Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/cE7aHZOCdHVmTnpEEt125Txt9aw.roa
File: cE7aHZOCdHVmTnpEEt125Txt9aw.roa (raw, json)
Hash identifier: EtbFXrTJXskhVO+kFo52SI0hPoW3k2FXarC2SEplgDI=
Subject key identifier: 70:4E:DA:1D:93:82:74:75:66:4E:7A:44:12:DD:76:E5:3C:6D:F5:AC
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018828ED348A693410B3B83190C28C97F025
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/cE7aHZOCdHVmTnpEEt125Txt9aw.roa
Signing time: Wed 17 May 2023 08:56:54 +0000
ROA not before: Wed 17 May 2023 08:56:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.72.121.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 18 May 2023 20:40:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:28:ed:34:8a:69:34:10:b3:b8:31:90:c2:8c:97:f0:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: May 17 08:56:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=704eda1d93827475664e7a4412dd76e53c6df5ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:40:c4:1e:a9:4c:a6:18:e8:54:b1:c2:29:20:
42:5e:48:38:4a:2b:51:97:d4:6c:cf:a0:0e:f9:63:
dc:4c:86:d9:75:98:1e:4a:20:77:2f:b5:6f:3c:5f:
f8:7d:06:08:10:e8:5e:5f:37:0c:df:b9:9a:e7:c2:
ed:44:94:d6:d7:5c:66:65:3f:1c:a0:c0:b7:38:d3:
d3:b2:39:af:13:11:24:a1:6c:e3:44:ce:4d:b9:1f:
c9:48:6c:0a:ea:a0:fc:d3:e3:66:ba:3c:28:dd:7f:
53:ba:4e:4d:3a:9e:48:e7:e3:e6:f7:20:5d:e0:80:
90:3d:48:18:0e:36:04:54:79:ac:9c:96:1e:a9:5d:
e5:57:11:ce:53:48:d4:d8:33:5a:e6:cc:0f:13:f9:
af:45:ba:85:fe:33:d6:a2:94:cd:26:69:51:2a:f1:
48:4a:6e:23:67:8a:57:07:2d:7c:bb:fc:0f:1e:17:
38:6d:bb:5a:2e:ff:ab:80:16:01:cf:ea:97:f0:2d:
b3:6f:63:6b:3b:63:03:05:c4:e5:88:27:e9:77:2f:
fb:43:57:3a:04:b3:09:25:d1:5a:72:63:5e:79:38:
52:a6:ce:98:3e:c1:db:8b:87:6b:54:41:c4:b1:cd:
24:23:ae:24:64:a2:ad:7b:07:85:20:cb:5a:fd:2a:
ac:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:4E:DA:1D:93:82:74:75:66:4E:7A:44:12:DD:76:E5:3C:6D:F5:AC
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/cE7aHZOCdHVmTnpEEt125Txt9aw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.0.0/22
109.72.121.0/24
Signature Algorithm: sha256WithRSAEncryption
79:72:60:3d:86:df:84:56:fe:e4:dc:d9:38:d6:4d:f5:57:18:
1b:6f:f4:2a:a1:58:d6:2b:17:c8:ae:8c:9f:55:62:60:2b:36:
9a:ca:57:af:59:49:70:27:c8:d0:17:9e:0f:f6:2d:d3:84:e8:
81:50:e7:15:71:86:2c:ad:e6:c3:cb:15:58:ca:74:ec:d5:36:
d3:bf:d3:13:d0:2d:5e:52:48:59:5e:1a:59:49:28:c0:23:de:
ca:4d:c6:a3:69:49:ca:ff:8c:d2:74:32:12:58:8d:4e:c9:a6:
27:c4:81:bc:db:e4:c7:32:14:c6:a4:a7:a8:90:8e:7d:48:d7:
c5:05:65:40:d7:eb:bb:31:fd:32:5f:07:15:2b:be:e8:e5:61:
0d:40:7e:16:df:e2:cc:f7:f0:b8:8f:1d:2e:e7:9a:5f:68:5a:
24:ae:5e:1d:17:68:52:56:b6:df:14:1b:85:53:ae:fa:f3:5d:
da:e4:a9:22:bb:38:14:66:ff:0e:c5:23:a9:29:5a:de:65:fc:
18:3a:87:39:8d:b3:0f:da:7d:0c:f3:49:4c:9e:19:f9:6e:96:
7b:d4:2c:3f:f1:13:20:5f:96:04:93:5c:35:d0:a9:60:d6:5b:
99:14:6d:6e:e2:14:d6:ef:84:c4:4c:c5:28:70:9d:b7:fa:45:
f9:a1:5e:cb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYgo7TSKaTQQs7gxkMKMl/AlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwNTE3MDg1NjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDRlZGExZDkzODI3NDc1NjY0ZTdhNDQxMmRkNzZlNTNjNmRmNWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkDEHqlMphjoVLHCKSBCXkg4SitR
l9Rsz6AO+WPcTIbZdZgeSiB3L7VvPF/4fQYIEOheXzcM37ma58LtRJTW11xmZT8c
oMC3ONPTsjmvExEkoWzjRM5NuR/JSGwK6qD80+Nmujwo3X9Tuk5NOp5I5+Pm9yBd
4ICQPUgYDjYEVHmsnJYeqV3lVxHOU0jU2DNa5swPE/mvRbqF/jPWopTNJmlRKvFI
Sm4jZ4pXBy18u/wPHhc4bbtaLv+rgBYBz+qX8C2zb2NrO2MDBcTliCfpdy/7Q1c6
BLMJJdFacmNeeThSps6YPsHbi4drVEHEsc0kI64kZKKteweFIMta/SqsFQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHBO2h2TgnR1Zk56RBLdduU8bfWsMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvY0U3YUhaT0NkSFZtVG5wRUV0MTI1VHh0OWF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWbkAAwQA
bUh5MA0GCSqGSIb3DQEBCwUAA4IBAQB5cmA9ht+EVv7k3Nk41k31Vxgbb/QqoVjW
KxfIroyfVWJgKzaaylevWUlwJ8jQF54P9i3ThOiBUOcVcYYsrebDyxVYynTs1TbT
v9MT0C1eUkhZXhpZSSjAI97KTcajaUnK/4zSdDISWI1OyaYnxIG82+THMhTGpKeo
kI59SNfFBWVA1+u7Mf0yXwcVK77o5WENQH4W3+LM9/C4jx0u55pfaFokrl4dF2hS
VrbfFBuFU676813a5KkiuzgUZv8OxSOpKVreZfwYOoc5jbMP2n0M80lMnhn5bpZ7
1Cw/8RMgX5YEk1w10Klg1luZFG1u4hTW74TETMUocJ23+kX5oV7L
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org