Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/idDdPNY2O02MCekrjgVYGo9uojA.roa
File: idDdPNY2O02MCekrjgVYGo9uojA.roa (raw, json)
Hash identifier: oLWW4RUB/im3l76CySqQ+4b7EPdQ/Ojxk9vrwBmDhS4=
Subject key identifier: 89:D0:DD:3C:D6:36:3B:4D:8C:09:E9:2B:8E:05:58:1A:8F:6E:A2:30
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0192960CC3CC55846C2D2A90B655FEEA64EA
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/idDdPNY2O02MCekrjgVYGo9uojA.roa
Signing time: Wed 16 Oct 2024 15:57:51 +0000
ROA not before: Wed 16 Oct 2024 15:57:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 23
81.22.140.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
109.72.116.0/22 maxlen: 24
109.72.124.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 17 Oct 2024 19:02:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:96:0c:c3:cc:55:84:6c:2d:2a:90:b6:55:fe:ea:64:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Oct 16 15:57:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89d0dd3cd6363b4d8c09e92b8e05581a8f6ea230
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:61:39:82:0a:18:71:97:68:e2:73:a0:14:ef:
c4:63:48:f9:26:6f:49:a6:ff:70:89:d4:9c:ea:67:
87:f6:58:61:6c:59:fc:93:e0:cd:7d:f9:dd:16:3a:
c2:3b:f2:17:3c:49:04:44:d0:4e:47:fd:87:68:62:
51:03:f2:8f:39:c5:6c:d2:de:87:05:a8:1c:98:6b:
8a:f0:3c:18:65:3f:dd:4f:16:91:75:cf:53:76:9a:
fb:6e:aa:f5:20:2e:83:bf:c2:d2:87:46:a4:3d:2e:
59:e2:20:69:f1:82:2f:75:11:30:6d:d5:6f:04:fa:
fe:79:ae:fb:0a:d6:5f:df:d0:71:87:4d:7f:a9:d9:
e5:43:3c:1b:7e:6c:ac:d7:85:c0:18:be:b0:36:4b:
82:05:f2:6b:ee:16:db:1a:5c:4f:25:b3:ab:e0:27:
4c:89:af:ed:9a:41:de:40:7b:ae:29:2c:fc:b5:c3:
8e:2c:f2:50:d3:ea:98:26:a4:9e:24:65:61:d9:49:
de:fa:a6:d1:f0:e5:e2:0e:03:c2:c6:da:e4:ce:e8:
a8:49:53:60:5a:15:ea:af:02:94:86:89:f0:2f:ea:
2e:0b:5b:ed:a3:06:36:f2:62:ab:a7:10:21:e7:3e:
75:5d:91:a2:4e:1c:6a:e0:f6:17:91:ec:5c:ee:09:
e7:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:D0:DD:3C:D6:36:3B:4D:8C:09:E9:2B:8E:05:58:1A:8F:6E:A2:30
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/idDdPNY2O02MCekrjgVYGo9uojA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
109.72.116.0/22
109.72.124.0/24
Signature Algorithm: sha256WithRSAEncryption
11:0a:3f:70:7d:78:6c:8e:51:3a:8a:ac:32:5a:da:7b:91:6c:
74:3c:2e:1f:e8:b9:33:5a:73:c0:3e:20:11:83:87:48:47:9b:
e0:71:e1:9e:00:55:d1:2a:f4:c7:a2:d4:3a:51:14:53:ba:72:
a1:7a:e5:5d:73:5e:e7:7d:bb:91:45:a2:6a:23:47:3b:18:29:
72:93:b4:0a:e0:10:4d:86:ad:85:96:73:ba:0d:82:96:c1:0e:
a9:70:63:47:fe:d8:45:73:75:4e:cd:1b:84:c6:79:22:38:e8:
d4:74:01:96:ed:ec:2d:2d:11:80:6a:4e:b1:0b:53:ce:3f:a7:
71:8c:02:e5:63:61:b5:3d:46:de:52:0b:3e:16:bd:a1:ac:6a:
01:b8:16:b4:a7:10:2e:cd:fe:3b:80:94:8c:cc:8c:4f:44:ac:
9d:2b:96:03:a7:ce:a2:80:f9:82:39:d5:84:18:51:47:3b:0f:
66:48:04:2d:37:cc:a4:42:0c:97:77:2d:2f:e0:d2:1b:a7:cd:
06:81:52:4e:b7:78:8b:86:48:f6:5c:b9:83:15:c8:51:c6:17:
b5:31:27:3b:d7:68:75:8e:07:4d:84:d2:45:28:e1:af:f2:29:
3d:d5:46:9d:0d:21:c6:29:93:0d:ea:98:30:51:3b:5a:52:59:
ce:83:fd:53
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZKWDMPMVYRsLSqQtlX+6mTqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQxMDE2MTU1NzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWQwZGQzY2Q2MzYzYjRkOGMwOWU5MmI4ZTA1NTgxYThmNmVhMjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWE5ggoYcZdo4nOgFO/EY0j5Jm9J
pv9widSc6meH9lhhbFn8k+DNffndFjrCO/IXPEkERNBOR/2HaGJRA/KPOcVs0t6H
BagcmGuK8DwYZT/dTxaRdc9Tdpr7bqr1IC6Dv8LSh0akPS5Z4iBp8YIvdREwbdVv
BPr+ea77CtZf39Bxh01/qdnlQzwbfmys14XAGL6wNkuCBfJr7hbbGlxPJbOr4CdM
ia/tmkHeQHuuKSz8tcOOLPJQ0+qYJqSeJGVh2Une+qbR8OXiDgPCxtrkzuioSVNg
WhXqrwKUhonwL+ouC1vtowY28mKrpxAh5z51XZGiThxq4PYXkexc7gnnwQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFInQ3TzWNjtNjAnpK44FWBqPbqIwMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvaWREZFBOWTJPMDJNQ2VrcmpnVllHbzl1b2pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDURaIAwQC
WbkAAwQCbUh0AwQAbUh8MA0GCSqGSIb3DQEBCwUAA4IBAQARCj9wfXhsjlE6iqwy
Wtp7kWx0PC4f6LkzWnPAPiARg4dIR5vgceGeAFXRKvTHotQ6URRTunKheuVdc17n
fbuRRaJqI0c7GClyk7QK4BBNhq2FlnO6DYKWwQ6pcGNH/thFc3VOzRuExnkiOOjU
dAGW7ewtLRGAak6xC1POP6dxjALlY2G1PUbeUgs+Fr2hrGoBuBa0pxAuzf47gJSM
zIxPRKydK5YDp86igPmCOdWEGFFHOw9mSAQtN8ykQgyXdy0v4NIbp80GgVJOt3iL
hkj2XLmDFchRxhe1MSc712h1jgdNhNJFKOGv8ik91UadDSHGKZMN6pgwUTtaUlnO
g/1T
-----END CERTIFICATE-----
Generated at Thu Oct 17 21:33:10 2024 by rpki-client on console-fra.rpki-client.org