Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/YdUp5dGchW32Wz41qEG_P6ifL-Q.roa
File: YdUp5dGchW32Wz41qEG_P6ifL-Q.roa (raw, json)
Hash identifier: KZ8E5Lw2tlqko/cfL/cpfeB5eSvyGm5cG764cA0IB8Q=
Subject key identifier: 61:D5:29:E5:D1:9C:85:6D:F6:5B:3E:35:A8:41:BF:3F:A8:9F:2F:E4
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018B380A139FF0A09A52BBF472776DECFB51
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/YdUp5dGchW32Wz41qEG_P6ifL-Q.roa
Signing time: Mon 16 Oct 2023 10:31:06 +0000
ROA not before: Mon 16 Oct 2023 10:31:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.185.24.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 16 Oct 2023 11:08:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:38:0a:13:9f:f0:a0:9a:52:bb:f4:72:77:6d:ec:fb:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Oct 16 10:31:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61d529e5d19c856df65b3e35a841bf3fa89f2fe4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:69:56:df:00:29:1c:43:08:33:f4:74:06:f6:
4b:ff:c0:bd:6b:34:e7:55:d9:96:22:b5:f0:87:ab:
a0:c4:5b:8a:a7:01:d3:39:a7:43:5e:23:12:38:33:
e8:ca:ee:e2:0c:87:f1:88:91:13:4f:68:9a:07:d3:
6e:8a:ff:f1:d7:43:78:fe:4a:4d:93:d1:26:6c:b3:
6f:8b:68:87:d0:88:25:c1:cc:6d:37:1d:fe:48:e8:
c7:62:8c:8a:cd:0c:5c:f0:ed:ed:60:8b:93:82:3d:
36:90:ed:f0:72:28:c8:bc:0b:2b:ad:cc:ce:c8:57:
6f:2c:97:04:bf:d0:8c:31:e1:fe:b4:fc:ba:ec:56:
dd:f1:50:4c:79:66:c0:ef:74:c4:4e:e1:fe:4e:fe:
a2:b3:e8:7e:e2:98:f3:95:b5:e4:79:7c:88:23:15:
9b:a7:61:8e:9f:4e:fa:46:b3:6c:18:16:57:3b:40:
08:8d:d9:1c:28:65:93:02:49:4d:31:8c:04:66:e2:
a1:34:ae:72:e2:5f:9c:a1:b4:cf:e4:00:1a:e8:f9:
bd:61:e8:8c:80:a2:29:95:8a:95:34:5b:ba:46:92:
42:ca:13:5c:e4:a2:4e:1a:0a:71:d3:1e:cc:36:13:
27:d8:21:2f:b9:31:1b:c1:04:0b:ec:9f:1f:10:dd:
4c:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:D5:29:E5:D1:9C:85:6D:F6:5B:3E:35:A8:41:BF:3F:A8:9F:2F:E4
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/YdUp5dGchW32Wz41qEG_P6ifL-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.0.0/22
89.185.24.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:6c:f7:32:3b:e8:ef:ff:86:24:8d:a2:93:e1:27:d9:29:0c:
7a:3b:4a:5b:a0:ac:10:0b:5e:c9:28:13:05:ad:28:5d:15:6f:
2c:df:7f:79:ff:69:3b:c9:6c:4d:3d:77:ac:4d:04:75:82:71:
f5:eb:3c:ee:03:7c:31:67:d2:49:62:cf:f2:f1:06:6e:4c:bf:
d9:72:67:d2:12:5c:c9:4a:1c:10:eb:76:1d:50:76:56:df:40:
7b:79:7f:77:80:97:7d:80:8c:8f:d2:3f:9c:d9:c1:51:3a:76:
a3:bd:44:1e:ed:9b:d1:c9:4e:97:dc:91:e2:1f:69:6c:98:6d:
49:4a:05:5e:bb:c7:dd:4e:68:f6:4e:29:b8:df:60:09:26:50:
25:1d:f1:6d:f9:f3:da:17:8d:ab:ca:4e:85:1d:e3:e4:16:d2:
e7:bb:33:a9:84:22:07:98:40:61:c5:86:50:9f:69:6f:f7:73:
9a:ae:49:c0:ff:89:8f:62:60:8d:9e:26:83:6e:10:b0:6a:28:
fd:39:f3:b9:0c:c4:51:91:86:f6:fd:57:c8:91:78:d1:f5:f2:
f7:36:6d:e6:0c:5e:ab:7d:bc:4d:b8:20:ac:f2:e0:ce:3c:5c:
ea:cf:dd:b1:a7:c7:6e:d9:be:3f:86:88:ae:51:28:f9:b4:5b:
3c:6d:53:9e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYs4ChOf8KCaUrv0cndt7PtRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMxMDE2MTAzMTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWQ1MjllNWQxOWM4NTZkZjY1YjNlMzVhODQxYmYzZmE4OWYyZmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2lW3wApHEMIM/R0BvZL/8C9azTn
VdmWIrXwh6ugxFuKpwHTOadDXiMSODPoyu7iDIfxiJETT2iaB9Nuiv/x10N4/kpN
k9EmbLNvi2iH0IglwcxtNx3+SOjHYoyKzQxc8O3tYIuTgj02kO3wcijIvAsrrczO
yFdvLJcEv9CMMeH+tPy67Fbd8VBMeWbA73TETuH+Tv6is+h+4pjzlbXkeXyIIxWb
p2GOn076RrNsGBZXO0AIjdkcKGWTAklNMYwEZuKhNK5y4l+cobTP5AAa6Pm9YeiM
gKIplYqVNFu6RpJCyhNc5KJOGgpx0x7MNhMn2CEvuTEbwQQL7J8fEN1M9wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGHVKeXRnIVt9ls+NahBvz+ony/kMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvWWRVcDVkR2NoVzMyV3o0MXFFR19QNmlmTC1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCWbkAAwQC
WbkYAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQAbbPcyO+jv/4YkjaKT4SfZKQx6
O0pboKwQC17JKBMFrShdFW8s3395/2k7yWxNPXesTQR1gnH16zzuA3wxZ9JJYs/y
8QZuTL/ZcmfSElzJShwQ63YdUHZW30B7eX93gJd9gIyP0j+c2cFROnajvUQe7ZvR
yU6X3JHiH2lsmG1JSgVeu8fdTmj2Tim432AJJlAlHfFt+fPaF42ryk6FHePkFtLn
uzOphCIHmEBhxYZQn2lv93OarknA/4mPYmCNniaDbhCwaij9OfO5DMRRkYb2/VfI
kXjR9fL3Nm3mDF6rfbxNuCCs8uDOPFzqz92xp8du2b4/hoiuUSj5tFs8bVOe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org