Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/jhqQ9vtgMN-C2Y8w0PhEoilYMD0.roa
File: jhqQ9vtgMN-C2Y8w0PhEoilYMD0.roa (raw, json)
Hash identifier: B/KoxdbOJPUzAG1+4mT7asyHVEPDZJy3Zc3oIDiWaZw=
Subject key identifier: 8E:1A:90:F6:FB:60:30:DF:82:D9:8F:30:D0:F8:44:A2:29:58:30:3D
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0189F8E3D77EC9916E590EB18CD3956C635B
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/jhqQ9vtgMN-C2Y8w0PhEoilYMD0.roa
Signing time: Tue 15 Aug 2023 11:10:28 +0000
ROA not before: Tue 15 Aug 2023 11:10:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 16 Aug 2023 08:35:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f8:e3:d7:7e:c9:91:6e:59:0e:b1:8c:d3:95:6c:63:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Aug 15 11:10:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e1a90f6fb6030df82d98f30d0f844a22958303d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:72:d5:c2:2a:65:d6:35:33:de:fe:4e:da:7b:
45:aa:c1:d1:8d:cc:5d:7b:c1:8c:85:b6:60:81:5e:
ae:e3:90:b4:b4:a6:7b:ba:b8:33:a6:be:26:0b:4f:
6b:61:e7:d8:86:ff:b8:58:74:6f:72:db:4e:bc:79:
ee:47:d4:a1:0d:a1:9e:34:8a:dc:9d:df:cc:2a:13:
40:52:21:eb:ec:8d:34:52:d7:95:fc:8e:42:26:72:
9e:65:70:75:fa:94:f1:06:08:bb:9f:46:45:2f:ca:
49:74:5d:01:7b:f7:59:7f:b7:45:fb:82:b8:ba:1c:
67:8d:c5:5c:da:29:a3:c6:99:40:44:82:41:31:75:
1b:fd:17:09:35:a5:d3:f6:fa:fd:4c:fc:ef:13:f2:
23:79:f7:a9:e4:f3:1a:61:1d:5c:3b:90:c9:da:37:
79:15:90:a4:fd:93:ce:4c:02:bd:bd:18:cb:a9:3a:
aa:8f:fc:25:38:47:bd:c3:02:f7:56:4c:44:af:98:
52:22:92:5c:57:6e:bf:0f:ea:ea:10:56:e9:76:e5:
3d:43:ba:fc:c3:5a:27:96:68:60:5b:af:1c:33:2e:
19:2a:63:76:67:81:67:a5:39:9b:62:ed:e7:2b:0b:
52:db:d6:c4:83:08:b8:ac:f1:31:24:4f:05:63:41:
f9:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:1A:90:F6:FB:60:30:DF:82:D9:8F:30:D0:F8:44:A2:29:58:30:3D
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/jhqQ9vtgMN-C2Y8w0PhEoilYMD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
61:53:52:54:65:32:6c:82:da:a4:bb:3d:37:b2:7d:ad:98:1f:
d9:48:f3:91:bc:ff:04:0d:1b:d4:cf:03:63:cf:11:bf:a0:5a:
61:f0:3a:6f:b4:ac:03:56:11:93:9f:6d:f0:66:30:c6:6b:03:
48:15:6e:c5:e0:34:52:5b:97:1f:7e:6e:d3:92:08:b7:c5:ae:
8c:24:8e:06:cc:db:bb:e6:98:91:11:e4:92:57:20:76:eb:e9:
ed:30:ca:c0:e0:d6:42:af:eb:48:b0:00:f8:5c:48:86:26:4f:
ef:a9:da:a4:23:d4:db:e6:1f:ba:0c:66:da:be:d2:47:a3:88:
47:4c:4a:7a:09:9d:c4:eb:19:05:7f:64:b6:fa:20:5b:aa:17:
54:69:cc:a0:a8:57:41:42:db:39:92:03:20:38:d4:bd:9d:cf:
23:5b:4b:2d:88:d6:f1:6d:2a:a3:29:2d:10:57:a9:29:a1:6d:
ce:e3:a6:f6:a3:b0:ca:a4:9e:5c:50:59:69:22:5a:6c:86:c3:
fe:87:1a:35:65:f7:eb:91:32:b6:de:94:be:77:50:71:26:53:
be:1b:03:f9:4d:d0:f9:df:cc:d1:49:58:b6:43:bf:98:d6:e4:
29:18:50:57:05:23:43:63:c6:99:c6:c9:99:cc:c4:14:08:f1:
79:6e:e9:5d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYn449d+yZFuWQ6xjNOVbGNbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwODE1MTExMDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTFhOTBmNmZiNjAzMGRmODJkOThmMzBkMGY4NDRhMjI5NTgzMDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHLVwipl1jUz3v5O2ntFqsHRjcxd
e8GMhbZggV6u45C0tKZ7urgzpr4mC09rYefYhv+4WHRvcttOvHnuR9ShDaGeNIrc
nd/MKhNAUiHr7I00UteV/I5CJnKeZXB1+pTxBgi7n0ZFL8pJdF0Be/dZf7dF+4K4
uhxnjcVc2imjxplARIJBMXUb/RcJNaXT9vr9TPzvE/Ijefep5PMaYR1cO5DJ2jd5
FZCk/ZPOTAK9vRjLqTqqj/wlOEe9wwL3VkxEr5hSIpJcV26/D+rqEFbpduU9Q7r8
w1onlmhgW68cMy4ZKmN2Z4FnpTmbYu3nKwtS29bEgwi4rPExJE8FY0H53QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI4akPb7YDDfgtmPMND4RKIpWDA9MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvamhxUTl2dGdNTi1DMlk4dzBQaEVvaWxZTUQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWbkAAwQC
bUh0MA0GCSqGSIb3DQEBCwUAA4IBAQBhU1JUZTJsgtqkuz03sn2tmB/ZSPORvP8E
DRvUzwNjzxG/oFph8DpvtKwDVhGTn23wZjDGawNIFW7F4DRSW5cffm7Tkgi3xa6M
JI4GzNu75piREeSSVyB26+ntMMrA4NZCr+tIsAD4XEiGJk/vqdqkI9Tb5h+6DGba
vtJHo4hHTEp6CZ3E6xkFf2S2+iBbqhdUacygqFdBQts5kgMgONS9nc8jW0stiNbx
bSqjKS0QV6kpoW3O46b2o7DKpJ5cUFlpIlpshsP+hxo1ZffrkTK23pS+d1BxJlO+
GwP5TdD538zRSVi2Q7+Y1uQpGFBXBSNDY8aZxsmZzMQUCPF5buld
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org