Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/eCqYRzlXunAP8T2KiFWciTW-USk.roa
File: eCqYRzlXunAP8T2KiFWciTW-USk.roa (raw, json)
Hash identifier: KCXz5uuwM4sSY/t0XCK8byQDvVByIbQF2wvi+QjdO2s=
Subject key identifier: 78:2A:98:47:39:57:BA:70:0F:F1:3D:8A:88:55:9C:89:35:BE:51:29
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018C8BCAE1FD30DD4F57CFFC010AE838F89F
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/eCqYRzlXunAP8T2KiFWciTW-USk.roa
Signing time: Thu 21 Dec 2023 09:52:58 +0000
ROA not before: Thu 21 Dec 2023 09:52:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 24
81.22.140.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 25 Dec 2023 11:55:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8b:ca:e1:fd:30:dd:4f:57:cf:fc:01:0a:e8:38:f8:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Dec 21 09:52:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=782a98473957ba700ff13d8a88559c8935be5129
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:2e:26:0f:01:ea:5f:67:5e:d4:c3:8c:3e:e8:
aa:80:14:ac:f8:3b:49:d0:a3:16:97:55:46:c8:8a:
57:e5:ae:66:0b:9a:eb:8c:84:c9:48:e5:22:3c:f2:
c0:70:94:b4:2a:c6:a7:e3:0f:6f:2d:95:88:08:cd:
1b:06:48:6a:d5:d9:41:34:e6:5d:a9:b5:67:54:e3:
dd:9c:0b:fa:f6:c1:16:0a:5b:e2:3b:d8:05:e8:6d:
eb:63:ce:8f:da:ff:d3:19:ea:63:5a:f4:98:bb:73:
e0:aa:e6:1b:41:bc:a5:bc:73:a8:ab:2f:16:40:3d:
26:2d:19:de:76:d2:6e:96:bf:c0:35:2e:61:ec:65:
c1:d5:f7:85:83:0f:11:c6:1a:4e:ec:73:36:8a:74:
18:3b:fb:7b:69:6d:49:a2:02:f3:1e:95:02:df:35:
ad:6a:f5:b8:df:f5:c5:f7:e2:84:68:75:41:01:fc:
73:5c:54:8c:75:bc:5e:e5:21:d0:7c:39:f3:df:a2:
50:33:0a:54:97:a8:8e:e7:38:cc:ed:3c:12:42:27:
c8:55:a9:fe:92:ee:ef:00:08:7b:d2:c9:11:ea:b6:
37:4a:67:85:31:55:a3:7b:8e:82:bf:3a:c1:81:6c:
64:75:b1:d1:de:f7:d2:6b:b6:c9:43:0d:3b:7e:24:
21:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:2A:98:47:39:57:BA:70:0F:F1:3D:8A:88:55:9C:89:35:BE:51:29
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/eCqYRzlXunAP8T2KiFWciTW-USk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
90:5c:65:5c:b9:35:de:93:c9:35:8e:5f:af:1c:fc:df:0b:f1:
e2:32:8b:c9:f7:02:f9:cf:36:36:35:db:27:27:f6:1e:bc:69:
75:18:02:f4:81:f3:7f:87:32:2e:ba:80:7f:8c:d8:25:69:2e:
8d:e6:8f:99:7e:7d:81:f1:14:d5:70:b5:9d:0b:38:f9:50:b1:
ed:9e:89:5e:6e:7b:5e:9f:fb:e7:7d:6a:ce:aa:fc:a7:e2:ea:
55:c4:48:bb:5c:19:a5:5f:8b:8e:96:99:d6:9c:07:71:c5:cd:
1e:86:b2:a9:ee:50:ed:00:8e:99:d4:93:73:74:bc:18:fd:b6:
f9:62:57:1f:fa:0e:9d:74:d4:bd:1d:41:f1:14:0d:da:d2:71:
2b:2b:1f:34:0e:09:cf:8c:19:8f:92:13:d4:99:be:18:c3:c4:
f9:5c:be:b7:96:ff:75:91:28:3f:21:11:96:ab:39:67:ae:c9:
fe:c4:6f:c3:d2:ec:fc:9c:9c:ea:55:e7:47:e2:72:06:08:9e:
57:b1:f0:5f:e1:ce:f4:70:7c:31:97:81:99:29:a8:81:a8:e6:
60:66:53:99:b6:40:1d:27:8d:53:5e:66:ad:66:70:78:ca:c7:
89:7b:33:ff:c3:39:3c:f4:1e:ef:4c:72:6a:a2:9f:70:09:43:
88:18:8a:dd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYyLyuH9MN1PV8/8AQroOPifMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMxMjIxMDk1MjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODJhOTg0NzM5NTdiYTcwMGZmMTNkOGE4ODU1OWM4OTM1YmU1MTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxC4mDwHqX2de1MOMPuiqgBSs+DtJ
0KMWl1VGyIpX5a5mC5rrjITJSOUiPPLAcJS0Ksan4w9vLZWICM0bBkhq1dlBNOZd
qbVnVOPdnAv69sEWClviO9gF6G3rY86P2v/TGepjWvSYu3PgquYbQbylvHOoqy8W
QD0mLRnedtJulr/ANS5h7GXB1feFgw8RxhpO7HM2inQYO/t7aW1JogLzHpUC3zWt
avW43/XF9+KEaHVBAfxzXFSMdbxe5SHQfDnz36JQMwpUl6iO5zjM7TwSQifIVan+
ku7vAAh70skR6rY3SmeFMVWje46CvzrBgWxkdbHR3vfSa7bJQw07fiQhRQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHgqmEc5V7pwD/E9iohVnIk1vlEpMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvZUNxWVJ6bFh1bkFQOFQyS2lGV2NpVFctVVNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDURaIAwQC
WbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQCQXGVcuTXek8k1jl+vHPzfC/Hi
MovJ9wL5zzY2NdsnJ/YevGl1GAL0gfN/hzIuuoB/jNglaS6N5o+Zfn2B8RTVcLWd
Czj5ULHtnolebnten/vnfWrOqvyn4upVxEi7XBmlX4uOlpnWnAdxxc0ehrKp7lDt
AI6Z1JNzdLwY/bb5Ylcf+g6ddNS9HUHxFA3a0nErKx80DgnPjBmPkhPUmb4Yw8T5
XL63lv91kSg/IRGWqzlnrsn+xG/D0uz8nJzqVedH4nIGCJ5XsfBf4c70cHwxl4GZ
KaiBqOZgZlOZtkAdJ41TXmatZnB4yseJezP/wzk89B7vTHJqop9wCUOIGIrd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org