Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/iRBR3IgOpF7wn_KK9gfk-UNBJf8.roa
File: iRBR3IgOpF7wn_KK9gfk-UNBJf8.roa (raw, json)
Hash identifier: w5scC9ptkZYh9QgXmvPQk5hy94kxBreBGu0GGQu6mDc=
Subject key identifier: 89:10:51:DC:88:0E:A4:5E:F0:9F:F2:8A:F6:07:E4:F9:43:41:25:FF
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018ADAF422A8F1DD947A6299B740C5D12FC1
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/iRBR3IgOpF7wn_KK9gfk-UNBJf8.roa
Signing time: Thu 28 Sep 2023 08:42:27 +0000
ROA not before: Thu 28 Sep 2023 08:42:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 02 Oct 2023 08:17:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:da:f4:22:a8:f1:dd:94:7a:62:99:b7:40:c5:d1:2f:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Sep 28 08:42:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=891051dc880ea45ef09ff28af607e4f9434125ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:4d:a7:34:6c:92:0e:87:07:a6:0a:95:d4:2a:
95:34:f7:e2:6e:54:b9:21:e2:cd:41:c6:8f:4a:61:
2c:c9:f8:71:09:1f:bb:fb:d2:b9:7e:d2:48:0b:b2:
3f:76:08:61:20:c9:f5:ad:da:d0:ce:70:01:4b:12:
82:53:72:b8:48:1b:83:66:82:2c:ee:16:92:85:e6:
ea:3e:74:4a:57:d0:2a:b5:e8:e0:71:cd:31:9d:65:
15:b0:15:e7:72:79:e9:d4:6b:c6:fc:0a:93:21:2d:
24:49:25:d0:e0:7b:f0:79:fb:be:88:06:f3:84:31:
67:1b:00:b1:61:3d:76:2f:f4:34:6d:59:a0:5f:be:
28:99:25:23:7d:d7:bf:b9:97:95:ff:33:c6:60:ab:
be:f7:72:20:14:30:7e:9a:a8:e1:42:0d:f8:f3:ab:
d8:00:ff:a2:84:45:1e:a1:dc:a7:39:85:f9:25:e4:
20:eb:28:5f:89:bf:97:6d:63:33:b8:3a:70:9a:05:
bd:e6:b0:ce:64:55:35:83:21:9f:21:7d:c5:1a:5f:
b3:ec:fd:4e:44:f1:2b:54:95:d2:8d:7a:39:48:ca:
9b:ac:ac:61:d2:98:fe:76:32:4e:6f:d6:89:09:82:
38:72:fb:e7:b1:86:68:22:89:6c:7e:69:a4:14:71:
ae:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:10:51:DC:88:0E:A4:5E:F0:9F:F2:8A:F6:07:E4:F9:43:41:25:FF
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/iRBR3IgOpF7wn_KK9gfk-UNBJf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:91:64:3b:ea:44:61:7a:67:17:11:26:42:84:44:b9:37:bd:
e8:7b:d0:e8:31:d1:ba:28:69:54:aa:78:79:43:43:19:b1:07:
f0:7a:f0:9a:fc:5f:34:13:6c:0c:47:bb:af:e4:8f:01:32:46:
a4:9c:a1:fc:3f:e5:0d:fc:84:66:76:70:bd:83:f5:2f:c2:d9:
57:6f:4e:a0:57:0a:92:80:4a:73:3a:6b:db:d7:d5:3c:41:73:
ab:38:09:71:26:17:3b:7f:54:19:cf:96:93:7b:6b:9c:8b:65:
f2:78:31:b8:85:04:7d:04:bb:79:2d:1d:bc:c9:93:bd:8a:c2:
fb:1a:80:b7:5d:ec:ee:f8:fc:9f:ec:d5:6d:c4:ea:0d:4c:c9:
e0:35:a9:cb:8b:e1:50:d5:1b:a7:f9:3c:2b:9d:08:13:d7:a2:
dc:18:0d:ce:09:8d:b7:38:9e:c7:10:81:e8:d5:e1:94:ad:4a:
fa:dc:22:98:77:4b:2e:4f:4c:49:3c:a7:bf:53:86:77:b9:d7:
3b:34:8c:f4:fe:8e:b5:33:3b:c0:e2:52:25:10:63:f5:4e:3c:
8c:d4:7c:05:2e:f7:49:cc:03:ef:da:2d:13:90:8b:3f:21:1a:
95:05:c4:84:25:41:2f:b5:b3:38:c2:43:85:96:7e:67:16:c0:
25:3d:7e:bf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYra9CKo8d2UemKZt0DF0S/BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwOTI4MDg0MjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTEwNTFkYzg4MGVhNDVlZjA5ZmYyOGFmNjA3ZTRmOTQzNDEyNWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkU2nNGySDocHpgqV1CqVNPfiblS5
IeLNQcaPSmEsyfhxCR+7+9K5ftJIC7I/dghhIMn1rdrQznABSxKCU3K4SBuDZoIs
7haShebqPnRKV9Aqtejgcc0xnWUVsBXncnnp1GvG/AqTIS0kSSXQ4Hvwefu+iAbz
hDFnGwCxYT12L/Q0bVmgX74omSUjfde/uZeV/zPGYKu+93IgFDB+mqjhQg3486vY
AP+ihEUeodynOYX5JeQg6yhfib+XbWMzuDpwmgW95rDOZFU1gyGfIX3FGl+z7P1O
RPErVJXSjXo5SMqbrKxh0pj+djJOb9aJCYI4cvvnsYZoIolsfmmkFHGujwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIkQUdyIDqRe8J/yivYH5PlDQSX/MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvaVJCUjNJZ09wRjd3bl9LSzlnZmstVU5CSmY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWbkAAwQC
bUh0MA0GCSqGSIb3DQEBCwUAA4IBAQBNkWQ76kRhemcXESZChES5N73oe9DoMdG6
KGlUqnh5Q0MZsQfwevCa/F80E2wMR7uv5I8BMkaknKH8P+UN/IRmdnC9g/UvwtlX
b06gVwqSgEpzOmvb19U8QXOrOAlxJhc7f1QZz5aTe2uci2XyeDG4hQR9BLt5LR28
yZO9isL7GoC3Xezu+Pyf7NVtxOoNTMngNanLi+FQ1Run+TwrnQgT16LcGA3OCY23
OJ7HEIHo1eGUrUr63CKYd0suT0xJPKe/U4Z3udc7NIz0/o61MzvA4lIlEGP1TjyM
1HwFLvdJzAPv2i0TkIs/IRqVBcSEJUEvtbM4wkOFln5nFsAlPX6/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org