Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/acXp6v2qquohqD_GunZOdcbDwi4.roa
File: acXp6v2qquohqD_GunZOdcbDwi4.roa (raw, json)
Hash identifier: cX/f/N/dGpqRuMzq/v9BdW3p3vMClCTNB8FzNtoP9hQ=
Subject key identifier: 69:C5:E9:EA:FD:AA:AA:EA:21:A8:3F:C6:BA:76:4E:75:C6:C3:C2:2E
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0188066812A47F59FBDA3861474DBBF9F7EF
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/acXp6v2qquohqD_GunZOdcbDwi4.roa
Signing time: Wed 10 May 2023 16:04:23 +0000
ROA not before: Wed 10 May 2023 16:04:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.72.114.0/24 maxlen: 24
109.72.115.0/24 maxlen: 24
109.72.116.0/24 maxlen: 24
109.72.117.0/24 maxlen: 24
109.72.118.0/24 maxlen: 24
109.72.119.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 10 May 2023 20:07:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:06:68:12:a4:7f:59:fb:da:38:61:47:4d:bb:f9:f7:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: May 10 16:04:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69c5e9eafdaaaaea21a83fc6ba764e75c6c3c22e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:08:f2:8b:84:f6:1d:b3:51:70:68:cb:94:8b:
b3:4f:73:07:be:6d:60:00:6e:30:fb:a5:3e:19:59:
06:f5:f8:9e:2e:97:91:a1:22:19:3a:fb:bc:63:70:
2d:75:bd:8c:d3:dc:a3:0d:1e:e6:fc:d7:d2:c8:fa:
0e:6c:f3:2c:3a:16:24:5a:0b:b3:88:6e:51:f7:8c:
86:fd:46:82:3d:6a:40:15:e2:d9:08:c9:dc:46:a4:
72:23:05:06:ff:ec:cd:67:54:6e:ce:26:b2:f5:a5:
02:df:6a:21:9e:e4:b2:2a:e4:d4:8d:82:47:24:5d:
81:0e:c9:21:a6:f8:26:a4:d7:46:59:4b:9d:14:c4:
1e:73:66:fc:56:f3:c2:0e:a1:2d:d6:c4:3d:87:54:
00:95:2a:40:40:82:ac:f8:3d:5f:88:11:28:f4:be:
da:46:eb:f7:60:7d:51:c8:42:a4:b9:34:24:df:81:
b0:23:a8:62:4e:53:c5:c0:58:05:5f:cd:8e:05:7f:
d9:52:d8:2b:d8:7c:1c:d2:b5:15:b7:31:c8:a4:51:
54:0b:b4:ec:a0:1c:4d:b0:c6:40:fc:ba:38:27:53:
b7:9e:be:0b:25:fd:b4:45:a5:5f:46:d8:f6:50:43:
55:da:52:c7:93:29:9b:64:6d:4f:1c:1c:86:fb:0a:
3e:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:C5:E9:EA:FD:AA:AA:EA:21:A8:3F:C6:BA:76:4E:75:C6:C3:C2:2E
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/acXp6v2qquohqD_GunZOdcbDwi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.0.0/22
109.72.114.0-109.72.119.255
Signature Algorithm: sha256WithRSAEncryption
18:85:4f:dd:18:15:e2:55:5a:92:a6:49:da:d8:ab:71:12:84:
b9:70:77:4d:d9:30:07:80:06:09:66:0e:72:40:fb:7b:8e:c0:
f5:89:3f:35:b0:12:a2:94:11:a6:ef:7d:a6:a8:68:1c:0f:ea:
c9:b2:00:b3:4e:a0:b5:34:9d:10:15:4c:2d:7f:0b:25:3f:1a:
a0:6b:d7:a6:6c:49:66:90:fd:f0:44:8c:48:9d:b3:2d:3b:f2:
e4:44:e8:c2:ce:87:cc:6c:53:dc:4b:72:5b:25:6d:16:f1:d5:
2d:8a:8e:80:8d:a3:01:07:c2:63:50:db:28:40:6e:cf:b9:41:
37:97:77:01:5c:70:6d:f9:96:48:c9:5f:f4:c2:30:c6:2f:8e:
f7:b3:6a:97:a0:39:ed:a2:7e:be:50:6e:d5:b2:d0:e5:19:23:
61:71:c3:17:a6:d9:6e:56:ad:f4:fc:a2:6d:81:31:21:cc:ca:
10:7d:1e:37:55:7c:74:1e:44:31:74:91:57:61:4f:9e:ba:6e:
8e:33:c8:05:48:e8:62:c8:50:f9:f1:09:39:98:ee:2c:6d:da:
e4:2d:d3:f2:b6:a3:05:fe:ba:3a:fc:8d:d3:ff:73:18:ed:7b:
16:8c:dc:e8:28:e5:43:cf:04:bb:6f:83:06:e1:fa:6f:8e:8c:
9c:cf:0d:ba
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYgGaBKkf1n72jhhR027+ffvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwNTEwMTYwNDIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWM1ZTllYWZkYWFhYWVhMjFhODNmYzZiYTc2NGU3NWM2YzNjMjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAjyi4T2HbNRcGjLlIuzT3MHvm1g
AG4w+6U+GVkG9fieLpeRoSIZOvu8Y3Atdb2M09yjDR7m/NfSyPoObPMsOhYkWguz
iG5R94yG/UaCPWpAFeLZCMncRqRyIwUG/+zNZ1Ruziay9aUC32ohnuSyKuTUjYJH
JF2BDskhpvgmpNdGWUudFMQec2b8VvPCDqEt1sQ9h1QAlSpAQIKs+D1fiBEo9L7a
Ruv3YH1RyEKkuTQk34GwI6hiTlPFwFgFX82OBX/ZUtgr2Hwc0rUVtzHIpFFUC7Ts
oBxNsMZA/Lo4J1O3nr4LJf20RaVfRtj2UENV2lLHkymbZG1PHByG+wo+6QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGnF6er9qqrqIag/xrp2TnXGw8IuMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvYWNYcDZ2MnFxdW9ocURfR3VuWk9kY2JEd2k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCWbkAMAwD
BAFtSHIDBANtSHAwDQYJKoZIhvcNAQELBQADggEBABiFT90YFeJVWpKmSdrYq3ES
hLlwd03ZMAeABglmDnJA+3uOwPWJPzWwEqKUEabvfaaoaBwP6smyALNOoLU0nRAV
TC1/CyU/GqBr16ZsSWaQ/fBEjEidsy078uRE6MLOh8xsU9xLclslbRbx1S2KjoCN
owEHwmNQ2yhAbs+5QTeXdwFccG35lkjJX/TCMMYvjvezapegOe2ifr5QbtWy0OUZ
I2Fxwxem2W5WrfT8om2BMSHMyhB9HjdVfHQeRDF0kVdhT566bo4zyAVI6GLIUPnx
CTmY7ixt2uQt0/K2owX+ujr8jdP/cxjtexaM3Ogo5UPPBLtvgwbh+m+OjJzPDbo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org