Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/ckunXMX6buNbJgtAa-tvV8qaTjc.roa
File: ckunXMX6buNbJgtAa-tvV8qaTjc.roa (raw, json)
Hash identifier: qwvyjf5ALpxvvxfcda7/l3y6SOyXK8l/h5YsAuXt2So=
Subject key identifier: 72:4B:A7:5C:C5:FA:6E:E3:5B:26:0B:40:6B:EB:6F:57:CA:9A:4E:37
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0188AF3FDEC6FAB2D554A15FDAE6F8397E65
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/ckunXMX6buNbJgtAa-tvV8qaTjc.roa
Signing time: Mon 12 Jun 2023 10:56:18 +0000
ROA not before: Mon 12 Jun 2023 10:56:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 81.22.140.0/22 maxlen: 24
109.72.115.0/24 maxlen: 24
109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
81.22.131.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Jun 2023 12:58:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:af:3f:de:c6:fa:b2:d5:54:a1:5f:da:e6:f8:39:7e:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jun 12 10:56:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=724ba75cc5fa6ee35b260b406beb6f57ca9a4e37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:34:4e:96:bd:63:fe:4e:fc:5c:7b:92:d7:36:
d4:31:f8:42:bb:16:31:c4:dc:93:ef:71:89:6d:25:
bd:b9:7e:0e:ae:53:bf:1d:1d:0c:be:8b:42:85:26:
49:24:08:54:94:70:66:4f:d7:07:ee:70:0d:af:d2:
ec:39:33:33:a4:ed:c0:d8:3c:c8:4f:b6:90:72:0d:
b7:e5:be:a0:aa:bb:c0:3d:cd:6d:33:80:c6:1a:76:
3d:06:cb:0b:7f:97:bd:a3:6d:23:b5:d8:a3:8e:ce:
84:d7:0b:ef:ad:c9:58:05:1a:67:e1:f3:dc:d6:c6:
b4:d3:36:49:16:74:5b:82:92:41:70:4f:cf:a4:b7:
7f:fc:53:08:7a:c6:3a:97:ea:26:b9:29:23:ea:5c:
fc:71:b9:15:b1:26:d3:93:f2:37:f0:e5:f4:ff:33:
b8:0b:7b:cd:0c:6a:51:2c:58:cc:8e:b7:6e:2d:a8:
48:14:6a:a6:54:3a:37:05:59:18:b2:09:64:56:a5:
cc:b8:7f:84:9e:e1:07:b5:14:37:56:1a:83:b2:b5:
f1:fd:b9:d6:fc:71:6e:23:18:f2:02:84:6a:14:91:
96:2a:3a:3f:c9:72:b5:b1:63:83:ed:c0:2d:fe:6a:
06:ee:60:0c:63:8a:23:5b:f2:92:14:60:4b:cb:12:
17:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:4B:A7:5C:C5:FA:6E:E3:5B:26:0B:40:6B:EB:6F:57:CA:9A:4E:37
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/ckunXMX6buNbJgtAa-tvV8qaTjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.131.0/24
81.22.140.0/22
89.185.0.0/22
109.72.115.0-109.72.119.255
Signature Algorithm: sha256WithRSAEncryption
1a:84:2e:ba:df:46:7c:e1:0b:93:07:79:c5:72:e3:f5:fc:ff:
e5:a2:37:af:e4:51:52:35:1b:0b:a1:56:40:a9:6c:32:33:c9:
b6:30:7d:cf:1c:57:4f:57:82:dc:71:f3:b5:eb:6e:50:7f:0d:
87:3c:27:64:2d:8c:fb:ce:04:88:84:82:f8:1f:60:09:11:18:
be:ae:8c:8c:bc:51:af:0e:1b:fb:69:b8:67:86:9c:b3:04:66:
fb:36:60:1a:58:48:aa:96:cd:7a:84:3a:7d:8c:32:72:07:42:
70:e2:39:91:ae:12:7e:1b:4b:80:69:74:46:7a:33:9a:3e:cf:
83:1d:a6:36:40:dc:76:f4:3a:8e:3e:80:36:9f:e3:87:fe:6b:
75:c3:7e:5e:b2:58:45:6d:fe:18:b7:07:41:08:da:ca:5d:03:
5d:dd:26:f3:dc:74:f6:58:ed:9f:87:5f:60:90:40:46:bb:16:
0b:ee:7a:5b:a1:93:73:3e:86:ac:56:03:c9:15:64:a3:e2:e0:
e7:6c:3a:6a:75:14:a6:3e:c7:9e:fb:bc:28:f6:cb:7e:b8:ea:
59:99:0d:00:73:32:9f:26:e9:c7:50:09:05:26:9c:da:0f:61:
d8:d5:c0:b6:90:62:67:d0:38:7f:35:0f:72:dd:1b:24:f7:db:
e1:5d:d0:57
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYivP97G+rLVVKFf2ub4OX5lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwNjEyMTA1NjE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjRiYTc1Y2M1ZmE2ZWUzNWIyNjBiNDA2YmViNmY1N2NhOWE0ZTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTROlr1j/k78XHuS1zbUMfhCuxYx
xNyT73GJbSW9uX4OrlO/HR0MvotChSZJJAhUlHBmT9cH7nANr9LsOTMzpO3A2DzI
T7aQcg235b6gqrvAPc1tM4DGGnY9BssLf5e9o20jtdijjs6E1wvvrclYBRpn4fPc
1sa00zZJFnRbgpJBcE/PpLd//FMIesY6l+omuSkj6lz8cbkVsSbTk/I38OX0/zO4
C3vNDGpRLFjMjrduLahIFGqmVDo3BVkYsglkVqXMuH+EnuEHtRQ3VhqDsrXx/bnW
/HFuIxjyAoRqFJGWKjo/yXK1sWOD7cAt/moG7mAMY4ojW/KSFGBLyxIXwwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFHJLp1zF+m7jWyYLQGvrb1fKmk43MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvY2t1blhNWDZidU5iSmd0QWEtdHZWOHFhVGpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAURaDAwQC
URaMAwQCWbkAMAwDBABtSHMDBANtSHAwDQYJKoZIhvcNAQELBQADggEBABqELrrf
RnzhC5MHecVy4/X8/+WiN6/kUVI1GwuhVkCpbDIzybYwfc8cV09Xgtxx87XrblB/
DYc8J2QtjPvOBIiEgvgfYAkRGL6ujIy8Ua8OG/tpuGeGnLMEZvs2YBpYSKqWzXqE
On2MMnIHQnDiOZGuEn4bS4BpdEZ6M5o+z4MdpjZA3Hb0Oo4+gDaf44f+a3XDfl6y
WEVt/hi3B0EI2spdA13dJvPcdPZY7Z+HX2CQQEa7Fgvueluhk3M+hqxWA8kVZKPi
4OdsOmp1FKY+x577vCj2y3646lmZDQBzMp8m6cdQCQUmnNoPYdjVwLaQYmfQOH81
D3LdGyT32+Fd0Fc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org