Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/lM1hyImNTmDcfdEQxfsuzjaI2hw.roa
File: lM1hyImNTmDcfdEQxfsuzjaI2hw.roa (raw, json)
Hash identifier: /lDijmgxa7Tu9Npv/PGl+1q13rEOCHoPlv50P9ZqlRg=
Subject key identifier: 94:CD:61:C8:89:8D:4E:60:DC:7D:D1:10:C5:FB:2E:CE:36:88:DA:1C
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 01862624C6DC2F56D8961FF70DF4A12F3CBD
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/lM1hyImNTmDcfdEQxfsuzjaI2hw.roa
Signing time: Mon 06 Feb 2023 09:53:09 +0000
ROA not before: Mon 06 Feb 2023 09:53:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209260
IP address blocks: 109.72.112.0/24 maxlen: 24
109.72.115.0/24 maxlen: 24
109.72.116.0/24 maxlen: 24
109.72.113.0/24 maxlen: 24
109.72.114.0/24 maxlen: 24
109.72.121.0/24 maxlen: 24
81.22.130.0/24 maxlen: 24
81.22.131.0/24 maxlen: 24
81.22.128.0/24 maxlen: 24
81.22.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Apr 2023 13:08:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:26:24:c6:dc:2f:56:d8:96:1f:f7:0d:f4:a1:2f:3c:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Feb 6 09:53:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94cd61c8898d4e60dc7dd110c5fb2ece3688da1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:16:2f:3c:fe:ec:27:fb:e7:78:a2:96:86:0e:
41:fa:d6:a5:3b:cf:04:96:e4:ca:fa:27:50:4e:27:
d9:48:fc:dd:95:19:c8:b8:97:78:3a:43:3f:ca:e0:
6d:a4:6c:a0:67:75:f8:b3:11:b1:49:a9:39:c4:58:
35:18:c1:43:a1:95:fd:75:63:b8:1a:a7:3b:48:c4:
99:2c:3e:95:e1:91:88:86:1e:99:bd:f1:43:2f:ad:
a3:c3:7d:2a:b1:39:46:c1:ab:a5:70:7e:ed:13:15:
be:c7:9a:97:f0:b5:1c:13:5f:d5:e5:85:af:a2:8a:
57:ff:be:60:1b:2b:ae:37:00:04:5c:86:58:cf:2e:
5c:35:33:6f:1c:27:f4:f5:c9:81:ed:77:eb:29:eb:
77:5d:8c:fd:e9:80:0b:32:84:6e:59:d8:e0:81:5c:
1b:9a:0a:ae:34:46:5b:c9:c7:fe:b2:e0:80:11:56:
a9:da:04:c9:3d:19:b3:a6:2a:9c:61:ec:a6:92:5e:
24:68:0a:52:c2:7b:de:3a:93:59:92:15:a8:75:54:
7e:80:49:42:cd:c8:16:77:d8:49:9f:0c:d1:a8:f6:
82:a5:b2:1a:69:b4:26:bc:c8:a6:d4:84:43:08:dc:
64:7c:a0:60:9d:61:29:3f:f3:f9:e9:1a:bf:d5:8c:
31:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:CD:61:C8:89:8D:4E:60:DC:7D:D1:10:C5:FB:2E:CE:36:88:DA:1C
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/lM1hyImNTmDcfdEQxfsuzjaI2hw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.128.0/22
109.72.112.0-109.72.116.255
109.72.121.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:15:3d:b3:2e:b5:a3:bf:cc:01:8e:e2:ce:ab:af:95:6b:74:
9d:fb:43:98:f8:e2:5b:46:d0:19:33:c2:83:9c:47:ae:b3:99:
4f:08:55:18:79:cb:5c:48:bf:29:c4:ce:65:37:a3:06:3a:a5:
41:37:3d:fa:09:3c:a7:12:6a:ad:2f:53:4d:36:6f:26:1e:e0:
e7:be:1b:d7:bb:32:9a:23:19:5c:14:3b:82:c1:35:e4:df:13:
69:57:dd:e0:26:58:1e:24:d6:f4:3d:c0:1c:7d:fe:df:e8:16:
11:cb:dc:22:b1:da:e2:a2:98:7e:6e:33:9a:2f:53:1d:ab:fb:
2e:f8:59:42:7f:b3:28:7e:41:a8:a7:36:61:3c:a7:20:ae:16:
a5:39:1f:1e:00:e3:12:4c:7f:58:09:c7:ed:57:a1:00:b3:9a:
f0:22:66:69:7e:9f:e9:fe:50:9c:b0:89:af:b4:05:23:f1:c0:
ee:66:34:c6:86:65:98:31:2d:7b:cd:2e:db:83:1c:55:eb:b3:
24:1b:cb:bb:96:92:e6:94:d9:fe:f8:1b:76:ad:75:e0:0f:74:
48:65:9f:b6:71:04:80:94:bb:75:30:a9:98:a8:0d:5e:e1:06:
b3:9b:70:bb:c7:f2:da:8b:6d:ab:33:8c:54:c9:8b:aa:9e:9d:
50:8d:9d:4f
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYYmJMbcL1bYlh/3DfShLzy9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwMjA2MDk1MzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGNkNjFjODg5OGQ0ZTYwZGM3ZGQxMTBjNWZiMmVjZTM2ODhkYTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhYvPP7sJ/vneKKWhg5B+talO88E
luTK+idQTifZSPzdlRnIuJd4OkM/yuBtpGygZ3X4sxGxSak5xFg1GMFDoZX9dWO4
Gqc7SMSZLD6V4ZGIhh6ZvfFDL62jw30qsTlGwaulcH7tExW+x5qX8LUcE1/V5YWv
oopX/75gGyuuNwAEXIZYzy5cNTNvHCf09cmB7XfrKet3XYz96YALMoRuWdjggVwb
mgquNEZbycf+suCAEVap2gTJPRmzpiqcYeymkl4kaApSwnveOpNZkhWodVR+gElC
zcgWd9hJnwzRqPaCpbIaabQmvMim1IRDCNxkfKBgnWEpP/P56Rq/1YwxKQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJTNYciJjU5g3H3REMX7Ls42iNocMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvbE0xaHlJbU5UbURjZmRFUXhmc3V6amFJMmh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCURaAMAwD
BARtSHADBABtSHQDBABtSHkwDQYJKoZIhvcNAQELBQADggEBABoVPbMutaO/zAGO
4s6rr5VrdJ37Q5j44ltG0BkzwoOcR66zmU8IVRh5y1xIvynEzmU3owY6pUE3PfoJ
PKcSaq0vU002byYe4Oe+G9e7MpojGVwUO4LBNeTfE2lX3eAmWB4k1vQ9wBx9/t/o
FhHL3CKx2uKimH5uM5ovUx2r+y74WUJ/syh+QainNmE8pyCuFqU5Hx4A4xJMf1gJ
x+1XoQCzmvAiZml+n+n+UJywia+0BSPxwO5mNMaGZZgxLXvNLtuDHFXrsyQby7uW
kuaU2f74G3atdeAPdEhln7ZxBICUu3UwqZioDV7hBrObcLvH8tqLbaszjFTJi6qe
nVCNnU8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org