Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/XaxtvG-9yMB_LXXBfIXmJl_29Ws.roa
File: XaxtvG-9yMB_LXXBfIXmJl_29Ws.roa (raw, json)
Hash identifier: mRDcW4RUbW/gXyh6tu60/nwQ3jOc7Y4Amoq8qpcGWQ8=
Subject key identifier: 5D:AC:6D:BC:6F:BD:C8:C0:7F:2D:75:C1:7C:85:E6:26:5F:F6:F5:6B
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018AD3057E39A9FD35551DBA36FEBDBB4ED0
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/XaxtvG-9yMB_LXXBfIXmJl_29Ws.roa
Signing time: Tue 26 Sep 2023 19:44:27 +0000
ROA not before: Tue 26 Sep 2023 19:44:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 81.22.135.0/24 maxlen: 24
109.72.116.0/24 maxlen: 24
109.72.120.0/24 maxlen: 24
109.72.127.0/24 maxlen: 24
89.185.1.0/24 maxlen: 24
81.22.128.0/24 maxlen: 24
81.22.129.0/24 maxlen: 24
81.22.130.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Oct 2023 16:54:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d3:05:7e:39:a9:fd:35:55:1d:ba:36:fe:bd:bb:4e:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Sep 26 19:44:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5dac6dbc6fbdc8c07f2d75c17c85e6265ff6f56b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:53:a4:ca:18:a1:d6:47:e0:61:72:a4:a6:72:
8e:3e:5b:3f:1f:62:b6:ea:42:ad:97:06:65:02:45:
73:2a:0d:78:9a:81:d7:82:9b:9a:e6:6f:1d:f3:38:
1b:35:78:e7:26:93:2f:19:97:75:48:f1:88:9b:46:
ff:d2:45:e3:8c:35:16:26:31:38:1a:b5:a5:4e:37:
36:2a:09:0e:db:df:82:43:fb:53:60:51:54:95:38:
2a:da:5a:52:77:33:7b:47:5c:48:6a:7c:4e:3d:6d:
d2:02:15:6a:17:a2:49:38:ef:4d:0f:1b:f1:a6:91:
78:7a:73:77:ae:71:ad:42:6e:20:b2:a2:00:3a:be:
0c:d5:19:b9:ce:f3:da:c3:d1:ba:a8:b2:c3:3f:1e:
2e:f4:32:6d:58:e7:0c:a9:9e:b3:9e:11:7a:8d:8e:
3b:bd:2c:36:b2:b1:5f:55:f4:8d:59:74:a1:4d:8e:
2b:ec:cc:c1:82:ad:82:62:31:45:9e:f7:aa:64:47:
9e:b5:05:d9:cd:19:cc:7e:87:c0:7b:21:15:ef:14:
1d:82:cf:d9:eb:14:76:a5:04:a1:04:6b:de:e6:7e:
a4:d0:d7:62:ac:f8:aa:a6:0e:a8:77:0d:f4:27:eb:
82:d3:e8:7c:0b:3c:b3:5f:9f:19:1f:c4:c9:8e:0f:
27:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:AC:6D:BC:6F:BD:C8:C0:7F:2D:75:C1:7C:85:E6:26:5F:F6:F5:6B
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/XaxtvG-9yMB_LXXBfIXmJl_29Ws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.128.0-81.22.130.255
81.22.135.0/24
89.185.1.0/24
109.72.116.0/24
109.72.120.0/24
109.72.127.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:f6:fc:16:57:87:5c:e7:a7:e5:83:d8:9b:b1:b9:49:97:cc:
1b:ad:38:33:2e:92:66:64:c0:91:66:4f:4e:17:78:9c:58:a7:
df:0d:08:3d:d6:5e:93:58:cc:1d:fd:18:d1:f8:c6:27:fe:2e:
6e:23:a8:73:0f:34:16:41:a0:73:3e:c2:71:98:46:8e:f3:b5:
72:fd:00:21:f0:71:88:82:9e:5b:25:95:35:d7:d3:d6:70:3b:
3b:8f:18:0f:1a:c4:3e:c1:a6:8f:5d:93:e2:1d:5e:a7:a3:ca:
b1:f4:6f:f1:6e:ac:64:ec:ba:ab:7d:1d:cd:fd:38:5f:55:51:
41:a5:4d:92:2a:4f:46:33:29:69:c0:a6:9e:93:36:fe:bb:eb:
95:0a:9a:cc:7c:e3:0e:20:75:90:d6:42:11:6b:0a:72:dd:26:
35:b0:99:1c:53:d1:4d:8b:5b:a6:7c:69:64:5a:71:7f:58:14:
6b:3f:27:c6:cc:88:32:22:47:53:5e:94:1b:88:85:c7:9a:7c:
df:16:4e:65:a5:af:60:cb:d2:3d:4f:ef:57:ff:f4:1c:a0:9c:
5e:b1:32:b9:1e:8b:4b:c7:77:d8:73:ef:83:05:00:63:a2:41:
f9:9c:ad:db:3c:77:b9:4e:94:f3:6b:a7:14:33:c7:fd:d3:9d:
76:11:4c:98
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYrTBX45qf01VR26Nv69u07QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwOTI2MTk0NDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGFjNmRiYzZmYmRjOGMwN2YyZDc1YzE3Yzg1ZTYyNjVmZjZmNTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFOkyhih1kfgYXKkpnKOPls/H2K2
6kKtlwZlAkVzKg14moHXgpua5m8d8zgbNXjnJpMvGZd1SPGIm0b/0kXjjDUWJjE4
GrWlTjc2KgkO29+CQ/tTYFFUlTgq2lpSdzN7R1xIanxOPW3SAhVqF6JJOO9NDxvx
ppF4enN3rnGtQm4gsqIAOr4M1Rm5zvPaw9G6qLLDPx4u9DJtWOcMqZ6znhF6jY47
vSw2srFfVfSNWXShTY4r7MzBgq2CYjFFnveqZEeetQXZzRnMfofAeyEV7xQdgs/Z
6xR2pQShBGve5n6k0NdirPiqpg6odw30J+uC0+h8CzyzX58ZH8TJjg8newIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFF2sbbxvvcjAfy11wXyF5iZf9vVrMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvWGF4dHZHLTl5TUJfTFhYQmZJWG1KbF8yOVdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBAdRFoAD
BABRFoIDBABRFocDBABZuQEDBABtSHQDBABtSHgDBABtSH8wDQYJKoZIhvcNAQEL
BQADggEBAH32/BZXh1znp+WD2JuxuUmXzButODMukmZkwJFmT04XeJxYp98NCD3W
XpNYzB39GNH4xif+Lm4jqHMPNBZBoHM+wnGYRo7ztXL9ACHwcYiCnlsllTXX09Zw
OzuPGA8axD7Bpo9dk+IdXqejyrH0b/FurGTsuqt9Hc39OF9VUUGlTZIqT0YzKWnA
pp6TNv6765UKmsx84w4gdZDWQhFrCnLdJjWwmRxT0U2LW6Z8aWRacX9YFGs/J8bM
iDIiR1NelBuIhceafN8WTmWlr2DL0j1P71f/9BygnF6xMrkei0vHd9hz74MFAGOi
Qfmcrds8d7lOlPNrpxQzx/3TnXYRTJg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org