Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/c7O14U3U3HScd7FKZMjw0-AAyA8.roa
File: c7O14U3U3HScd7FKZMjw0-AAyA8.roa (raw, json)
Hash identifier: QSfqTPgmJEo6lAcZzsB+TTMAxUN6PITZtH1vPToIEHE=
Subject key identifier: 73:B3:B5:E1:4D:D4:DC:74:9C:77:B1:4A:64:C8:F0:D3:E0:00:C8:0F
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 01888A787CA6608C35CED93E89ACF6DD299B
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/c7O14U3U3HScd7FKZMjw0-AAyA8.roa
Signing time: Mon 05 Jun 2023 07:32:11 +0000
ROA not before: Mon 05 Jun 2023 07:32:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 81.22.135.0/24 maxlen: 24
89.185.24.0/22 maxlen: 24
109.72.127.0/24 maxlen: 24
89.185.1.0/24 maxlen: 24
81.22.128.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Jun 2023 08:28:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8a:78:7c:a6:60:8c:35:ce:d9:3e:89:ac:f6:dd:29:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jun 5 07:32:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=73b3b5e14dd4dc749c77b14a64c8f0d3e000c80f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f5:dd:15:e2:24:03:e7:7b:c6:11:d0:12:f7:
8e:4a:cd:c3:8b:d4:9f:54:a7:53:55:56:7f:89:ae:
bb:5c:6c:83:6f:58:0c:1a:77:e4:2c:66:68:3a:c8:
8f:ae:57:2d:ad:c9:53:b9:ac:70:da:44:a6:23:54:
7a:65:1f:88:0c:5c:4b:00:37:a0:de:85:02:60:79:
40:65:c8:3e:7f:82:d6:fc:99:07:92:dc:8e:10:ab:
fb:da:ed:0b:bf:09:1f:c0:8f:8b:97:25:47:37:81:
31:06:38:dd:7e:e2:d0:94:8d:00:7a:02:29:d1:9b:
33:f5:59:4c:6c:10:77:9a:9d:90:28:46:c3:a1:ff:
6d:97:2e:8c:e0:b8:34:5c:e6:71:eb:97:a8:11:fd:
84:c8:25:94:1c:19:fe:68:73:8a:ec:64:02:0f:7d:
cf:f7:75:9f:79:9c:81:0f:d6:a0:61:d7:a9:b0:d6:
4d:38:b3:af:bd:51:e7:a4:ea:13:ec:58:29:bb:19:
ce:28:19:2c:fc:5b:68:31:5e:b9:be:45:7b:8c:e3:
9e:a7:67:44:11:15:1f:c2:d3:ca:c2:71:5f:0c:61:
0f:e2:52:72:be:0b:d9:ba:92:94:a5:42:f1:e2:85:
c8:74:2c:a2:39:92:54:be:cb:f6:c2:a8:00:20:a4:
b3:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:B3:B5:E1:4D:D4:DC:74:9C:77:B1:4A:64:C8:F0:D3:E0:00:C8:0F
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/c7O14U3U3HScd7FKZMjw0-AAyA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.128.0/24
81.22.135.0/24
89.185.1.0/24
89.185.24.0/22
109.72.127.0/24
Signature Algorithm: sha256WithRSAEncryption
76:1a:1f:65:88:93:7a:7d:8c:25:68:fa:8a:3e:fe:99:63:f7:
ff:22:03:f3:15:a9:c5:a8:6f:6d:0b:20:9f:f9:0d:e2:b0:ec:
62:d7:84:39:97:5c:e3:48:6c:50:49:ff:21:da:e2:f3:54:f9:
4b:34:7e:a7:24:92:79:b7:15:b0:ab:56:5f:ab:aa:27:05:4d:
03:1d:71:a7:c3:99:8f:b9:51:51:35:16:bb:20:60:db:09:72:
e4:44:56:4e:5d:2a:c7:ac:37:29:eb:ac:b1:43:69:bb:7c:c6:
9a:9d:d4:b2:65:fe:b4:6e:e1:cf:54:f5:80:5e:16:f2:da:82:
65:52:de:2e:57:71:f0:99:b8:5a:69:87:1d:b5:d4:81:a9:e3:
2f:f5:cd:5c:85:7c:8a:9f:90:9f:c4:c6:33:d9:9c:09:9a:cd:
43:fc:0e:2a:eb:e5:66:04:b1:84:71:fe:bd:8e:14:f6:b5:93:
64:65:3b:c0:8a:f1:39:d7:40:f6:ad:42:b8:eb:31:5f:a4:13:
22:9b:1a:35:86:bd:34:63:9b:0c:92:39:89:ec:2d:83:ed:64:
9a:7f:f7:70:3a:a2:5b:46:cb:cd:ba:44:dc:0b:ff:d3:fe:0f:
b3:5d:a7:db:d2:b4:41:9a:29:fa:d9:00:71:0d:c6:4f:a7:57:
7a:97:bd:22
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYiKeHymYIw1ztk+iaz23SmbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwNjA1MDczMjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2IzYjVlMTRkZDRkYzc0OWM3N2IxNGE2NGM4ZjBkM2UwMDBjODBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvXdFeIkA+d7xhHQEveOSs3Di9Sf
VKdTVVZ/ia67XGyDb1gMGnfkLGZoOsiPrlctrclTuaxw2kSmI1R6ZR+IDFxLADeg
3oUCYHlAZcg+f4LW/JkHktyOEKv72u0LvwkfwI+LlyVHN4ExBjjdfuLQlI0AegIp
0Zsz9VlMbBB3mp2QKEbDof9tly6M4Lg0XOZx65eoEf2EyCWUHBn+aHOK7GQCD33P
93WfeZyBD9agYdepsNZNOLOvvVHnpOoT7FgpuxnOKBks/FtoMV65vkV7jOOep2dE
ERUfwtPKwnFfDGEP4lJyvgvZupKUpULx4oXIdCyiOZJUvsv2wqgAIKSzbwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHOzteFN1Nx0nHexSmTI8NPgAMgPMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvYzdPMTRVM1UzSFNjZDdGS1pNancwLUFBeUE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAURaAAwQA
URaHAwQAWbkBAwQCWbkYAwQAbUh/MA0GCSqGSIb3DQEBCwUAA4IBAQB2Gh9liJN6
fYwlaPqKPv6ZY/f/IgPzFanFqG9tCyCf+Q3isOxi14Q5l1zjSGxQSf8h2uLzVPlL
NH6nJJJ5txWwq1Zfq6onBU0DHXGnw5mPuVFRNRa7IGDbCXLkRFZOXSrHrDcp66yx
Q2m7fMaandSyZf60buHPVPWAXhby2oJlUt4uV3HwmbhaaYcdtdSBqeMv9c1chXyK
n5CfxMYz2ZwJms1D/A4q6+VmBLGEcf69jhT2tZNkZTvAivE510D2rUK46zFfpBMi
mxo1hr00Y5sMkjmJ7C2D7WSaf/dwOqJbRsvNukTcC//T/g+zXafb0rRBmin62QBx
DcZPp1d6l70i
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org