Pi9hNec.roa
Signing time: Fri 20 Oct 2023 08:40:16 +0000
ROA not before: Fri 20 Oct 2023 08:40:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 81.22.135.0/24 maxlen: 24
109.72.118.0/24 maxlen: 24
109.72.120.0/24 maxlen: 24
109.72.127.0/24 maxlen: 24
89.185.1.0/24 maxlen: 24
89.185.3.0/24 maxlen: 24
81.22.128.0/24 maxlen: 24
81.22.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 Nov 2023 09:20:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4c:3e:0a:7c:01:d6:76:9b:61:76:40:17:c5:4b:56:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Oct 20 08:40:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d290ccac8a266b2c4e116171b9cfc3e2f6135e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:7d:28:f5:5a:44:a1:96:f6:7c:14:98:21:77:
cf:dc:0e:8b:7b:39:f1:0e:96:83:86:1a:8d:d7:5f:
b6:a0:02:38:28:07:c6:27:ef:54:08:e1:7c:c5:23:
c8:b1:fb:be:ed:36:e7:d0:f1:77:2c:5b:60:65:f1:
f4:f0:e1:f9:13:27:1f:55:b7:4b:68:df:8a:78:0b:
ea:6a:60:d1:bf:da:bb:34:7c:e7:2e:2e:20:c9:63:
ba:4b:58:d8:de:a1:65:23:fb:11:dc:aa:c7:1b:8f:
da:66:c5:e7:55:6d:a2:1c:24:5c:b1:c4:0f:d3:1d:
25:90:c6:50:f4:bf:bc:b9:e5:12:1b:c7:5d:98:11:
52:c7:07:a6:35:73:cc:c8:df:0d:d9:47:98:92:2f:
d7:91:1b:43:ac:1c:14:5c:e2:ab:6c:a7:4c:6f:f2:
47:4f:d4:32:19:8c:95:f6:f6:62:8a:20:f3:ab:8f:
13:75:6f:92:fa:37:92:95:26:0f:46:d8:22:de:7f:
e6:ee:c8:99:81:d1:47:9f:ba:ad:10:10:09:90:17:
25:c5:ff:24:f9:3c:86:5d:39:d9:2b:48:f6:f8:0b:
f9:cb:c1:63:5e:d5:8f:33:3e:0a:a2:a4:7e:d0:15:
9e:63:c0:6b:4d:a9:a8:48:f8:83:07:05:e7:21:88:
ee:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:29:0C:CA:C8:A2:66:B2:C4:E1:16:17:1B:9C:FC:3E:2F:61:35:E7
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/XSkMysiiZrLE4RYXG5z8Pi9hNec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.128.0/23
81.22.135.0/24
89.185.1.0/24
89.185.3.0/24
109.72.118.0/24
109.72.120.0/24
109.72.127.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:89:93:d0:f8:b0:ff:3e:73:89:8d:a4:ad:b9:ee:29:7d:3d:
10:90:e1:c8:ad:46:6f:17:04:81:42:f9:9e:e8:28:80:56:92:
11:d2:93:38:e4:79:42:94:8a:85:0e:14:c8:8d:9d:b9:67:2f:
ee:92:66:49:e5:18:6d:4b:da:2e:3b:2b:ad:0b:77:4c:12:91:
46:97:ec:f1:67:48:b0:48:e2:0b:74:fb:66:37:b6:ba:36:4f:
bf:c5:f3:ca:16:74:4b:e1:8d:fa:25:77:02:f9:99:87:eb:d4:
3a:6c:3f:c4:1f:4a:a8:3a:55:06:05:5e:e7:7e:e4:62:ce:7f:
68:b4:af:5c:06:21:4b:6a:70:ab:2a:f5:fd:fe:d9:73:17:62:
0d:76:9c:ee:5f:0c:dd:7f:db:bf:aa:c3:90:31:64:c2:75:f9:
3e:c3:c5:e5:d6:f0:41:ae:c6:6c:67:bd:6d:0f:34:37:51:4c:
92:63:7e:d6:dc:72:f4:f4:43:0d:4f:51:bd:e0:e9:e9:a2:2d:
6a:63:c0:d4:04:0c:56:6c:5a:ff:f6:fa:81:36:c8:b8:96:0f:
48:f6:95:4f:af:4e:7b:4f:48:64:29:db:91:c0:a2:38:be:5e:
8e:96:34:85:bc:4c:05:e5:c5:2d:c8:ba:cc:88:f9:09:dd:d8:
af:73:60:e9
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYtMPgp8AdZ2m2F2QBfFS1bmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMxMDIwMDg0MDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDI5MGNjYWM4YTI2NmIyYzRlMTE2MTcxYjljZmMzZTJmNjEzNWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnn0o9VpEoZb2fBSYIXfP3A6Leznx
DpaDhhqN11+2oAI4KAfGJ+9UCOF8xSPIsfu+7Tbn0PF3LFtgZfH08OH5EycfVbdL
aN+KeAvqamDRv9q7NHznLi4gyWO6S1jY3qFlI/sR3KrHG4/aZsXnVW2iHCRcscQP
0x0lkMZQ9L+8ueUSG8ddmBFSxwemNXPMyN8N2UeYki/XkRtDrBwUXOKrbKdMb/JH
T9QyGYyV9vZiiiDzq48TdW+S+jeSlSYPRtgi3n/m7siZgdFHn7qtEBAJkBclxf8k
+TyGXTnZK0j2+Av5y8FjXtWPMz4KoqR+0BWeY8BrTamoSPiDBwXnIYju9wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFF0pDMrIomayxOEWFxuc/D4vYTXnMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvWFNrTXlzaWlackxFNFJZWEc1ejhQaTloTmVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBURaAAwQA
URaHAwQAWbkBAwQAWbkDAwQAbUh2AwQAbUh4AwQAbUh/MA0GCSqGSIb3DQEBCwUA
A4IBAQAviZPQ+LD/PnOJjaStue4pfT0QkOHIrUZvFwSBQvme6CiAVpIR0pM45HlC
lIqFDhTIjZ25Zy/ukmZJ5RhtS9ouOyutC3dMEpFGl+zxZ0iwSOILdPtmN7a6Nk+/
xfPKFnRL4Y36JXcC+ZmH69Q6bD/EH0qoOlUGBV7nfuRizn9otK9cBiFLanCrKvX9
/tlzF2INdpzuXwzdf9u/qsOQMWTCdfk+w8Xl1vBBrsZsZ71tDzQ3UUySY37W3HL0
9EMNT1G94Onpoi1qY8DUBAxWbFr/9vqBNsi4lg9I9pVPr057T0hkKduRwKI4vl6O
ljSFvEwF5cUtyLrMiPkJ3divc2Dp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org