Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/hg7ZnZ1_Kjli0ggnS0kAcWO-T3k.roa
File: hg7ZnZ1_Kjli0ggnS0kAcWO-T3k.roa (raw, json)
Hash identifier: nrHANPKkPkkR8XJUP94IpedClX1rEAtm2gcapjCT18M=
Subject key identifier: 86:0E:D9:9D:9D:7F:2A:39:62:D2:08:27:4B:49:00:71:63:BE:4F:79
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018B3CED9B4CFF87B59E3EF1F21D83B8F563
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/hg7ZnZ1_Kjli0ggnS0kAcWO-T3k.roa
Signing time: Tue 17 Oct 2023 09:18:06 +0000
ROA not before: Tue 17 Oct 2023 09:18:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 81.22.135.0/24 maxlen: 24
109.72.120.0/24 maxlen: 24
109.72.127.0/24 maxlen: 24
89.185.1.0/24 maxlen: 24
89.185.3.0/24 maxlen: 24
81.22.128.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Oct 2023 11:02:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3c:ed:9b:4c:ff:87:b5:9e:3e:f1:f2:1d:83:b8:f5:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Oct 17 09:18:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=860ed99d9d7f2a3962d208274b49007163be4f79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f7:af:90:7b:26:cf:42:ee:b1:18:a8:a6:03:
e7:0f:02:63:31:46:4d:71:67:ae:f3:ad:e9:bb:66:
fe:98:d1:4e:79:0c:6a:ee:82:7f:57:a4:80:5b:07:
c8:a9:dd:66:dd:65:61:43:36:18:71:77:79:43:ee:
7e:b0:41:c4:27:82:50:1c:c9:5d:c3:32:51:0c:e7:
0e:41:0d:58:7a:25:7d:9d:0f:35:a0:13:ac:72:33:
13:ad:32:f0:55:b8:93:fc:25:14:8b:07:a6:76:6d:
67:95:58:6b:0d:31:ff:db:ad:dd:9c:aa:25:b8:4f:
65:8c:28:e0:29:68:3e:f7:31:98:b6:8d:e0:99:91:
7c:00:8e:92:26:c0:1c:dc:47:06:25:7c:b4:28:09:
0a:b7:cb:cc:61:f7:4d:f8:02:d2:cb:05:20:a6:ba:
ef:89:4f:8c:9d:34:86:1f:e8:62:90:e5:69:b0:cb:
92:07:20:23:7e:c2:d1:9a:8d:1b:7c:4a:0b:2d:1e:
3d:03:a9:47:0d:1d:e1:1d:27:80:75:f4:e7:8d:5d:
8d:19:9d:0b:a1:b8:59:4f:59:34:8a:2b:94:ba:f2:
b7:12:5a:4e:31:db:65:d9:c2:b1:86:1d:42:41:3d:
47:5d:b9:40:cf:25:3c:41:5d:96:67:0a:c5:db:46:
9a:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:0E:D9:9D:9D:7F:2A:39:62:D2:08:27:4B:49:00:71:63:BE:4F:79
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/hg7ZnZ1_Kjli0ggnS0kAcWO-T3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.128.0/24
81.22.135.0/24
89.185.1.0/24
89.185.3.0/24
109.72.120.0/24
109.72.127.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:32:57:72:d2:89:68:56:f0:01:ca:7a:85:e7:da:8f:52:fe:
94:4b:6d:08:04:e8:6f:50:ac:cb:d1:2a:83:bc:12:ab:82:b1:
d0:c0:b0:92:19:44:5b:c0:99:a7:e6:43:11:0b:3a:29:2f:f4:
23:81:3f:a7:25:d8:41:dc:fe:9e:2a:34:b2:5c:9e:a7:df:6a:
e5:3c:52:7b:b5:88:48:84:c1:c5:b7:86:3d:ca:a5:74:04:8f:
c7:b5:57:29:5c:9d:da:d8:d9:e9:06:30:83:40:bc:f4:80:ba:
2d:27:8d:7f:0e:34:54:1e:8d:e7:be:55:cf:42:16:7d:c2:cd:
01:c3:49:2e:71:dc:b6:5e:c8:be:3d:a4:e9:e8:be:b4:c1:fc:
4b:fb:e0:0e:6d:80:90:c8:df:55:98:f0:0c:3e:e6:ed:4b:ee:
d3:d4:22:8d:2b:8d:70:f9:5e:de:52:10:33:f7:14:24:38:67:
a6:05:2a:cc:2c:47:59:b5:f2:c8:ed:a9:b7:68:b3:67:8c:a4:
80:82:cc:40:96:3e:07:e4:ee:94:cd:f5:dc:94:1b:6b:41:3a:
82:1b:fe:2a:d9:15:4f:1d:41:b3:31:8c:d1:43:01:24:5f:d5:
87:b1:12:ee:2d:de:72:1f:67:c8:01:99:4a:69:10:e2:0b:bb:
e2:b3:c2:58
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYs87ZtM/4e1nj7x8h2DuPVjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMxMDE3MDkxODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjBlZDk5ZDlkN2YyYTM5NjJkMjA4Mjc0YjQ5MDA3MTYzYmU0Zjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPevkHsmz0LusRiopgPnDwJjMUZN
cWeu863pu2b+mNFOeQxq7oJ/V6SAWwfIqd1m3WVhQzYYcXd5Q+5+sEHEJ4JQHMld
wzJRDOcOQQ1YeiV9nQ81oBOscjMTrTLwVbiT/CUUiwemdm1nlVhrDTH/263dnKol
uE9ljCjgKWg+9zGYto3gmZF8AI6SJsAc3EcGJXy0KAkKt8vMYfdN+ALSywUgprrv
iU+MnTSGH+hikOVpsMuSByAjfsLRmo0bfEoLLR49A6lHDR3hHSeAdfTnjV2NGZ0L
obhZT1k0iiuUuvK3ElpOMdtl2cKxhh1CQT1HXblAzyU8QV2WZwrF20aaLwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIYO2Z2dfyo5YtIIJ0tJAHFjvk95MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvaGc3Wm5aMV9LamxpMGdnblMwa0FjV08tVDNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAURaAAwQA
URaHAwQAWbkBAwQAWbkDAwQAbUh4AwQAbUh/MA0GCSqGSIb3DQEBCwUAA4IBAQAK
Mldy0oloVvABynqF59qPUv6US20IBOhvUKzL0SqDvBKrgrHQwLCSGURbwJmn5kMR
CzopL/QjgT+nJdhB3P6eKjSyXJ6n32rlPFJ7tYhIhMHFt4Y9yqV0BI/HtVcpXJ3a
2NnpBjCDQLz0gLotJ41/DjRUHo3nvlXPQhZ9ws0Bw0kucdy2Xsi+PaTp6L60wfxL
++AObYCQyN9VmPAMPubtS+7T1CKNK41w+V7eUhAz9xQkOGemBSrMLEdZtfLI7am3
aLNnjKSAgsxAlj4H5O6UzfXclBtrQTqCG/4q2RVPHUGzMYzRQwEkX9WHsRLuLd5y
H2fIAZlKaRDiC7vis8JY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org