Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/Z6K74TZpWL9gvile2S9hQgwVa30.roa
File: Z6K74TZpWL9gvile2S9hQgwVa30.roa (raw, json)
Hash identifier: QD5Fn0SNj4yPN/wlczCwS3hjSKKPFMb3r+IaiJdd/mU=
Subject key identifier: 67:A2:BB:E1:36:69:58:BF:60:BE:29:5E:D9:2F:61:42:0C:15:6B:7D
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0188BF8BB81A37A9065F1B37CF9C706D1E8B
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/Z6K74TZpWL9gvile2S9hQgwVa30.roa
Signing time: Thu 15 Jun 2023 14:53:04 +0000
ROA not before: Thu 15 Jun 2023 14:53:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 81.22.140.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
81.22.131.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Jun 2023 09:09:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:bf:8b:b8:1a:37:a9:06:5f:1b:37:cf:9c:70:6d:1e:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jun 15 14:53:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67a2bbe1366958bf60be295ed92f61420c156b7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:47:c8:f3:51:86:e9:f5:c5:a0:fd:dc:b0:a1:
da:b4:cf:f1:5b:e3:bb:7f:ee:7d:9a:28:e5:51:4c:
c8:2e:8b:65:e1:94:51:d9:b9:a9:7b:36:93:6e:85:
00:3e:b0:c7:88:62:df:08:83:c6:2b:a9:34:1c:33:
45:53:93:6c:9e:ea:c3:37:09:b0:27:21:67:59:66:
6d:c8:33:e8:a0:ed:95:46:a2:f5:4c:5f:57:10:6e:
6e:1e:39:73:65:5b:91:61:cc:68:f7:91:e9:ef:ee:
a4:75:a2:2c:32:6a:14:b3:82:88:a4:15:34:fc:55:
d9:b9:ab:1c:4f:9c:e0:e9:88:11:c9:ca:c7:93:6f:
ef:f0:ce:9d:60:3a:97:4a:5f:dc:6d:85:44:80:ca:
b0:b1:3d:0c:94:f3:79:55:d3:0b:5e:df:82:b1:e3:
02:57:eb:2b:6e:06:70:d9:37:6e:37:50:18:9e:d4:
06:97:ea:fb:41:2f:6a:28:17:23:27:31:7c:bd:83:
23:05:c4:1e:8e:13:6f:94:48:ad:fd:46:2e:46:26:
74:be:3e:ca:ec:e6:ed:96:42:02:c3:94:db:6c:b1:
61:f5:0c:c5:56:3f:b9:af:54:7d:94:ef:af:04:9a:
5f:e8:5d:32:34:ee:54:2b:9c:5f:55:b6:f0:6b:b9:
32:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:A2:BB:E1:36:69:58:BF:60:BE:29:5E:D9:2F:61:42:0C:15:6B:7D
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/Z6K74TZpWL9gvile2S9hQgwVa30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.131.0/24
81.22.140.0/22
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
30:b6:c7:f5:e1:21:00:75:da:bf:0b:4a:a2:d6:f9:08:a6:de:
f4:90:39:18:8b:cf:35:b2:8a:27:c5:f2:d6:0f:e8:58:f7:02:
c3:2c:4a:32:d0:c4:b2:a7:33:59:3a:e1:9b:af:97:0d:d1:91:
81:aa:71:fe:3f:1e:f8:2d:c8:43:36:8c:d9:69:8a:e3:33:ed:
03:ae:03:aa:53:dc:7b:23:ca:a1:e6:94:c2:93:3d:d3:a3:37:
31:e3:bc:7f:c0:6a:4f:cd:9e:88:92:a2:33:fa:0a:a5:59:3f:
9e:1d:9f:0e:46:26:84:c3:b7:01:2a:81:33:ee:8a:98:0e:64:
15:c7:1e:27:b0:52:40:8f:e1:75:58:f1:f5:94:45:e8:93:90:
08:3a:31:56:d3:72:25:30:28:cb:12:6d:a1:59:90:15:2e:c3:
2d:39:45:7f:53:4a:54:13:5d:21:cc:08:ca:d1:36:5d:ee:e1:
f1:ce:91:a9:5a:b0:cf:ab:f9:fb:01:6e:14:63:fa:c2:91:7a:
57:f7:fe:4d:99:0a:72:40:2f:23:45:95:fe:73:1b:77:fe:d5:
a3:60:a4:6a:e4:80:d8:ac:bc:3a:26:7a:41:5f:aa:04:1d:05:
29:b1:f3:2e:e5:ed:f5:e4:4c:0d:45:7c:9d:aa:88:b1:fb:99:
bf:01:68:23
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYi/i7gaN6kGXxs3z5xwbR6LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwNjE1MTQ1MzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2EyYmJlMTM2Njk1OGJmNjBiZTI5NWVkOTJmNjE0MjBjMTU2YjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkfI81GG6fXFoP3csKHatM/xW+O7
f+59mijlUUzILotl4ZRR2bmpezaTboUAPrDHiGLfCIPGK6k0HDNFU5NsnurDNwmw
JyFnWWZtyDPooO2VRqL1TF9XEG5uHjlzZVuRYcxo95Hp7+6kdaIsMmoUs4KIpBU0
/FXZuascT5zg6YgRycrHk2/v8M6dYDqXSl/cbYVEgMqwsT0MlPN5VdMLXt+CseMC
V+srbgZw2TduN1AYntQGl+r7QS9qKBcjJzF8vYMjBcQejhNvlEit/UYuRiZ0vj7K
7ObtlkICw5TbbLFh9QzFVj+5r1R9lO+vBJpf6F0yNO5UK5xfVbbwa7ky2wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGeiu+E2aVi/YL4pXtkvYUIMFWt9MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvWjZLNzRUWnBXTDlndmlsZTJTOWhRZ3dWYTMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAURaDAwQC
URaMAwQCWbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQAwtsf14SEAddq/C0qi
1vkIpt70kDkYi881soonxfLWD+hY9wLDLEoy0MSypzNZOuGbr5cN0ZGBqnH+Px74
LchDNozZaYrjM+0DrgOqU9x7I8qh5pTCkz3Tozcx47x/wGpPzZ6IkqIz+gqlWT+e
HZ8ORiaEw7cBKoEz7oqYDmQVxx4nsFJAj+F1WPH1lEXok5AIOjFW03IlMCjLEm2h
WZAVLsMtOUV/U0pUE10hzAjK0TZd7uHxzpGpWrDPq/n7AW4UY/rCkXpX9/5NmQpy
QC8jRZX+cxt3/tWjYKRq5IDYrLw6JnpBX6oEHQUpsfMu5e315EwNRXydqoix+5m/
AWgj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org