Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/f7qeaNI2odxDA6jo4X5QxVbsz3c.roa
File: f7qeaNI2odxDA6jo4X5QxVbsz3c.roa (raw, json)
Hash identifier: RwpsNXI3w257wK6Mrkp+gGckM2RAQUZpbRPHjLJKVN4=
Subject key identifier: 7F:BA:9E:68:D2:36:A1:DC:43:03:A8:E8:E1:7E:50:C5:56:EC:CF:77
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018E1075855E720B15107D7A68F0F4846B89
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/f7qeaNI2odxDA6jo4X5QxVbsz3c.roa
Signing time: Tue 05 Mar 2024 21:12:01 +0000
ROA not before: Tue 05 Mar 2024 21:12:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.128.0/24 maxlen: 24
81.22.136.0/22 maxlen: 23
81.22.137.0/24 maxlen: 24
81.22.140.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
109.72.116.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Mar 2024 21:20:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:10:75:85:5e:72:0b:15:10:7d:7a:68:f0:f4:84:6b:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Mar 5 21:12:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7fba9e68d236a1dc4303a8e8e17e50c556eccf77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ba:22:b1:2b:c4:e3:77:97:65:9e:c4:07:73:
b9:9e:d6:e3:af:6e:8c:6d:7d:3a:60:3c:16:2d:45:
c5:93:dc:13:53:41:f4:2a:4b:9d:3d:84:5b:c5:8e:
de:2b:92:bd:7e:55:f9:0a:f4:f5:2c:3d:a1:c5:ff:
ca:60:69:cc:0a:c0:89:40:95:af:a3:c2:67:5b:86:
a2:aa:5e:c1:b6:0f:48:97:02:12:fa:07:dc:ea:3e:
ce:fd:10:8d:7b:41:ba:ce:4b:fe:a7:4b:e6:28:e4:
4a:16:27:c1:98:22:5f:71:ee:ab:ae:5d:02:71:4d:
24:54:31:34:6d:56:3a:64:28:02:58:35:9e:49:9a:
a0:e2:67:52:4c:d0:cb:0a:e3:20:bc:4e:83:d5:04:
ea:9a:03:43:97:1b:5d:ad:1d:17:e9:fe:05:4e:97:
bc:84:ed:88:3f:86:f5:dc:19:f5:08:90:42:ff:21:
82:3d:58:76:d1:1a:aa:bc:dd:4a:73:cc:c8:7a:05:
71:31:7c:07:b6:dc:17:ad:31:9d:24:61:e9:d0:0c:
17:f4:f5:81:22:03:53:5c:76:5d:60:fb:34:65:b6:
de:8d:88:68:68:ce:29:cb:c4:29:e4:d9:f4:83:65:
70:0c:f1:e2:cc:00:7c:48:fd:8c:75:19:da:30:15:
20:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:BA:9E:68:D2:36:A1:DC:43:03:A8:E8:E1:7E:50:C5:56:EC:CF:77
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/f7qeaNI2odxDA6jo4X5QxVbsz3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.128.0/24
81.22.136.0/21
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
24:0d:79:f4:d6:d1:f6:89:16:cb:1e:12:e1:57:30:b6:a0:34:
6b:81:35:b4:de:7b:f2:29:2a:fa:b8:f2:e6:b0:cc:55:12:b4:
29:06:f5:73:32:3c:f3:e4:00:ad:07:76:f3:8f:c3:61:2d:6b:
29:c5:18:96:26:9b:4a:00:7a:db:b0:e9:a2:b7:1f:35:db:c0:
9e:d7:46:97:4c:dd:54:d9:69:39:13:f5:4b:09:b0:23:f1:a8:
73:b2:fe:ed:5e:15:6b:b4:01:bd:f6:6c:b6:98:46:e6:0b:87:
75:fe:6f:68:e0:da:db:46:00:41:3e:a1:e3:12:d5:a3:6f:29:
bd:6c:49:de:6f:b1:0c:97:c1:59:e9:70:26:82:53:0f:08:11:
dc:5a:ea:dc:ec:dc:c6:43:42:9e:ce:cd:39:f7:d5:80:ff:1c:
de:9e:04:01:f2:1c:52:ec:cb:71:8e:16:71:bf:c3:b1:68:53:
dc:a1:54:90:34:5b:43:5c:28:0c:62:95:76:92:5e:03:bb:34:
68:1a:8c:88:47:74:0a:94:bc:6b:2f:86:7f:fd:29:f9:6d:0f:
ef:2a:b0:92:ff:20:b3:3d:53:3b:28:c6:44:ba:9b:8b:79:ed:
a7:13:b4:c0:48:be:a2:ea:09:01:66:86:e6:d7:fa:fe:10:01:
45:75:9f:16
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY4QdYVecgsVEH16aPD0hGuJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMzA1MjExMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmJhOWU2OGQyMzZhMWRjNDMwM2E4ZThlMTdlNTBjNTU2ZWNjZjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7oisSvE43eXZZ7EB3O5ntbjr26M
bX06YDwWLUXFk9wTU0H0KkudPYRbxY7eK5K9flX5CvT1LD2hxf/KYGnMCsCJQJWv
o8JnW4aiql7Btg9IlwIS+gfc6j7O/RCNe0G6zkv+p0vmKORKFifBmCJfce6rrl0C
cU0kVDE0bVY6ZCgCWDWeSZqg4mdSTNDLCuMgvE6D1QTqmgNDlxtdrR0X6f4FTpe8
hO2IP4b13Bn1CJBC/yGCPVh20RqqvN1Kc8zIegVxMXwHttwXrTGdJGHp0AwX9PWB
IgNTXHZdYPs0ZbbejYhoaM4py8Qp5Nn0g2VwDPHizAB8SP2MdRnaMBUgvwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFH+6nmjSNqHcQwOo6OF+UMVW7M93MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvZjdxZWFOSTJvZHhEQTZqbzRYNVF4VmJzejNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAURaAAwQD
URaIAwQCWbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQAkDXn01tH2iRbLHhLh
VzC2oDRrgTW03nvyKSr6uPLmsMxVErQpBvVzMjzz5ACtB3bzj8NhLWspxRiWJptK
AHrbsOmitx8128Ce10aXTN1U2Wk5E/VLCbAj8ahzsv7tXhVrtAG99my2mEbmC4d1
/m9o4NrbRgBBPqHjEtWjbym9bEneb7EMl8FZ6XAmglMPCBHcWurc7NzGQ0Kezs05
99WA/xzengQB8hxS7MtxjhZxv8OxaFPcoVSQNFtDXCgMYpV2kl4DuzRoGoyIR3QK
lLxrL4Z//Sn5bQ/vKrCS/yCzPVM7KMZEupuLee2nE7TASL6i6gkBZobm1/r+EAFF
dZ8W
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org