Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/kLWhZOR6f56B6FNN9n3XgtJBR2w.roa
File: kLWhZOR6f56B6FNN9n3XgtJBR2w.roa (raw, json)
Hash identifier: CrtNyF8n65cxYbfZvRPqKE7LhvBUd5f4Vs+toD4z9yg=
Subject key identifier: 90:B5:A1:64:E4:7A:7F:9E:81:E8:53:4D:F6:7D:D7:82:D2:41:47:6C
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018CC649CF1FAC8710E66A8C9CD70A13A9BB
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/kLWhZOR6f56B6FNN9n3XgtJBR2w.roa
Signing time: Mon 01 Jan 2024 18:29:35 +0000
ROA not before: Mon 01 Jan 2024 18:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215955
IP address blocks: 81.22.136.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 07 Jan 2024 17:34:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:cf:1f:ac:87:10:e6:6a:8c:9c:d7:0a:13:a9:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 1 18:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90b5a164e47a7f9e81e8534df67dd782d241476c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c0:a0:bb:45:7d:5d:a4:e2:65:d7:96:91:94:
44:eb:2a:95:8b:cd:d7:92:3f:e2:5d:06:fc:5b:f4:
70:8a:86:b7:37:72:b7:1e:0e:f9:0f:55:08:d7:e4:
3a:2e:33:4e:2a:f6:46:cc:f9:1e:a3:d5:ee:e1:d5:
39:0c:ff:f9:66:ec:6a:8f:6d:5d:0e:41:e8:8c:23:
2c:16:1c:ad:37:74:80:2d:17:f2:39:77:c0:64:4c:
f3:0e:dd:d2:d2:28:83:77:a8:a6:b1:94:2d:a3:f6:
c3:a9:3c:72:31:c7:8f:3b:45:27:a2:3c:93:ed:ad:
70:d0:41:4b:19:f3:e5:39:da:b4:f1:0d:df:c2:1d:
48:ca:37:04:37:5b:01:75:ad:5e:6c:d6:ac:62:24:
36:2f:dd:e9:8e:e3:51:cd:39:b8:7d:74:e0:8c:cc:
33:5e:e2:94:bf:ea:98:f4:0a:e3:01:1c:0a:22:dc:
95:61:13:51:3b:78:3a:ca:9c:2a:d0:df:50:c6:72:
3c:46:79:bd:2a:1b:fb:63:fe:3e:52:18:14:3d:2f:
81:95:5e:5e:50:87:2a:f1:1a:10:1e:e2:fa:60:af:
33:3a:7c:74:0e:45:47:cc:f6:98:e5:2e:0e:e5:c2:
61:2c:67:45:22:66:ef:e0:48:42:c3:5e:3e:5e:0b:
91:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:B5:A1:64:E4:7A:7F:9E:81:E8:53:4D:F6:7D:D7:82:D2:41:47:6C
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/kLWhZOR6f56B6FNN9n3XgtJBR2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/24
Signature Algorithm: sha256WithRSAEncryption
06:a6:ea:b6:5c:f4:bd:5e:84:da:0a:66:3a:e0:92:f3:db:9d:
95:6a:d3:76:6c:74:d5:ef:a3:28:76:17:a1:08:3e:87:7f:8d:
04:bf:4d:e4:97:d2:e2:5e:b9:2e:0b:27:dd:15:6d:75:bb:ed:
d2:a8:ce:ff:a5:8a:a9:9d:5a:41:e9:b5:98:44:81:c1:8f:c1:
99:df:38:4a:07:72:1f:68:87:90:5f:cf:dd:e1:51:ad:a3:0c:
bf:f8:6a:2d:d4:11:df:1b:73:e4:ce:52:96:7a:e4:c7:93:e8:
2b:fa:62:f1:c9:56:d0:19:06:7a:b5:b8:45:61:6f:36:cc:10:
99:46:09:85:22:1f:e8:25:50:ca:f7:da:3c:01:9d:e8:1b:c6:
11:8c:6e:06:7c:d9:d1:ee:75:d7:87:71:eb:57:17:39:5c:cc:
9d:4b:b0:d7:0a:0d:a4:33:42:ad:71:7e:8c:20:00:e6:a3:4a:
eb:24:de:fe:ca:f7:00:55:04:4e:83:12:5a:68:5d:c3:07:ab:
50:0a:cb:a6:f0:26:68:0d:c5:38:1b:83:07:7b:02:79:7a:98:
b9:e0:57:70:7e:d4:62:1f:e4:5d:9b:5c:64:a3:ca:28:9f:ec:
49:ad:18:7c:9d:46:04:3b:94:43:5e:63:25:c5:61:bb:ad:7a:
6b:20:7e:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSc8frIcQ5mqMnNcKE6m7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMTAxMTgyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGI1YTE2NGU0N2E3ZjllODFlODUzNGRmNjdkZDc4MmQyNDE0NzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8Cgu0V9XaTiZdeWkZRE6yqVi83X
kj/iXQb8W/Rwioa3N3K3Hg75D1UI1+Q6LjNOKvZGzPkeo9Xu4dU5DP/5Zuxqj21d
DkHojCMsFhytN3SALRfyOXfAZEzzDt3S0iiDd6imsZQto/bDqTxyMcePO0UnojyT
7a1w0EFLGfPlOdq08Q3fwh1IyjcEN1sBda1ebNasYiQ2L93pjuNRzTm4fXTgjMwz
XuKUv+qY9ArjARwKItyVYRNRO3g6ypwq0N9QxnI8Rnm9Khv7Y/4+UhgUPS+BlV5e
UIcq8RoQHuL6YK8zOnx0DkVHzPaY5S4O5cJhLGdFImbv4EhCw14+XguRwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJC1oWTken+egehTTfZ914LSQUdsMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEva0xXaFpPUjZmNTZCNkZOTjluM1hndEpCUjJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAURaIMA0G
CSqGSIb3DQEBCwUAA4IBAQAGpuq2XPS9XoTaCmY64JLz252VatN2bHTV76Modheh
CD6Hf40Ev03kl9LiXrkuCyfdFW11u+3SqM7/pYqpnVpB6bWYRIHBj8GZ3zhKB3If
aIeQX8/d4VGtowy/+Got1BHfG3PkzlKWeuTHk+gr+mLxyVbQGQZ6tbhFYW82zBCZ
RgmFIh/oJVDK99o8AZ3oG8YRjG4GfNnR7nXXh3HrVxc5XMydS7DXCg2kM0KtcX6M
IADmo0rrJN7+yvcAVQROgxJaaF3DB6tQCsum8CZoDcU4G4MHewJ5epi54FdwftRi
H+Rdm1xko8oon+xJrRh8nUYEO5RDXmMlxWG7rXprIH6o
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org