Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/ZV5R7ZbzkXUrY1QIiJFBbmEiHCQ.roa
File: ZV5R7ZbzkXUrY1QIiJFBbmEiHCQ.roa (raw, json)
Hash identifier: lsosn3zNlGVfM26ke2vnO5bbZpVf2R2Ewp63y4E3U+k=
Subject key identifier: 65:5E:51:ED:96:F3:91:75:2B:63:54:08:88:91:41:6E:61:22:1C:24
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018C4BBF5A26A15DA674773B9E5892839888
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/ZV5R7ZbzkXUrY1QIiJFBbmEiHCQ.roa
Signing time: Fri 08 Dec 2023 23:24:40 +0000
ROA not before: Fri 08 Dec 2023 23:24:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21859
IP address blocks: 81.22.138.0/24 maxlen: 24
81.22.137.0/24 maxlen: 24
109.72.123.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Dec 2023 09:42:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:4b:bf:5a:26:a1:5d:a6:74:77:3b:9e:58:92:83:98:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Dec 8 23:24:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=655e51ed96f391752b6354088891416e61221c24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:92:f2:22:f0:e3:91:83:3b:54:09:91:20:25:
20:6b:30:d8:de:6c:99:bd:21:3c:2f:68:02:e1:72:
eb:18:ed:38:49:61:0b:62:c5:77:ca:ce:4a:86:84:
21:73:af:a5:6f:61:c1:d5:85:20:70:3f:31:4b:ca:
bd:57:41:10:03:8d:78:7e:ab:7c:06:52:09:01:77:
cb:3c:86:ba:b8:6d:9d:ae:97:61:e5:07:73:86:15:
02:50:4b:55:0c:e0:1e:a5:3c:33:ba:c5:2b:35:ee:
ef:06:5c:dd:49:5f:72:8e:8d:cd:ab:fc:19:b9:38:
1f:5c:8a:5c:bf:f9:e6:44:96:d5:eb:d8:de:15:4c:
d0:bc:d4:47:a9:35:17:96:b9:9a:7b:39:3a:42:c8:
68:eb:c1:df:20:33:ac:99:74:fc:fd:91:cc:1e:d7:
7a:1c:b6:de:31:26:7a:ae:d4:6d:91:18:8b:a7:87:
d6:1c:96:48:3b:b1:d2:c8:8e:21:9d:d5:c8:ac:e4:
03:68:c2:06:a1:d2:71:ae:83:65:af:f3:b2:87:89:
47:74:87:aa:21:8b:71:8d:b9:5a:61:c1:08:01:35:
98:8a:a9:50:b3:06:5e:de:e3:e6:97:32:64:3f:f6:
d6:28:6c:e1:3d:93:d1:98:c7:9c:4c:29:57:33:e7:
39:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:5E:51:ED:96:F3:91:75:2B:63:54:08:88:91:41:6E:61:22:1C:24
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/ZV5R7ZbzkXUrY1QIiJFBbmEiHCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.137.0-81.22.138.255
109.72.123.0/24
Signature Algorithm: sha256WithRSAEncryption
09:e7:bb:03:75:f2:2e:f8:ea:21:21:8f:a7:ed:3c:1d:bc:2a:
13:4d:5f:fd:7f:95:22:19:99:83:f1:65:c5:56:fa:48:9d:63:
43:bb:a1:f1:e2:76:9e:eb:85:f0:c9:79:dd:b3:aa:b4:4d:e4:
42:fe:51:08:1c:b1:c1:dc:6c:0c:0f:75:e4:20:fd:c2:0d:76:
fd:fa:d9:26:d6:c0:54:ef:ff:e8:5c:65:12:03:65:d3:d5:17:
ac:a2:f1:0f:23:d9:9d:b4:7a:08:3a:a9:fe:c7:f3:8c:44:d1:
37:98:da:cb:fe:07:de:d6:67:80:90:77:b2:c3:c8:22:53:71:
57:64:96:fa:a0:49:e3:87:95:90:20:d6:96:36:ba:ca:98:c2:
2c:00:e7:73:75:09:a4:26:b6:af:c1:6b:fe:cf:67:b0:64:7f:
6b:11:46:83:13:63:b7:24:06:ce:90:e1:06:87:7f:a2:6a:51:
42:fd:54:fa:98:48:e3:35:c6:d2:58:55:d0:ab:09:8a:4c:dc:
39:f5:ac:3c:92:0a:60:05:0d:b8:da:c7:b2:a9:e5:a1:5f:56:
68:a5:d5:a6:45:cd:f5:e6:45:0f:f7:2c:1f:1d:4e:94:1f:3e:
15:cf:24:d0:c7:6c:14:4b:f6:6a:fa:e0:a3:77:2f:55:2b:2e:
0a:d9:46:75
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYxLv1omoV2mdHc7nliSg5iIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMxMjA4MjMyNDQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTVlNTFlZDk2ZjM5MTc1MmI2MzU0MDg4ODkxNDE2ZTYxMjIxYzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6JLyIvDjkYM7VAmRICUgazDY3myZ
vSE8L2gC4XLrGO04SWELYsV3ys5KhoQhc6+lb2HB1YUgcD8xS8q9V0EQA414fqt8
BlIJAXfLPIa6uG2drpdh5QdzhhUCUEtVDOAepTwzusUrNe7vBlzdSV9yjo3Nq/wZ
uTgfXIpcv/nmRJbV69jeFUzQvNRHqTUXlrmaezk6Qsho68HfIDOsmXT8/ZHMHtd6
HLbeMSZ6rtRtkRiLp4fWHJZIO7HSyI4hndXIrOQDaMIGodJxroNlr/Oyh4lHdIeq
IYtxjblaYcEIATWYiqlQswZe3uPmlzJkP/bWKGzhPZPRmMecTClXM+c5FQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGVeUe2W85F1K2NUCIiRQW5hIhwkMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvWlY1UjdaYnprWFVyWTFRSWlKRkJibUVpSENRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABRFokD
BABRFooDBABtSHswDQYJKoZIhvcNAQELBQADggEBAAnnuwN18i746iEhj6ftPB28
KhNNX/1/lSIZmYPxZcVW+kidY0O7ofHidp7rhfDJed2zqrRN5EL+UQgcscHcbAwP
deQg/cINdv362SbWwFTv/+hcZRIDZdPVF6yi8Q8j2Z20egg6qf7H84xE0TeY2sv+
B97WZ4CQd7LDyCJTcVdklvqgSeOHlZAg1pY2usqYwiwA53N1CaQmtq/Ba/7PZ7Bk
f2sRRoMTY7ckBs6Q4QaHf6JqUUL9VPqYSOM1xtJYVdCrCYpM3Dn1rDySCmAFDbja
x7Kp5aFfVmil1aZFzfXmRQ/3LB8dTpQfPhXPJNDHbBRL9mr64KN3L1UrLgrZRnU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org