Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/lB-PQaKGZG-ujW7WLL0w6PoJp1I.roa
File: lB-PQaKGZG-ujW7WLL0w6PoJp1I.roa (raw, json)
Hash identifier: jJZQCoPY1WQ81xAl1qYTMJhKJHoL1yx1oDwNvDBhf30=
Subject key identifier: 94:1F:8F:41:A2:86:64:6F:AE:8D:6E:D6:2C:BD:30:E8:FA:09:A7:52
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018C81A6925BB22F57D199171442B4E4FD12
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/lB-PQaKGZG-ujW7WLL0w6PoJp1I.roa
Signing time: Tue 19 Dec 2023 10:37:06 +0000
ROA not before: Tue 19 Dec 2023 10:37:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 81.22.135.0/24 maxlen: 24
109.72.117.0/24 maxlen: 24
109.72.120.0/24 maxlen: 24
109.72.127.0/24 maxlen: 24
89.185.1.0/24 maxlen: 24
89.185.3.0/24 maxlen: 24
81.22.128.0/24 maxlen: 24
81.22.129.0/24 maxlen: 24
81.22.130.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Dec 2023 11:55:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:81:a6:92:5b:b2:2f:57:d1:99:17:14:42:b4:e4:fd:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Dec 19 10:37:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=941f8f41a286646fae8d6ed62cbd30e8fa09a752
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:97:c4:25:73:50:ce:d3:bb:ad:ff:23:9f:fa:
2a:92:fe:73:a7:6a:af:d6:1e:4c:08:86:26:6b:67:
9e:d0:44:f6:c7:65:2e:d7:90:f0:f5:84:dc:80:7b:
61:bf:1a:bc:84:26:c5:17:f7:dc:5f:c7:0c:3e:e8:
07:81:f8:a3:e2:5a:76:85:83:f2:40:17:07:97:00:
87:36:cf:92:f6:cc:71:67:4c:6f:f2:78:af:5e:29:
07:a5:5a:88:fe:e4:c5:26:d7:47:24:5c:f2:18:5c:
60:c1:c4:ed:3b:56:14:62:61:1f:63:a5:45:1c:20:
02:03:fc:12:40:28:7b:e5:fb:48:ac:47:29:37:82:
f9:82:e6:a9:82:61:de:36:4f:f9:75:95:82:0b:89:
ae:9a:df:5f:af:f8:4a:70:11:d7:ce:40:18:4b:08:
36:38:0d:11:26:5a:5c:03:8d:2e:a7:68:fb:29:89:
c1:1d:71:5b:d3:4f:30:bc:c5:ae:3b:ce:77:cd:7a:
58:ae:5f:0a:14:10:4f:67:46:00:2e:87:1d:14:29:
75:3d:7f:b1:53:b1:44:43:23:f8:6b:2c:8c:b4:7a:
06:62:1f:d1:a5:e8:6a:5b:61:3f:d9:bf:63:1c:21:
be:47:a2:69:b8:71:6f:a0:28:21:a1:53:e6:d2:49:
00:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:1F:8F:41:A2:86:64:6F:AE:8D:6E:D6:2C:BD:30:E8:FA:09:A7:52
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/lB-PQaKGZG-ujW7WLL0w6PoJp1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.128.0-81.22.130.255
81.22.135.0/24
89.185.1.0/24
89.185.3.0/24
109.72.117.0/24
109.72.120.0/24
109.72.127.0/24
Signature Algorithm: sha256WithRSAEncryption
77:56:57:1f:9d:59:ae:88:65:aa:68:9b:1b:3a:74:fe:8c:b5:
66:ce:e6:5d:9f:77:54:1c:13:a4:f3:b0:e3:3f:b8:e7:12:c8:
13:0c:a9:c9:2a:be:66:e1:d6:eb:ab:2b:83:4c:99:de:39:1b:
c5:26:f6:0b:de:d3:07:38:a6:70:e5:7e:40:ef:a5:b3:12:36:
0e:4f:25:82:d0:1f:e7:07:58:3a:00:27:d3:f3:f9:c2:e1:03:
c1:bb:0d:cc:03:f8:67:37:d9:16:d1:e9:e4:71:6b:ae:8f:14:
31:ea:55:fa:87:42:4c:9e:55:cf:cc:b6:ce:c8:b0:84:95:3d:
b8:7b:25:af:cb:2e:6b:69:11:7e:42:7c:00:6b:03:70:bd:4f:
fb:be:d7:b3:7d:ec:9d:5f:f5:ca:ba:30:81:57:79:e0:d1:84:
7c:bf:14:e4:1a:87:74:a8:fd:44:7c:2d:dd:42:a7:32:2f:48:
83:96:29:ad:91:3a:70:46:70:e5:2c:91:cd:a7:d1:db:90:90:
f1:8d:d3:b5:57:55:cb:2e:2b:f9:0f:37:a7:79:66:2b:d3:ed:
05:86:18:22:c9:32:2e:bc:0f:78:e5:7f:8f:d3:ff:05:b9:f0:
cf:19:55:47:fe:78:df:99:a2:e9:73:af:fa:f1:13:db:de:65:
4d:63:76:cb
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYyBppJbsi9X0ZkXFEK05P0SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMxMjE5MTAzNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDFmOGY0MWEyODY2NDZmYWU4ZDZlZDYyY2JkMzBlOGZhMDlhNzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpfEJXNQztO7rf8jn/oqkv5zp2qv
1h5MCIYma2ee0ET2x2Uu15Dw9YTcgHthvxq8hCbFF/fcX8cMPugHgfij4lp2hYPy
QBcHlwCHNs+S9sxxZ0xv8nivXikHpVqI/uTFJtdHJFzyGFxgwcTtO1YUYmEfY6VF
HCACA/wSQCh75ftIrEcpN4L5guapgmHeNk/5dZWCC4mumt9fr/hKcBHXzkAYSwg2
OA0RJlpcA40up2j7KYnBHXFb008wvMWuO853zXpYrl8KFBBPZ0YALocdFCl1PX+x
U7FEQyP4ayyMtHoGYh/RpehqW2E/2b9jHCG+R6JpuHFvoCghoVPm0kkAjQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFJQfj0GihmRvro1u1iy9MOj6CadSMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvbEItUFFhS0daRy11alc3V0xMMHc2UG9KcDFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyMAwDBAdRFoAD
BABRFoIDBABRFocDBABZuQEDBABZuQMDBABtSHUDBABtSHgDBABtSH8wDQYJKoZI
hvcNAQELBQADggEBAHdWVx+dWa6IZapomxs6dP6MtWbO5l2fd1QcE6TzsOM/uOcS
yBMMqckqvmbh1uurK4NMmd45G8Um9gve0wc4pnDlfkDvpbMSNg5PJYLQH+cHWDoA
J9Pz+cLhA8G7DcwD+Gc32RbR6eRxa66PFDHqVfqHQkyeVc/Mts7IsISVPbh7Ja/L
LmtpEX5CfABrA3C9T/u+17N97J1f9cq6MIFXeeDRhHy/FOQah3So/UR8Ld1CpzIv
SIOWKa2ROnBGcOUskc2n0duQkPGN07VXVcsuK/kPN6d5ZivT7QWGGCLJMi68D3jl
f4/T/wW58M8ZVUf+eN+Zoulzr/rxE9veZU1jdss=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org