Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/glQ9uwgC77uDVJCR7Re_1FiqJRw.roa
File: glQ9uwgC77uDVJCR7Re_1FiqJRw.roa (raw, json)
Hash identifier: 04HEjd9hm4pcDTIxX1lpjN/wcYKqeAIaVvAWhsLGjns=
Subject key identifier: 82:54:3D:BB:08:02:EF:BB:83:54:90:91:ED:17:BF:D4:58:AA:25:1C
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018B8BC6622FEBD7298FBB414F229F1BE1B0
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/glQ9uwgC77uDVJCR7Re_1FiqJRw.roa
Signing time: Wed 01 Nov 2023 16:45:16 +0000
ROA not before: Wed 01 Nov 2023 16:45:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21859
IP address blocks: 89.185.24.0/22 maxlen: 24
81.22.140.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Dec 2023 08:21:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8b:c6:62:2f:eb:d7:29:8f:bb:41:4f:22:9f:1b:e1:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Nov 1 16:45:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=82543dbb0802efbb83549091ed17bfd458aa251c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4a:ee:29:f6:1f:ab:fd:74:b9:ed:9b:69:93:
d3:42:0d:39:b3:73:c3:c0:5b:45:df:85:b4:ec:44:
1a:8d:22:eb:10:53:86:b0:f6:cd:63:56:f5:da:bc:
7d:99:d0:8c:bb:cd:25:51:54:2c:52:b8:bd:17:fe:
e5:1d:3a:c6:17:ee:29:a7:41:fc:5e:23:45:81:41:
f9:18:e6:46:67:e4:22:00:00:b5:b8:50:14:fa:80:
84:72:8f:9d:ae:41:bb:7e:ef:93:06:83:c3:46:69:
e5:ca:93:57:82:4c:b9:f6:9a:0e:1e:6a:5e:75:a1:
7a:7c:9e:41:7b:18:cb:a1:a5:91:68:cd:96:98:cf:
07:f6:68:52:10:c8:0a:3d:95:4b:b6:cf:70:92:5f:
45:f5:21:08:6e:65:ec:09:36:b6:85:36:d1:0e:6c:
d0:d9:aa:44:1f:f0:23:dd:cb:1d:d7:be:3d:b7:87:
43:d6:ff:83:42:46:3e:2e:12:03:e5:42:ae:d6:bc:
05:12:02:09:30:7d:47:e3:d4:cf:33:15:1a:48:c1:
e0:f0:36:ad:13:6b:96:2a:b2:a1:66:ae:2f:39:b7:
fd:12:4a:5b:dc:52:b8:49:2c:a7:ea:ff:ec:31:43:
fa:9e:ff:a3:de:db:6f:72:41:39:05:56:b1:82:f5:
96:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:54:3D:BB:08:02:EF:BB:83:54:90:91:ED:17:BF:D4:58:AA:25:1C
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/glQ9uwgC77uDVJCR7Re_1FiqJRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.140.0/22
89.185.24.0/22
Signature Algorithm: sha256WithRSAEncryption
06:a1:22:a5:04:a9:78:98:49:f6:02:a8:6b:9d:d0:b9:dc:01:
fc:d0:76:a1:31:82:54:b3:6c:2c:d1:1e:04:40:dc:a8:a8:50:
ab:d5:e2:ea:f8:95:b8:3b:17:d5:15:4b:cf:5d:73:07:b6:ff:
59:72:2d:3f:52:01:7e:00:62:34:dd:f9:0f:c2:2b:8e:f5:e9:
5b:bf:88:ea:94:61:3f:c7:b5:cf:4b:fd:86:0b:b1:3b:70:3d:
d6:00:90:62:68:81:23:bc:f1:34:4f:f6:ee:c6:fc:7d:50:2c:
43:a2:3a:d9:52:ce:cc:9b:e0:49:7c:a0:17:47:1d:cf:86:e1:
07:6b:90:ab:b1:f4:9f:a5:9c:ad:f7:e7:4e:e6:59:44:da:5d:
b0:31:17:67:0b:00:6b:a3:c0:86:0b:3c:8d:93:35:e0:f9:53:
49:11:2e:f6:41:7d:d7:95:80:b5:5b:5b:5a:16:cb:d1:51:ee:
f1:ee:a9:58:f4:bf:c0:33:e2:d1:c8:27:10:7d:1b:a3:f4:c0:
68:bb:4c:cf:44:c0:7b:e2:23:6c:b5:70:35:3f:a0:aa:95:d3:
4e:25:3e:4c:45:85:3f:7e:79:d1:10:19:56:89:ff:a3:1d:00:
e5:f7:a6:b1:df:2f:a1:61:e0:9a:04:e3:f5:90:52:b5:05:c0:
9a:34:4f:b0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYuLxmIv69cpj7tBTyKfG+GwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMxMTAxMTY0NTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjU0M2RiYjA4MDJlZmJiODM1NDkwOTFlZDE3YmZkNDU4YWEyNTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkruKfYfq/10ue2baZPTQg05s3PD
wFtF34W07EQajSLrEFOGsPbNY1b12rx9mdCMu80lUVQsUri9F/7lHTrGF+4pp0H8
XiNFgUH5GOZGZ+QiAAC1uFAU+oCEco+drkG7fu+TBoPDRmnlypNXgky59poOHmpe
daF6fJ5BexjLoaWRaM2WmM8H9mhSEMgKPZVLts9wkl9F9SEIbmXsCTa2hTbRDmzQ
2apEH/Aj3csd1749t4dD1v+DQkY+LhID5UKu1rwFEgIJMH1H49TPMxUaSMHg8Dat
E2uWKrKhZq4vObf9Ekpb3FK4SSyn6v/sMUP6nv+j3ttvckE5BVaxgvWWIwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIJUPbsIAu+7g1SQke0Xv9RYqiUcMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvZ2xROXV3Z0M3N3VEVkpDUjdSZV8xRmlxSlJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCURaMAwQC
WbkYMA0GCSqGSIb3DQEBCwUAA4IBAQAGoSKlBKl4mEn2AqhrndC53AH80HahMYJU
s2ws0R4EQNyoqFCr1eLq+JW4OxfVFUvPXXMHtv9Zci0/UgF+AGI03fkPwiuO9elb
v4jqlGE/x7XPS/2GC7E7cD3WAJBiaIEjvPE0T/buxvx9UCxDojrZUs7Mm+BJfKAX
Rx3PhuEHa5CrsfSfpZyt9+dO5llE2l2wMRdnCwBro8CGCzyNkzXg+VNJES72QX3X
lYC1W1taFsvRUe7x7qlY9L/AM+LRyCcQfRuj9MBou0zPRMB74iNstXA1P6CqldNO
JT5MRYU/fnnREBlWif+jHQDl96ax3y+hYeCaBOP1kFK1BcCaNE+w
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org