Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/kq8-0aTf767zCdcg_JbBa0d_dGA.roa
File: kq8-0aTf767zCdcg_JbBa0d_dGA.roa (raw, json)
Hash identifier: F5qg5n6hPcdiPhDLso3yXL6CDc8++hv/R9inGMO3/b8=
Subject key identifier: 92:AF:3E:D1:A4:DF:EF:AE:F3:09:D7:20:FC:96:C1:6B:47:7F:74:60
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018A14E8EFF7879ED9254AC39D8E86621277
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/kq8-0aTf767zCdcg_JbBa0d_dGA.roa
Signing time: Sun 20 Aug 2023 21:45:24 +0000
ROA not before: Sun 20 Aug 2023 21:45:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.72.116.0/22 maxlen: 24
109.72.120.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
81.22.132.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Aug 2023 11:32:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:14:e8:ef:f7:87:9e:d9:25:4a:c3:9d:8e:86:62:12:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Aug 20 21:45:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92af3ed1a4dfefaef309d720fc96c16b477f7460
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:34:59:9e:f7:d1:48:cf:cf:61:31:14:d5:d6:
0a:cd:5c:18:35:cd:76:2f:23:23:c2:83:c0:08:eb:
c1:4e:ef:45:fa:39:8d:a4:d3:ef:d4:49:db:3a:be:
e9:1c:cd:7d:e3:f7:d5:50:d6:95:ba:ef:d7:fa:86:
45:71:ee:8a:bd:c7:aa:3b:f8:ee:f7:f1:8f:1b:62:
99:68:6d:d9:5d:68:58:9b:01:4e:40:12:28:3a:18:
21:65:58:f1:0e:01:56:6d:82:9f:68:8f:ab:ef:1d:
b9:c1:fe:df:7d:e6:0e:98:84:de:bb:57:65:7d:91:
fa:ad:00:cc:10:14:a2:e2:8b:9d:54:10:94:3d:49:
8a:04:01:10:32:b9:34:08:2e:82:66:cc:a4:6c:ba:
87:e1:d2:cf:fa:76:df:fa:31:9b:4b:b7:0f:b4:cd:
55:54:90:ab:cc:98:3a:b2:bb:38:43:7b:96:3a:5b:
75:b8:49:ce:e8:47:ca:bf:6d:58:f0:30:ed:89:a8:
09:ee:8d:59:20:09:24:85:c9:26:42:ee:df:98:a7:
69:9f:24:04:a8:e6:2c:46:2c:0e:4c:40:e4:49:69:
06:ce:d7:7f:2c:8b:d5:dd:ef:d6:ab:ad:b5:a3:05:
85:30:ce:e2:5d:03:82:90:62:2a:e6:04:a7:59:39:
ed:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:AF:3E:D1:A4:DF:EF:AE:F3:09:D7:20:FC:96:C1:6B:47:7F:74:60
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/kq8-0aTf767zCdcg_JbBa0d_dGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.132.0/24
89.185.0.0/22
109.72.116.0-109.72.120.255
Signature Algorithm: sha256WithRSAEncryption
79:8a:68:60:7a:3d:28:7f:d2:cc:84:54:3a:e1:ed:dd:98:f1:
93:17:de:ee:2b:a1:e5:d6:09:d9:c9:6c:c3:a6:fc:03:87:2a:
57:96:33:4e:d9:79:cb:28:fa:0c:ac:8c:df:9f:9f:89:a2:de:
24:58:89:33:06:a9:7b:bb:63:1a:12:54:37:be:ff:83:f4:e3:
49:e0:6b:2e:0b:bf:64:5b:b5:af:bf:c0:9d:4f:e5:9f:9f:36:
6c:d8:55:47:cf:c0:f9:a3:d4:83:d6:a1:6f:12:fa:04:60:38:
3f:0d:31:c3:e4:14:70:35:89:ba:11:55:75:1b:ec:82:d4:ec:
18:74:99:82:4a:fe:11:0f:f5:d8:cb:8f:0d:93:e2:8a:7f:0c:
4b:db:7c:d5:ca:e8:86:42:f9:27:48:ca:cd:88:11:82:b4:e0:
0c:df:b2:62:af:0c:29:99:6d:fd:60:67:59:c2:d8:ff:33:60:
1a:8f:64:a4:78:09:32:a5:00:6c:ec:8a:0a:f1:bc:f9:43:b4:
a7:22:d7:53:95:e3:97:15:f0:62:5b:53:c9:ba:66:c2:14:80:
ee:41:f9:d0:2d:16:3f:ee:98:27:25:40:dd:2d:d2:78:72:22:
e5:a3:89:47:c5:3b:d1:68:88:0c:9e:f3:28:b5:3d:46:86:b4:
18:63:86:3d
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYoU6O/3h57ZJUrDnY6GYhJ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwODIwMjE0NTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmFmM2VkMWE0ZGZlZmFlZjMwOWQ3MjBmYzk2YzE2YjQ3N2Y3NDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDRZnvfRSM/PYTEU1dYKzVwYNc12
LyMjwoPACOvBTu9F+jmNpNPv1EnbOr7pHM194/fVUNaVuu/X+oZFce6KvceqO/ju
9/GPG2KZaG3ZXWhYmwFOQBIoOhghZVjxDgFWbYKfaI+r7x25wf7ffeYOmITeu1dl
fZH6rQDMEBSi4oudVBCUPUmKBAEQMrk0CC6CZsykbLqH4dLP+nbf+jGbS7cPtM1V
VJCrzJg6srs4Q3uWOlt1uEnO6EfKv21Y8DDtiagJ7o1ZIAkkhckmQu7fmKdpnyQE
qOYsRiwOTEDkSWkGztd/LIvV3e/Wq621owWFMM7iXQOCkGIq5gSnWTntEQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJKvPtGk3++u8wnXIPyWwWtHf3RgMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEva3E4LTBhVGY3Njd6Q2RjZ19KYkJhMGRfZEdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAURaEAwQC
WbkAMAwDBAJtSHQDBABtSHgwDQYJKoZIhvcNAQELBQADggEBAHmKaGB6PSh/0syE
VDrh7d2Y8ZMX3u4roeXWCdnJbMOm/AOHKleWM07Zecso+gysjN+fn4mi3iRYiTMG
qXu7YxoSVDe+/4P040ngay4Lv2Rbta+/wJ1P5Z+fNmzYVUfPwPmj1IPWoW8S+gRg
OD8NMcPkFHA1iboRVXUb7ILU7Bh0mYJK/hEP9djLjw2T4op/DEvbfNXK6IZC+SdI
ys2IEYK04AzfsmKvDCmZbf1gZ1nC2P8zYBqPZKR4CTKlAGzsigrxvPlDtKci11OV
45cV8GJbU8m6ZsIUgO5B+dAtFj/umCclQN0t0nhyIuWjiUfFO9FoiAye8yi1PUaG
tBhjhj0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org