Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/Y1yffBmyZsMNPDx8A3Ei0b4PVmw.roa
File: Y1yffBmyZsMNPDx8A3Ei0b4PVmw.roa (raw, json)
Hash identifier: QRNyuE+OV882bcpFSa0nWdj+oMOVuaZMF0KBFHJlRYs=
Subject key identifier: 63:5C:9F:7C:19:B2:66:C3:0D:3C:3C:7C:03:71:22:D1:BE:0F:56:6C
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018B00C3585DAC42D8A7B567815E8576C1F3
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/Y1yffBmyZsMNPDx8A3Ei0b4PVmw.roa
Signing time: Thu 05 Oct 2023 16:54:44 +0000
ROA not before: Thu 05 Oct 2023 16:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 81.22.135.0/24 maxlen: 24
109.72.116.0/24 maxlen: 24
109.72.120.0/24 maxlen: 24
109.72.127.0/24 maxlen: 24
89.185.1.0/24 maxlen: 24
89.185.3.0/24 maxlen: 24
81.22.128.0/24 maxlen: 24
81.22.129.0/24 maxlen: 24
81.22.130.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Oct 2023 09:18:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:00:c3:58:5d:ac:42:d8:a7:b5:67:81:5e:85:76:c1:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Oct 5 16:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=635c9f7c19b266c30d3c3c7c037122d1be0f566c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:12:81:ad:84:94:67:77:f5:45:74:f7:e6:7d:
fb:22:0d:35:5c:08:e3:cc:46:fe:4b:9e:62:15:ff:
6b:84:02:2d:ad:9f:ae:79:47:73:f8:17:5e:88:ec:
32:bd:b8:63:48:80:fc:06:27:f5:83:10:d1:1f:c5:
71:d4:c5:d9:f1:84:0e:ed:f9:7d:d5:8d:4a:1a:2e:
53:9e:98:c2:ac:37:90:5d:46:4a:c2:e2:27:bd:68:
d9:41:e8:c7:f2:8e:fe:5c:c7:f3:43:67:43:a9:fb:
d5:34:cc:33:09:ab:29:2f:9a:8c:cc:15:71:4b:55:
11:36:8b:7b:ea:ab:d1:10:83:96:03:40:4c:91:f1:
46:c9:57:b3:0c:26:9c:03:8e:58:51:54:26:b2:c0:
23:85:76:10:15:df:0f:c3:a3:b6:7c:a4:00:a4:6e:
85:d3:c3:a3:e2:c0:37:e0:85:a5:ff:42:2b:c9:a3:
ca:b5:5a:b0:e9:93:d1:64:0e:fe:5f:00:b3:12:e1:
fd:a5:a1:f8:0a:78:63:de:68:8b:e6:78:97:8b:2e:
2d:d1:0a:6f:94:22:41:ed:e7:65:33:7a:10:db:42:
d1:5c:f8:7b:b5:20:39:2b:17:b1:69:49:15:bf:1d:
bc:fc:e0:47:c2:de:28:f7:bc:f2:d0:89:2c:34:c0:
c6:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:5C:9F:7C:19:B2:66:C3:0D:3C:3C:7C:03:71:22:D1:BE:0F:56:6C
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/Y1yffBmyZsMNPDx8A3Ei0b4PVmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.128.0-81.22.130.255
81.22.135.0/24
89.185.1.0/24
89.185.3.0/24
109.72.116.0/24
109.72.120.0/24
109.72.127.0/24
Signature Algorithm: sha256WithRSAEncryption
17:f4:7c:3a:f6:d2:d6:69:af:cb:51:77:7e:2f:10:63:e9:51:
5c:e0:39:ba:b5:2e:e5:c4:7f:f6:d3:2c:39:6d:d0:cd:43:fb:
49:4b:b2:81:e7:8e:b1:3d:76:2d:82:78:42:0d:35:6a:80:0f:
75:7d:12:a1:fb:e4:b7:0d:38:12:29:4f:0c:05:e1:03:73:9e:
aa:23:63:81:53:d7:46:9e:c9:43:62:91:5c:0f:f2:eb:8b:0e:
a3:20:b9:57:0f:fc:87:f7:a6:d7:77:03:76:26:0a:78:d7:45:
d9:ca:07:cb:52:68:6e:d3:80:81:e5:d4:70:0e:c1:a2:51:86:
fc:b1:d1:92:bf:73:67:03:f5:48:f1:79:89:e5:67:22:07:f5:
b6:60:f5:78:57:d0:8f:85:33:68:b5:c0:2c:91:14:15:bd:04:
5c:e5:9c:47:74:d3:35:b5:6f:ee:e8:07:24:b2:c4:b3:1d:ad:
3e:db:85:3a:75:49:5d:22:f2:7c:ca:b1:1c:44:51:63:55:ea:
54:97:6a:92:9d:08:67:ad:d3:a4:81:ef:6d:ba:3b:45:6b:0a:
84:35:a6:06:81:49:05:52:4a:de:32:33:0f:9b:01:1b:11:97:
ca:02:b3:66:55:93:da:8b:82:f1:4a:a5:0f:ff:b2:ee:29:ab:
cc:84:cb:0c
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYsAw1hdrELYp7VngV6FdsHzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMxMDA1MTY1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzVjOWY3YzE5YjI2NmMzMGQzYzNjN2MwMzcxMjJkMWJlMGY1NjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhKBrYSUZ3f1RXT35n37Ig01XAjj
zEb+S55iFf9rhAItrZ+ueUdz+BdeiOwyvbhjSID8Bif1gxDRH8Vx1MXZ8YQO7fl9
1Y1KGi5TnpjCrDeQXUZKwuInvWjZQejH8o7+XMfzQ2dDqfvVNMwzCaspL5qMzBVx
S1URNot76qvREIOWA0BMkfFGyVezDCacA45YUVQmssAjhXYQFd8Pw6O2fKQApG6F
08Oj4sA34IWl/0IryaPKtVqw6ZPRZA7+XwCzEuH9paH4Cnhj3miL5niXiy4t0Qpv
lCJB7edlM3oQ20LRXPh7tSA5KxexaUkVvx28/OBHwt4o97zy0IksNMDGtwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFGNcn3wZsmbDDTw8fANxItG+D1ZsMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvWTF5ZmZCbXlac01OUER4OEEzRWkwYjRQVm13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyMAwDBAdRFoAD
BABRFoIDBABRFocDBABZuQEDBABZuQMDBABtSHQDBABtSHgDBABtSH8wDQYJKoZI
hvcNAQELBQADggEBABf0fDr20tZpr8tRd34vEGPpUVzgObq1LuXEf/bTLDlt0M1D
+0lLsoHnjrE9di2CeEINNWqAD3V9EqH75LcNOBIpTwwF4QNznqojY4FT10aeyUNi
kVwP8uuLDqMguVcP/If3ptd3A3YmCnjXRdnKB8tSaG7TgIHl1HAOwaJRhvyx0ZK/
c2cD9UjxeYnlZyIH9bZg9XhX0I+FM2i1wCyRFBW9BFzlnEd00zW1b+7oBySyxLMd
rT7bhTp1SV0i8nzKsRxEUWNV6lSXapKdCGet06SB7226O0VrCoQ1pgaBSQVSSt4y
Mw+bARsRl8oCs2ZVk9qLgvFKpQ//su4pq8yEyww=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org