Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/ec0dM4V3Sgkmt7eJZ5YAX0C54m0.roa
File: ec0dM4V3Sgkmt7eJZ5YAX0C54m0.roa (raw, json)
Hash identifier: woB2jJRRcLGqO3TnzMp7tbJx0gXcLvG3aKvW2uSAx2o=
Subject key identifier: 79:CD:1D:33:85:77:4A:09:26:B7:B7:89:67:96:00:5F:40:B9:E2:6D
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018D027ECC90B870B5CE4608C0E990A57904
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/ec0dM4V3Sgkmt7eJZ5YAX0C54m0.roa
Signing time: Sat 13 Jan 2024 11:04:40 +0000
ROA not before: Sat 13 Jan 2024 11:04:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 23
81.22.140.0/22 maxlen: 24
109.72.112.0/24 maxlen: 24
109.72.116.0/22 maxlen: 24
109.72.113.0/24 maxlen: 24
109.72.123.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sat 13 Jan 2024 17:49:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:02:7e:cc:90:b8:70:b5:ce:46:08:c0:e9:90:a5:79:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 13 11:04:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=79cd1d3385774a0926b7b7896796005f40b9e26d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:4a:15:94:5f:8f:3e:63:a5:65:de:4f:3d:2b:
e8:40:ab:3d:6e:ec:c0:39:c2:13:17:57:e4:11:0b:
26:fc:91:31:f8:b2:4c:b8:77:15:5b:99:44:fd:39:
9e:1e:e7:d1:09:38:02:83:0f:e9:07:47:45:5d:17:
f2:a1:7c:e7:22:65:5a:04:d0:3a:dd:71:6d:b3:a7:
47:32:09:4d:5b:10:26:be:8b:93:02:7f:e8:e6:12:
23:8d:94:76:9f:4a:a2:67:95:80:89:a7:13:53:c3:
86:ed:c6:f9:27:f1:70:ea:3b:ea:1f:10:54:dd:44:
e8:e5:45:dc:06:7b:2f:3f:c3:a3:8b:d6:8f:77:25:
73:4a:13:87:3f:3f:3a:66:76:43:a7:c8:fd:98:f2:
c9:b7:39:86:ce:08:4e:63:87:35:fc:22:00:ab:0a:
79:cf:bf:bb:2e:93:9d:aa:a9:8a:f9:26:3a:22:16:
71:54:1f:a5:c1:d5:58:11:3c:e8:a9:96:c2:28:a7:
60:a5:6f:6f:de:64:85:6d:3e:31:33:a4:01:fa:3f:
b1:bd:ac:0d:9c:ac:bd:45:ba:9b:ed:b6:95:f3:75:
dc:b4:99:64:42:49:7a:15:7c:6e:fa:2b:cb:e5:26:
3a:db:17:33:e8:cd:bc:a4:9b:1d:eb:ed:d8:4c:a6:
6d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:CD:1D:33:85:77:4A:09:26:B7:B7:89:67:96:00:5F:40:B9:E2:6D
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/ec0dM4V3Sgkmt7eJZ5YAX0C54m0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
109.72.112.0/23
109.72.116.0/22
109.72.123.0/24
Signature Algorithm: sha256WithRSAEncryption
62:c6:45:da:f2:b2:a2:d2:c7:ba:42:41:f4:0d:21:09:cf:bf:
83:17:05:a3:32:26:92:57:f7:b1:e4:15:8b:41:d3:ef:63:e3:
89:14:05:27:8b:2b:cb:d4:4b:07:f3:81:9e:41:1d:94:8c:a2:
46:dd:6d:16:2f:3d:e0:35:f0:be:b3:4f:99:9c:d9:1b:9e:80:
63:65:93:28:b3:a8:3c:90:46:1c:20:61:85:31:6f:c9:ce:14:
9a:0a:76:a1:b5:1d:c4:ae:80:f6:7c:05:1e:56:d9:51:58:b8:
52:60:27:a4:53:5f:eb:eb:af:7b:49:0a:4c:5b:57:bf:06:e2:
dd:b2:47:73:11:09:27:e0:74:de:76:ac:20:a7:15:f8:89:30:
6f:99:c2:d4:c2:a5:d6:b3:52:60:3c:a1:d0:31:69:cc:3b:0c:
f6:8e:67:91:10:2a:a1:79:64:54:71:53:c3:bf:0b:24:8d:69:
74:c5:02:c5:6a:51:99:ce:8e:62:05:35:1e:99:ba:50:fb:e3:
c0:40:de:cb:4c:0b:28:01:b7:5f:6c:69:10:5a:5d:23:b0:e6:
a8:bc:4a:19:20:a9:17:72:37:3f:96:b6:cc:31:d2:39:a3:17:
a3:3e:a1:67:9d:be:43:26:b1:ee:c4:16:29:ba:0f:bf:c4:8d:
05:13:07:d9
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY0CfsyQuHC1zkYIwOmQpXkEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMTEzMTEwNDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWNkMWQzMzg1Nzc0YTA5MjZiN2I3ODk2Nzk2MDA1ZjQwYjllMjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhEoVlF+PPmOlZd5PPSvoQKs9buzA
OcITF1fkEQsm/JEx+LJMuHcVW5lE/TmeHufRCTgCgw/pB0dFXRfyoXznImVaBNA6
3XFts6dHMglNWxAmvouTAn/o5hIjjZR2n0qiZ5WAiacTU8OG7cb5J/Fw6jvqHxBU
3UTo5UXcBnsvP8Oji9aPdyVzShOHPz86ZnZDp8j9mPLJtzmGzghOY4c1/CIAqwp5
z7+7LpOdqqmK+SY6IhZxVB+lwdVYETzoqZbCKKdgpW9v3mSFbT4xM6QB+j+xvawN
nKy9Rbqb7baV83XctJlkQkl6FXxu+ivL5SY62xcz6M28pJsd6+3YTKZtMwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHnNHTOFd0oJJre3iWeWAF9AueJtMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvZWMwZE00VjNTZ2ttdDdlSlo1WUFYMEM1NG0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDURaIAwQC
WbkAAwQBbUhwAwQCbUh0AwQAbUh7MA0GCSqGSIb3DQEBCwUAA4IBAQBixkXa8rKi
0se6QkH0DSEJz7+DFwWjMiaSV/ex5BWLQdPvY+OJFAUniyvL1EsH84GeQR2UjKJG
3W0WLz3gNfC+s0+ZnNkbnoBjZZMos6g8kEYcIGGFMW/JzhSaCnahtR3EroD2fAUe
VtlRWLhSYCekU1/r6697SQpMW1e/BuLdskdzEQkn4HTedqwgpxX4iTBvmcLUwqXW
s1JgPKHQMWnMOwz2jmeRECqheWRUcVPDvwskjWl0xQLFalGZzo5iBTUembpQ++PA
QN7LTAsoAbdfbGkQWl0jsOaovEoZIKkXcjc/lrbMMdI5oxejPqFnnb5DJrHuxBYp
ug+/xI0FEwfZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org