Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/gzCsNJdswj75omwye1ux7emIiCs.roa
File: gzCsNJdswj75omwye1ux7emIiCs.roa (raw, json)
Hash identifier: NpNvZ/Z5QaxnSY3ASL9u8tyem6M12LKh2+VAhlGlAUQ=
Subject key identifier: 83:30:AC:34:97:6C:C2:3E:F9:A2:6C:32:7B:5B:B1:ED:E9:88:88:2B
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018CE8A47465407729520CB240AFBBB4166E
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/gzCsNJdswj75omwye1ux7emIiCs.roa
Signing time: Mon 08 Jan 2024 10:35:40 +0000
ROA not before: Mon 08 Jan 2024 10:35:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 24
81.22.136.0/24 maxlen: 24
81.22.140.0/22 maxlen: 24
81.22.140.0/24 maxlen: 24
109.72.116.0/22 maxlen: 24
109.72.123.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 09 Jan 2024 10:57:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e8:a4:74:65:40:77:29:52:0c:b2:40:af:bb:b4:16:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 8 10:35:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8330ac34976cc23ef9a26c327b5bb1ede988882b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0e:c1:fc:82:75:0d:e6:32:8f:da:dc:9f:04:
b4:3e:f3:5f:c3:1b:fd:23:58:ab:d8:70:85:91:6e:
3d:27:bd:10:0b:ad:13:7e:8e:53:a4:9f:d7:9a:4e:
19:57:13:bb:b9:7c:81:9f:e1:ce:d5:31:ce:a9:3b:
39:8d:53:ff:4d:32:3b:cd:69:75:75:ea:96:b3:ec:
4f:f1:cf:15:4f:64:97:30:ff:25:61:8c:f1:8a:d4:
c0:c3:64:c3:1d:85:4b:8c:d6:10:9f:95:ec:1c:9b:
20:93:a0:1f:3c:f1:ec:1f:6f:dc:0c:ea:7d:4a:ca:
c1:67:e7:5b:9c:21:f0:2d:47:9b:9a:ea:16:0a:50:
1e:b0:d9:1e:1a:8a:0f:9b:e1:1d:3b:f7:36:c9:67:
0f:29:40:ac:f1:37:ca:4e:e7:bb:29:e1:17:19:ec:
19:e6:ab:5b:fb:85:d5:24:80:e9:ff:9b:3c:df:fc:
0c:18:7c:8b:21:e7:37:33:14:e3:9c:22:82:51:aa:
f3:61:06:6f:53:65:6b:94:9d:37:ae:c7:45:4c:ed:
3c:21:b0:8b:1f:a1:5c:8c:47:3e:3b:f8:4a:5d:d3:
2f:d2:e6:5e:d1:fd:a8:4c:b8:57:69:1f:cc:1e:98:
90:39:8f:c5:da:26:cb:36:d0:a3:35:32:c2:ee:1d:
c2:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:30:AC:34:97:6C:C2:3E:F9:A2:6C:32:7B:5B:B1:ED:E9:88:88:2B
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/gzCsNJdswj75omwye1ux7emIiCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
109.72.116.0/22
109.72.123.0/24
Signature Algorithm: sha256WithRSAEncryption
25:51:ee:c7:f0:d5:b0:9d:74:4e:2f:90:0b:f5:1c:4b:1c:17:
4d:cf:2e:58:71:f8:60:fa:30:b4:d8:fd:0e:a6:9a:f7:4a:38:
92:46:e3:49:1b:e1:66:c4:7b:c2:fa:2b:10:31:38:7f:da:aa:
fc:98:05:a8:1e:46:12:41:ef:6c:c1:f7:33:4f:4e:14:f4:03:
a9:61:9f:0a:46:ba:0d:50:80:77:23:4b:8b:4a:33:32:5c:11:
d3:14:95:63:8f:49:da:39:bd:ba:8e:40:d2:2b:a6:fb:8e:4b:
46:84:77:5e:f8:cc:4b:67:a0:15:95:6a:a6:b7:f1:bd:6d:b3:
25:13:2f:7a:54:45:4d:d3:4e:c7:9d:79:8f:ed:43:6a:af:e5:
d1:87:85:a2:36:8b:12:9c:bb:d0:53:01:f8:cd:b7:5d:3a:ce:
3c:f6:d5:75:e5:50:d5:41:63:ad:ff:43:a5:52:21:31:11:b7:
b0:9d:f6:b1:72:e1:52:3d:9c:b8:ff:72:76:78:a0:0f:7e:b9:
b8:df:32:56:11:b7:53:b9:85:1a:52:86:a2:dc:5b:46:ad:7b:
44:07:03:22:2c:8c:c5:70:6d:cf:09:6c:19:9b:99:15:bd:ae:
52:83:55:d4:57:64:d1:25:09:6e:b6:dc:f9:9c:68:3e:bd:48:
14:6c:33:a2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzopHRlQHcpUgyyQK+7tBZuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMTA4MTAzNTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzMwYWMzNDk3NmNjMjNlZjlhMjZjMzI3YjViYjFlZGU5ODg4ODJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqA7B/IJ1DeYyj9rcnwS0PvNfwxv9
I1ir2HCFkW49J70QC60Tfo5TpJ/Xmk4ZVxO7uXyBn+HO1THOqTs5jVP/TTI7zWl1
deqWs+xP8c8VT2SXMP8lYYzxitTAw2TDHYVLjNYQn5XsHJsgk6AfPPHsH2/cDOp9
SsrBZ+dbnCHwLUebmuoWClAesNkeGooPm+EdO/c2yWcPKUCs8TfKTue7KeEXGewZ
5qtb+4XVJIDp/5s83/wMGHyLIec3MxTjnCKCUarzYQZvU2VrlJ03rsdFTO08IbCL
H6FcjEc+O/hKXdMv0uZe0f2oTLhXaR/MHpiQOY/F2ibLNtCjNTLC7h3CDwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIMwrDSXbMI++aJsMntbse3piIgrMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvZ3pDc05KZHN3ajc1b213eWUxdXg3ZW1JaUNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDURaIAwQC
WbkAAwQCbUh0AwQAbUh7MA0GCSqGSIb3DQEBCwUAA4IBAQAlUe7H8NWwnXROL5AL
9RxLHBdNzy5Ycfhg+jC02P0Oppr3SjiSRuNJG+FmxHvC+isQMTh/2qr8mAWoHkYS
Qe9swfczT04U9AOpYZ8KRroNUIB3I0uLSjMyXBHTFJVjj0naOb26jkDSK6b7jktG
hHde+MxLZ6AVlWqmt/G9bbMlEy96VEVN007HnXmP7UNqr+XRh4WiNosSnLvQUwH4
zbddOs489tV15VDVQWOt/0OlUiExEbewnfaxcuFSPZy4/3J2eKAPfrm43zJWEbdT
uYUaUoai3FtGrXtEBwMiLIzFcG3PCWwZm5kVva5Sg1XUV2TRJQluttz5nGg+vUgU
bDOi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org