Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/k2jfLSHpBG3TiEK_qaA5KRE7ttw.roa
File: k2jfLSHpBG3TiEK_qaA5KRE7ttw.roa (raw, json)
Hash identifier: VWpDk72+W+r7o7MbpjnUzkJjhtzav2YUK3XTAYAG3sY=
Subject key identifier: 93:68:DF:2D:21:E9:04:6D:D3:88:42:BF:A9:A0:39:29:11:3B:B6:DC
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018BFB7AF674EE34D32C54362AEBBC617EAA
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/k2jfLSHpBG3TiEK_qaA5KRE7ttw.roa
Signing time: Thu 23 Nov 2023 09:20:21 +0000
ROA not before: Thu 23 Nov 2023 09:20:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 01 Dec 2023 08:21:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fb:7a:f6:74:ee:34:d3:2c:54:36:2a:eb:bc:61:7e:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Nov 23 09:20:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9368df2d21e9046dd38842bfa9a03929113bb6dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ee:5b:a3:b2:aa:18:7e:ac:47:62:4a:0a:8b:
f3:33:ff:a7:a3:ce:5a:d0:f6:25:69:2a:86:ab:3d:
ac:4c:b9:53:4f:1f:4e:e4:76:4e:75:51:27:73:f4:
3d:d2:f3:20:6b:3e:ba:19:06:9d:b9:53:0f:78:ff:
44:79:16:38:ce:09:01:73:c6:44:8c:6e:dc:f2:9c:
ff:1f:a7:8a:cf:12:3a:c6:80:38:cf:40:85:79:bc:
54:26:ff:9f:e9:32:c8:0c:58:8d:77:2c:39:0c:25:
b4:40:02:f5:c7:cc:ac:41:bc:94:62:1b:eb:b8:60:
04:ed:32:da:1f:12:73:fa:38:90:5d:2b:7f:65:81:
ab:de:5f:71:c9:84:9b:85:3b:da:5f:7d:5d:ed:f0:
8d:42:30:98:dd:2b:e8:0a:38:b3:c1:23:b3:88:8a:
dd:81:d0:6d:ea:17:e4:8e:cf:ae:0a:eb:45:94:6e:
c5:9a:7c:27:d2:fc:29:12:7c:44:ac:2a:8d:17:a3:
f4:83:58:5f:24:e6:f6:0d:38:07:44:e6:6c:4d:26:
8f:32:b6:98:f5:67:0b:3f:50:da:b4:c7:58:33:29:
9a:d3:92:ec:ef:92:4d:1d:9b:ad:fb:a0:43:ff:64:
1f:ea:c6:fc:27:9b:fc:d8:78:9a:d2:b2:30:69:77:
8a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:68:DF:2D:21:E9:04:6D:D3:88:42:BF:A9:A0:39:29:11:3B:B6:DC
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/k2jfLSHpBG3TiEK_qaA5KRE7ttw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
52:78:39:50:dc:8b:4b:21:17:e6:4e:52:38:8f:3a:db:9c:ad:
67:7f:92:e0:68:9a:23:2d:8c:04:2d:24:8d:fd:05:06:8a:f7:
1d:e6:bf:f4:36:bc:02:5a:3b:d9:0d:fb:6c:b9:8c:ce:b5:bf:
83:98:06:1c:23:05:ed:cd:40:9d:80:41:5b:c1:b4:4b:0e:68:
49:90:6b:10:44:45:1f:cb:13:2f:2b:b6:c6:47:8a:87:44:2b:
75:0c:bb:50:e1:14:91:95:55:95:c6:9e:fc:39:2b:a2:a9:f1:
2a:30:7a:3a:6a:73:b6:39:69:03:18:87:0f:c6:a8:e8:59:13:
ee:50:f7:19:89:9f:17:b6:a7:92:c1:fb:be:bc:c0:6d:7d:e5:
a7:f5:2c:39:a9:89:63:ea:c0:fe:5e:b6:5b:39:50:f8:c3:aa:
a7:ab:ed:ba:bf:42:59:b9:a0:0d:96:bd:47:a9:28:13:9e:c1:
ce:2a:94:d9:2f:9d:77:17:1f:e6:82:6b:59:55:80:34:82:c7:
11:e1:a2:98:e9:3c:d1:9f:2a:83:96:ef:5e:c9:94:d3:ed:10:
d1:ea:95:d1:48:67:ca:e1:b8:ad:86:50:b9:b4:22:72:8c:e8:
ea:c2:1d:5f:22:4a:f9:7e:50:9f:c4:6e:0c:b1:3a:31:6f:72:
9f:e6:ce:39
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYv7evZ07jTTLFQ2Kuu8YX6qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMxMTIzMDkyMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzY4ZGYyZDIxZTkwNDZkZDM4ODQyYmZhOWEwMzkyOTExM2JiNmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+5bo7KqGH6sR2JKCovzM/+no85a
0PYlaSqGqz2sTLlTTx9O5HZOdVEnc/Q90vMgaz66GQaduVMPeP9EeRY4zgkBc8ZE
jG7c8pz/H6eKzxI6xoA4z0CFebxUJv+f6TLIDFiNdyw5DCW0QAL1x8ysQbyUYhvr
uGAE7TLaHxJz+jiQXSt/ZYGr3l9xyYSbhTvaX31d7fCNQjCY3SvoCjizwSOziIrd
gdBt6hfkjs+uCutFlG7Fmnwn0vwpEnxErCqNF6P0g1hfJOb2DTgHROZsTSaPMraY
9WcLP1DatMdYMyma05Ls75JNHZut+6BD/2Qf6sb8J5v82Hia0rIwaXeK4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJNo3y0h6QRt04hCv6mgOSkRO7bcMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvazJqZkxTSHBCRzNUaUVLX3FhQTVLUkU3dHR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWbkAAwQC
bUh0MA0GCSqGSIb3DQEBCwUAA4IBAQBSeDlQ3ItLIRfmTlI4jzrbnK1nf5LgaJoj
LYwELSSN/QUGivcd5r/0NrwCWjvZDftsuYzOtb+DmAYcIwXtzUCdgEFbwbRLDmhJ
kGsQREUfyxMvK7bGR4qHRCt1DLtQ4RSRlVWVxp78OSuiqfEqMHo6anO2OWkDGIcP
xqjoWRPuUPcZiZ8XtqeSwfu+vMBtfeWn9Sw5qYlj6sD+XrZbOVD4w6qnq+26v0JZ
uaANlr1HqSgTnsHOKpTZL513Fx/mgmtZVYA0gscR4aKY6TzRnyqDlu9eyZTT7RDR
6pXRSGfK4bithlC5tCJyjOjqwh1fIkr5flCfxG4MsToxb3Kf5s45
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org