Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/l0OkPhpZRou2WKGWeod5s_EwbL0.roa
File: l0OkPhpZRou2WKGWeod5s_EwbL0.roa (raw, json)
Hash identifier: gW8DaTo8kh3+7Em6xt3MVx8yUyg8GC9R+R70nr9unyw=
Subject key identifier: 97:43:A4:3E:1A:59:46:8B:B6:58:A1:96:7A:87:79:B3:F1:30:6C:BD
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018F8AF0C0E861C7836DEB5C3CA389623504
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/l0OkPhpZRou2WKGWeod5s_EwbL0.roa
Signing time: Sat 18 May 2024 09:03:04 +0000
ROA not before: Sat 18 May 2024 09:03:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.129.0/24 maxlen: 24
81.22.136.0/22 maxlen: 23
81.22.140.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
109.72.116.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 19 May 2024 21:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:8a:f0:c0:e8:61:c7:83:6d:eb:5c:3c:a3:89:62:35:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: May 18 09:03:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9743a43e1a59468bb658a1967a8779b3f1306cbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:3c:53:3c:a8:1e:73:d0:5a:06:7e:4c:d2:27:
3d:a7:38:81:67:eb:4b:39:c0:12:98:18:55:a4:a1:
e3:eb:15:13:60:2d:e7:5d:df:44:d1:c2:be:aa:e5:
99:de:39:64:7f:b5:5e:39:50:37:c4:1b:30:65:55:
38:5d:e3:a4:b8:cf:35:b6:c2:6c:4c:5f:f4:4e:63:
d9:95:fb:bf:ca:8f:7d:a8:b7:04:a0:62:9c:24:b4:
e2:1e:34:7c:c2:50:13:25:51:a6:fd:e3:ac:2d:b0:
03:2b:77:57:44:12:c8:ba:4b:b5:7b:1f:53:2f:50:
2d:e2:f1:2e:b7:f1:91:85:11:8e:98:72:5f:34:51:
b3:b0:a1:12:6a:9a:1a:39:b9:c2:a9:70:2f:11:a6:
66:f7:f2:95:65:00:a3:02:1f:0b:1c:d8:b3:87:7f:
b3:23:2c:9e:de:65:7d:69:12:9d:0d:d7:cd:62:ca:
51:04:14:22:f1:7f:e6:2a:c6:35:97:07:ae:5f:7a:
c4:e4:94:40:a1:a0:c7:49:f2:67:35:d0:e3:ab:5d:
31:90:66:3b:c7:a5:1f:ff:d7:fa:12:ae:bf:84:11:
40:3c:2d:ab:ed:54:c2:41:73:05:dd:e4:6e:d9:e8:
2d:d0:7d:5a:51:0a:6b:ce:e7:d6:24:c2:f2:01:2e:
51:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:43:A4:3E:1A:59:46:8B:B6:58:A1:96:7A:87:79:B3:F1:30:6C:BD
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/l0OkPhpZRou2WKGWeod5s_EwbL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.129.0/24
81.22.136.0/21
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
75:49:40:6f:78:68:20:47:fb:ac:60:a4:22:62:90:a0:cb:f5:
41:4a:48:52:0c:8a:c3:ad:58:7c:c0:3e:51:d6:da:53:b2:44:
a7:cb:60:a0:37:76:ea:36:a7:3b:48:e6:4d:f9:2c:c8:0a:1d:
27:49:80:22:93:a6:4c:ce:1f:f3:e1:22:de:e2:c2:d5:27:87:
05:ae:7f:a6:98:1a:a8:36:93:56:59:ea:db:93:85:a3:7a:b7:
bd:51:17:9e:9f:85:61:4a:8b:bc:53:2e:66:52:1e:a9:68:06:
26:30:67:49:d3:25:30:b7:60:6d:b8:cd:5a:e4:7a:c4:ec:5d:
a0:30:3f:24:83:97:35:1c:69:a7:6d:ea:f6:a2:ec:b0:a8:ce:
63:36:04:62:e1:1a:29:09:2c:1d:bf:29:3f:d5:39:d4:7a:e2:
5e:62:bb:92:73:50:ef:6f:49:21:90:a2:6f:8c:a7:f4:74:b8:
98:e1:1e:a1:0e:bd:01:8c:aa:99:39:05:35:1b:40:42:96:8b:
b7:d3:53:fb:d5:d6:18:88:63:a3:96:0f:5d:8b:8f:b3:f9:0e:
53:10:b9:22:bd:b9:5f:51:90:ef:f7:0b:d5:e1:77:ab:ea:ea:
19:67:55:d8:72:a4:db:51:c4:be:cf:ca:05:66:54:08:59:d3:
82:40:b7:2c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY+K8MDoYceDbetcPKOJYjUEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwNTE4MDkwMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzQzYTQzZTFhNTk0NjhiYjY1OGExOTY3YTg3NzliM2YxMzA2Y2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+zxTPKgec9BaBn5M0ic9pziBZ+tL
OcASmBhVpKHj6xUTYC3nXd9E0cK+quWZ3jlkf7VeOVA3xBswZVU4XeOkuM81tsJs
TF/0TmPZlfu/yo99qLcEoGKcJLTiHjR8wlATJVGm/eOsLbADK3dXRBLIuku1ex9T
L1At4vEut/GRhRGOmHJfNFGzsKESapoaObnCqXAvEaZm9/KVZQCjAh8LHNizh3+z
Iyye3mV9aRKdDdfNYspRBBQi8X/mKsY1lweuX3rE5JRAoaDHSfJnNdDjq10xkGY7
x6Uf/9f6Eq6/hBFAPC2r7VTCQXMF3eRu2egt0H1aUQprzufWJMLyAS5RtwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJdDpD4aWUaLtlihlnqHebPxMGy9MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvbDBPa1BocFpSb3UyV0tHV2VvZDVzX0V3YkwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAURaBAwQD
URaIAwQCWbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQB1SUBveGggR/usYKQi
YpCgy/VBSkhSDIrDrVh8wD5R1tpTskSny2CgN3bqNqc7SOZN+SzICh0nSYAik6ZM
zh/z4SLe4sLVJ4cFrn+mmBqoNpNWWerbk4Wjere9UReen4VhSou8Uy5mUh6paAYm
MGdJ0yUwt2BtuM1a5HrE7F2gMD8kg5c1HGmnber2ouywqM5jNgRi4RopCSwdvyk/
1TnUeuJeYruSc1Dvb0khkKJvjKf0dLiY4R6hDr0BjKqZOQU1G0BClou301P71dYY
iGOjlg9di4+z+Q5TELkivblfUZDv9wvV4Xer6uoZZ1XYcqTbUcS+z8oFZlQIWdOC
QLcs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org