Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/_POEvTo7P9r4VF451YIhCiOWL6I.roa
File: _POEvTo7P9r4VF451YIhCiOWL6I.roa (raw, json)
Hash identifier: cbABFKQatm7wqDgV5SStsr9lpF2pQLanI5xPDc5aHdg=
Subject key identifier: FC:F3:84:BD:3A:3B:3F:DA:F8:54:5E:39:D5:82:21:0A:23:96:2F:A2
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018A0275BAD585EAA814BC23343011D88C31
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/_POEvTo7P9r4VF451YIhCiOWL6I.roa
Signing time: Thu 17 Aug 2023 07:46:24 +0000
ROA not before: Thu 17 Aug 2023 07:46:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 81.22.135.0/24 maxlen: 24
109.72.116.0/22 maxlen: 24
109.72.120.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
81.22.132.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 20 Aug 2023 05:39:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:02:75:ba:d5:85:ea:a8:14:bc:23:34:30:11:d8:8c:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Aug 17 07:46:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fcf384bd3a3b3fdaf8545e39d582210a23962fa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:10:1f:ca:f5:d7:0a:c0:54:39:2b:a7:00:11:
f5:ad:07:0e:9e:dd:f5:31:b2:d0:be:7e:29:40:17:
a5:07:6a:21:db:15:f8:d5:7e:29:26:c0:3c:15:17:
ad:8b:1e:1e:cd:82:dc:63:17:08:92:01:b7:e4:46:
b9:ad:1c:3e:37:8a:f7:c1:40:5b:e0:15:69:7a:17:
57:c0:3c:4b:08:76:58:34:d1:f2:84:09:09:98:3d:
5d:c9:f1:d1:8b:5a:3a:fa:8a:fd:ed:f1:74:4f:c2:
00:fe:55:54:4f:92:90:3f:6a:e8:c9:9c:e5:1e:38:
02:0e:74:4c:bb:1b:cf:74:5d:99:70:cd:4f:a8:b2:
9d:f2:f0:e6:92:7a:3d:80:38:c0:b7:2c:35:78:73:
58:b9:88:fd:54:fd:4f:ba:f0:e4:12:be:af:88:63:
59:eb:db:16:88:be:a9:18:62:b9:05:fe:e6:1b:65:
37:2e:0d:90:f1:4e:6c:27:e2:6a:41:24:0f:94:61:
6f:2e:00:12:27:bd:18:cc:20:7f:ed:21:d6:5a:b1:
d7:12:3e:92:89:46:02:ed:1c:62:d1:a5:38:18:00:
fa:df:93:32:72:2d:34:9d:08:44:a7:4c:96:af:da:
04:6c:6f:d3:04:2f:da:48:ad:6c:ad:c1:d1:5d:f0:
44:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:F3:84:BD:3A:3B:3F:DA:F8:54:5E:39:D5:82:21:0A:23:96:2F:A2
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/_POEvTo7P9r4VF451YIhCiOWL6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.132.0/24
81.22.135.0/24
89.185.0.0/22
109.72.116.0-109.72.120.255
Signature Algorithm: sha256WithRSAEncryption
69:e6:8b:5b:dc:65:54:22:d7:77:c8:77:44:db:f0:a8:a7:6c:
22:65:3e:ef:bf:6a:ca:ba:ab:01:21:17:ba:d8:74:40:10:5f:
f7:1c:32:b0:08:6a:77:80:57:4a:19:be:17:5c:71:f8:65:fc:
b3:a2:d8:0c:1d:fe:b6:b6:65:b3:5d:9e:db:72:2f:1e:65:de:
10:fd:59:be:7e:48:bd:fe:62:d9:f4:da:fc:24:a5:03:ba:52:
d5:0d:ea:0b:15:95:fc:15:75:85:b4:5e:e1:d2:fc:f4:45:27:
dd:b0:a1:d9:1a:e7:a0:76:85:b9:b3:70:d5:0d:da:84:31:b0:
42:98:98:21:68:50:f5:e6:11:f5:6f:dd:ab:61:0b:7f:6b:7f:
51:45:93:63:e5:43:71:b2:6c:0b:d0:9d:47:a2:94:5f:a7:c1:
9c:4c:19:c1:3f:e2:9d:4c:2f:f2:a9:3a:f1:87:84:84:d5:65:
2f:b2:ec:66:69:ea:59:58:e5:d0:13:ee:eb:cb:71:e1:8f:f3:
a6:4d:24:de:04:df:90:af:d5:3e:49:ec:be:e1:3f:5a:7e:ca:
25:83:fc:7a:c2:96:9b:f4:05:3f:b1:88:78:be:df:f2:e1:0b:
4c:85:65:4c:b8:3a:e1:b1:17:fe:f8:28:24:32:3c:07:97:5d:
d4:8a:a2:a8
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYoCdbrVheqoFLwjNDAR2IwxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwODE3MDc0NjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2YzODRiZDNhM2IzZmRhZjg1NDVlMzlkNTgyMjEwYTIzOTYyZmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRAfyvXXCsBUOSunABH1rQcOnt31
MbLQvn4pQBelB2oh2xX41X4pJsA8FRetix4ezYLcYxcIkgG35Ea5rRw+N4r3wUBb
4BVpehdXwDxLCHZYNNHyhAkJmD1dyfHRi1o6+or97fF0T8IA/lVUT5KQP2royZzl
HjgCDnRMuxvPdF2ZcM1PqLKd8vDmkno9gDjAtyw1eHNYuYj9VP1PuvDkEr6viGNZ
69sWiL6pGGK5Bf7mG2U3Lg2Q8U5sJ+JqQSQPlGFvLgASJ70YzCB/7SHWWrHXEj6S
iUYC7Rxi0aU4GAD635Myci00nQhEp0yWr9oEbG/TBC/aSK1srcHRXfBExQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFPzzhL06Oz/a+FReOdWCIQojli+iMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvX1BPRXZUbzdQOXI0VkY0NTFZSWhDaU9XTDZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAURaEAwQA
URaHAwQCWbkAMAwDBAJtSHQDBABtSHgwDQYJKoZIhvcNAQELBQADggEBAGnmi1vc
ZVQi13fId0Tb8KinbCJlPu+/asq6qwEhF7rYdEAQX/ccMrAIaneAV0oZvhdccfhl
/LOi2Awd/ra2ZbNdnttyLx5l3hD9Wb5+SL3+Ytn02vwkpQO6UtUN6gsVlfwVdYW0
XuHS/PRFJ92wodka56B2hbmzcNUN2oQxsEKYmCFoUPXmEfVv3athC39rf1FFk2Pl
Q3GybAvQnUeilF+nwZxMGcE/4p1ML/KpOvGHhITVZS+y7GZp6llY5dAT7uvLceGP
86ZNJN4E35Cv1T5J7L7hP1p+yiWD/HrClpv0BT+xiHi+3/LhC0yFZUy4OuGxF/74
KCQyPAeXXdSKoqg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org