Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/_oCNRCTTDWg1kBpnN-ryS_Sk20A.roa
File: _oCNRCTTDWg1kBpnN-ryS_Sk20A.roa (raw, json)
Hash identifier: zLUUY834BGECn0VzzdJid+uLUJDWWeLP1rr8dfCxOvY=
Subject key identifier: FE:80:8D:44:24:D3:0D:68:35:90:1A:67:37:EA:F2:4B:F4:A4:DB:40
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018F39D64D8355F9785E9FFFA32551241787
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/_oCNRCTTDWg1kBpnN-ryS_Sk20A.roa
Signing time: Thu 02 May 2024 15:04:56 +0000
ROA not before: Thu 02 May 2024 15:04:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 81.22.131.0/24 maxlen: 24
81.22.138.0/24 maxlen: 24
89.185.0.0/24 maxlen: 24
109.72.123.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 19 May 2024 21:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:39:d6:4d:83:55:f9:78:5e:9f:ff:a3:25:51:24:17:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: May 2 15:04:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe808d4424d30d6835901a6737eaf24bf4a4db40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3a:37:9d:0f:8d:a3:0e:6f:b3:cf:1c:d0:78:
54:1d:28:d0:23:91:e1:2c:d0:bf:3f:e7:62:bc:7f:
ec:41:1c:2a:ba:b9:ee:f7:3e:0d:d1:67:f2:46:31:
7a:d8:2a:fc:ac:de:fe:23:4d:ba:9a:f8:c7:8a:8d:
ea:8a:b1:72:e3:94:78:5d:de:7d:50:a4:ab:5b:ea:
cd:42:6d:f4:0f:25:8c:8d:20:e8:d0:95:5e:18:f0:
6f:12:ad:90:0d:b9:b6:84:fa:59:4b:47:9a:17:a6:
5b:23:c2:5a:e5:65:1d:48:8e:9f:c7:d7:ca:1d:f0:
49:f8:10:ad:8d:b1:36:f6:15:a8:e0:40:a2:9b:1e:
d7:19:d8:ca:dc:7b:04:43:74:8b:78:e3:46:a7:7d:
fb:b3:98:f3:36:7a:8d:28:ee:ea:c1:19:63:8c:04:
7d:2f:1b:1e:ef:fd:90:ad:14:28:f5:cd:28:b9:be:
23:11:a9:8f:49:c2:f4:6a:b8:e3:73:c7:1b:fc:74:
e8:5a:36:83:e8:f9:36:34:8f:22:23:80:82:a6:90:
69:40:ee:92:cc:36:2f:7c:00:df:f8:24:b8:0f:1c:
88:08:82:fe:ff:21:be:18:7d:14:2c:f4:b2:96:cb:
ec:38:17:96:f0:bc:13:f4:e3:79:1f:c2:42:01:d1:
32:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:80:8D:44:24:D3:0D:68:35:90:1A:67:37:EA:F2:4B:F4:A4:DB:40
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/_oCNRCTTDWg1kBpnN-ryS_Sk20A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.131.0/24
81.22.138.0/24
89.185.0.0/24
109.72.123.0/24
Signature Algorithm: sha256WithRSAEncryption
75:c0:2a:c4:7f:a0:2d:34:d1:3c:72:8e:f0:c6:f4:54:73:85:
a0:f8:4d:d6:79:c8:5b:d9:7a:c0:d3:11:b9:26:da:ae:eb:28:
12:56:9b:61:35:34:9e:d0:79:9d:87:a8:cf:89:4d:81:37:ec:
fa:fd:8d:76:e3:3c:75:52:16:45:4c:e4:b6:c3:10:c7:b6:30:
37:db:02:37:4c:72:ff:45:87:04:80:c4:aa:ba:77:a0:85:a2:
85:90:01:31:52:4b:5c:83:38:22:b2:c0:1f:fe:70:6f:ea:20:
50:b9:48:8f:bd:e5:6a:ca:2e:8c:a8:03:19:81:2f:fe:51:6c:
7f:9c:18:43:4f:c8:eb:69:7e:ad:df:e7:2d:63:9e:e5:79:fd:
9d:26:85:c9:7e:6c:74:3f:11:f8:0a:b3:66:6e:14:a7:6a:18:
5a:52:e7:29:33:ba:c1:72:23:35:6d:dc:df:b6:8f:cc:45:14:
fc:48:b5:57:12:c5:e7:7f:0e:e2:77:e3:40:57:60:c0:6b:05:
e0:b4:02:26:f3:b3:f6:8e:d0:29:99:9e:f4:95:06:5e:fe:4b:
6d:7f:f9:3a:4b:bd:08:96:62:2c:2d:c6:df:93:5d:3f:37:9b:
b8:5c:56:b2:2f:37:b6:57:ec:52:69:7c:ce:87:92:ef:c7:4c:
39:2b:16:06
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY851k2DVfl4Xp//oyVRJBeHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwNTAyMTUwNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTgwOGQ0NDI0ZDMwZDY4MzU5MDFhNjczN2VhZjI0YmY0YTRkYjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzo3nQ+Now5vs88c0HhUHSjQI5Hh
LNC/P+divH/sQRwqurnu9z4N0WfyRjF62Cr8rN7+I026mvjHio3qirFy45R4Xd59
UKSrW+rNQm30DyWMjSDo0JVeGPBvEq2QDbm2hPpZS0eaF6ZbI8Ja5WUdSI6fx9fK
HfBJ+BCtjbE29hWo4ECimx7XGdjK3HsEQ3SLeONGp337s5jzNnqNKO7qwRljjAR9
Lxse7/2QrRQo9c0oub4jEamPScL0arjjc8cb/HToWjaD6Pk2NI8iI4CCppBpQO6S
zDYvfADf+CS4DxyICIL+/yG+GH0ULPSylsvsOBeW8LwT9ON5H8JCAdEyoQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFP6AjUQk0w1oNZAaZzfq8kv0pNtAMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvX29DTlJDVFREV2cxa0Jwbk4tcnlTX1NrMjBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAURaDAwQA
URaKAwQAWbkAAwQAbUh7MA0GCSqGSIb3DQEBCwUAA4IBAQB1wCrEf6AtNNE8co7w
xvRUc4Wg+E3Wechb2XrA0xG5Jtqu6ygSVpthNTSe0Hmdh6jPiU2BN+z6/Y124zx1
UhZFTOS2wxDHtjA32wI3THL/RYcEgMSquneghaKFkAExUktcgzgissAf/nBv6iBQ
uUiPveVqyi6MqAMZgS/+UWx/nBhDT8jraX6t3+ctY57lef2dJoXJfmx0PxH4CrNm
bhSnahhaUucpM7rBciM1bdzfto/MRRT8SLVXEsXnfw7id+NAV2DAawXgtAIm87P2
jtApmZ70lQZe/kttf/k6S70IlmIsLcbfk10/N5u4XFayLze2V+xSaXzOh5Lvx0w5
KxYG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org