Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/jRFIx56EwlrulQkUShEL6NJCdC4.roa
File: jRFIx56EwlrulQkUShEL6NJCdC4.roa (raw, json)
Hash identifier: D8n3WiUrnus4oacAe2UrqJCJ0FB7v7cWPK1BsZgLk5I=
Subject key identifier: 8D:11:48:C7:9E:84:C2:5A:EE:95:09:14:4A:11:0B:E8:D2:42:74:2E
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0188A9EBA278FB4F4FB622D9094F3AB1EA66
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/jRFIx56EwlrulQkUShEL6NJCdC4.roa
Signing time: Sun 11 Jun 2023 10:06:12 +0000
ROA not before: Sun 11 Jun 2023 10:06:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 81.22.140.0/22 maxlen: 24
109.72.115.0/24 maxlen: 24
109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
81.22.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Jun 2023 10:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a9:eb:a2:78:fb:4f:4f:b6:22:d9:09:4f:3a:b1:ea:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jun 11 10:06:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d1148c79e84c25aee9509144a110be8d242742e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e4:3a:57:4d:9f:55:26:db:21:4f:54:25:7b:
42:ca:16:0d:09:bc:22:97:f6:47:03:10:8f:cc:80:
af:85:61:23:be:3d:35:73:86:77:32:72:ab:15:d1:
67:c0:90:06:4c:85:5d:3f:fb:89:bf:49:6b:ed:b1:
a4:1c:6f:22:f1:b3:50:fd:53:72:6c:7d:97:9b:67:
b5:ff:b2:07:bb:be:69:7b:06:f9:78:47:f6:f2:27:
12:88:2c:98:d8:b6:53:6f:cd:ad:f6:0f:25:85:e1:
1b:bb:bc:31:9b:82:3c:03:09:37:59:90:37:b8:cc:
71:ae:fc:c8:22:f5:fd:17:70:d1:e5:4f:17:c7:94:
6c:a9:3f:ef:17:bf:32:96:6b:33:1f:6f:66:20:70:
1d:17:29:42:89:38:8c:13:0c:63:03:31:27:54:38:
e6:1f:c3:b0:c6:19:c5:76:a0:46:99:2a:ea:e7:2c:
f6:55:15:90:0f:57:1c:c1:ed:64:c8:87:35:14:9b:
c0:82:be:5c:38:60:0b:66:b0:a4:58:8c:95:10:65:
97:87:74:86:67:3a:b4:bb:f0:16:10:3b:27:57:3e:
30:b7:f5:35:89:61:15:55:bd:30:db:1c:ed:9d:14:
89:14:47:64:e6:be:0d:fa:14:58:9e:cd:81:fe:f1:
4a:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:11:48:C7:9E:84:C2:5A:EE:95:09:14:4A:11:0B:E8:D2:42:74:2E
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/jRFIx56EwlrulQkUShEL6NJCdC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.129.0/24
81.22.140.0/22
89.185.0.0/22
109.72.115.0-109.72.119.255
Signature Algorithm: sha256WithRSAEncryption
04:af:d8:d7:a6:44:c7:6f:26:3d:d5:71:69:54:27:f0:90:34:
a9:32:db:83:62:81:1a:1f:80:4b:7e:74:b9:3c:f9:af:80:80:
90:94:5e:b5:df:a3:3f:af:54:03:39:c6:a2:ba:f3:98:1e:ff:
b9:54:7d:7d:44:29:17:e2:87:69:08:52:bf:d3:73:e0:38:1a:
1a:9d:af:a2:f6:87:80:7e:f5:c2:bc:bb:40:2a:5f:b0:3c:5c:
03:37:4b:99:8d:89:23:59:e0:bf:d2:3c:56:2b:5c:0d:87:57:
c2:09:66:79:0b:02:02:5c:40:81:6a:71:d1:34:b3:de:89:81:
2d:06:17:eb:26:32:7e:58:df:d6:ea:e6:f8:61:4a:98:52:f1:
b6:e2:aa:53:e3:f0:9b:a7:6b:97:ff:fd:ef:45:3c:de:be:11:
21:c7:e2:a4:9a:7c:33:94:ca:d0:a6:a2:ca:47:5f:e7:d7:72:
94:6e:a7:0e:1e:39:f0:cf:a0:1a:dd:71:89:03:90:9a:29:7d:
4b:97:97:34:1b:19:ce:c6:3c:4d:66:5c:c4:57:8f:a5:76:d1:
df:4d:0d:f6:5a:06:8c:16:0f:6c:fc:c0:a4:cd:f1:b9:33:9d:
0b:4f:67:4e:84:d5:5f:1c:0f:66:ba:bc:c1:3d:c6:8f:07:15:
e9:b2:ea:7b
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYip66J4+09PtiLZCU86sepmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwNjExMTAwNjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDExNDhjNzllODRjMjVhZWU5NTA5MTQ0YTExMGJlOGQyNDI3NDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmeQ6V02fVSbbIU9UJXtCyhYNCbwi
l/ZHAxCPzICvhWEjvj01c4Z3MnKrFdFnwJAGTIVdP/uJv0lr7bGkHG8i8bNQ/VNy
bH2Xm2e1/7IHu75pewb5eEf28icSiCyY2LZTb82t9g8lheEbu7wxm4I8Awk3WZA3
uMxxrvzIIvX9F3DR5U8Xx5RsqT/vF78ylmszH29mIHAdFylCiTiMEwxjAzEnVDjm
H8OwxhnFdqBGmSrq5yz2VRWQD1ccwe1kyIc1FJvAgr5cOGALZrCkWIyVEGWXh3SG
Zzq0u/AWEDsnVz4wt/U1iWEVVb0w2xztnRSJFEdk5r4N+hRYns2B/vFKNwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFI0RSMeehMJa7pUJFEoRC+jSQnQuMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvalJGSXg1NkV3bHJ1bFFrVVNoRUw2TkpDZEM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAURaBAwQC
URaMAwQCWbkAMAwDBABtSHMDBANtSHAwDQYJKoZIhvcNAQELBQADggEBAASv2Nem
RMdvJj3VcWlUJ/CQNKky24NigRofgEt+dLk8+a+AgJCUXrXfoz+vVAM5xqK685ge
/7lUfX1EKRfih2kIUr/Tc+A4Ghqdr6L2h4B+9cK8u0AqX7A8XAM3S5mNiSNZ4L/S
PFYrXA2HV8IJZnkLAgJcQIFqcdE0s96JgS0GF+smMn5Y39bq5vhhSphS8bbiqlPj
8Juna5f//e9FPN6+ESHH4qSafDOUytCmospHX+fXcpRupw4eOfDPoBrdcYkDkJop
fUuXlzQbGc7GPE1mXMRXj6V20d9NDfZaBowWD2z8wKTN8bkznQtPZ06E1V8cD2a6
vME9xo8HFemy6ns=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org