Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mKdWqBQISq89-Uj582CzGrbSNvc.roa
File: mKdWqBQISq89-Uj582CzGrbSNvc.roa (raw, json)
Hash identifier: JEp4p4Kd+bvCdfxd1E+vUzL0fyE66SuE2zjc6cgv2A4=
Subject key identifier: 98:A7:56:A8:14:08:4A:AF:3D:F9:48:F9:F3:60:B3:1A:B6:D2:36:F7
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018DF6288AB3A8CD3071295D6A8E33485112
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mKdWqBQISq89-Uj582CzGrbSNvc.roa
Signing time: Thu 29 Feb 2024 18:37:48 +0000
ROA not before: Thu 29 Feb 2024 18:37:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.128.0/24 maxlen: 24
81.22.136.0/22 maxlen: 23
81.22.140.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
109.72.116.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Mar 2024 21:12:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f6:28:8a:b3:a8:cd:30:71:29:5d:6a:8e:33:48:51:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Feb 29 18:37:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98a756a814084aaf3df948f9f360b31ab6d236f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:27:3e:89:4b:e1:9b:bc:5c:7f:00:ee:2d:53:
2b:19:e8:2c:7c:73:2c:fa:9c:13:9d:38:29:7d:04:
c1:87:a1:c6:81:90:3e:bc:4d:cf:0e:d2:ed:26:24:
c2:f1:57:9a:8d:f8:bb:f9:76:3a:30:9e:11:84:a8:
66:62:ef:33:f9:0c:fb:26:df:a3:77:6b:18:17:73:
0f:84:3e:92:f4:e3:ea:6a:2d:4f:00:5a:18:6e:58:
91:47:62:bd:a0:97:7a:50:c7:71:e7:b0:e1:ac:92:
5d:2e:a0:e5:d5:6c:4c:68:98:94:3e:21:31:a9:a9:
04:33:0f:35:be:0e:70:ef:a5:35:c4:a5:79:d1:cb:
e6:6d:d2:d4:38:27:0d:60:6d:a8:b0:71:0b:3d:1a:
d4:f3:30:ed:5b:16:38:dc:0a:33:5f:38:6a:08:88:
20:ef:35:3e:57:32:71:53:55:1b:db:ae:b2:4c:fb:
63:ad:73:18:98:66:99:cb:d2:aa:be:1b:d4:24:9f:
00:15:cc:6c:a1:3a:4d:71:64:b8:44:7f:73:71:59:
21:e4:0a:f9:44:92:3c:db:0d:3d:46:9c:c6:ad:da:
e2:20:96:f1:08:f9:c2:5c:35:29:2e:27:46:35:e8:
0e:4d:d9:a0:9b:18:7c:a1:02:8d:89:e7:47:30:c9:
4d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:A7:56:A8:14:08:4A:AF:3D:F9:48:F9:F3:60:B3:1A:B6:D2:36:F7
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mKdWqBQISq89-Uj582CzGrbSNvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.128.0/24
81.22.136.0/21
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
93:fb:dc:99:92:fe:e2:8b:ef:98:38:e4:f3:20:3c:4a:7b:a7:
c4:50:8a:0b:0e:42:5c:e0:cd:65:9a:b6:d7:56:0f:9b:88:bd:
33:c5:fc:7b:e7:79:9b:27:73:60:ca:23:1f:ab:35:7a:fe:ed:
9a:19:bb:cd:ce:1e:93:15:76:b3:2f:c6:1b:d8:d8:84:b7:23:
e0:77:56:b6:74:2d:fd:c9:2c:74:dc:81:f4:22:af:82:8b:e7:
d8:7f:58:61:d5:dc:c8:e8:95:c1:12:37:b2:d3:ba:de:96:01:
19:28:62:8b:58:ba:3b:a8:97:47:b7:a7:e4:c7:d1:b1:35:06:
08:bb:cf:7b:ad:36:90:34:5a:5f:27:55:58:0e:9c:6b:a7:7e:
d7:d7:f6:8a:6b:53:4a:3f:6d:14:03:52:40:10:71:47:52:38:
d2:9c:91:f6:08:bd:6b:b1:6e:5c:9c:4b:0a:7d:dd:26:4c:83:
c3:98:3e:fc:9f:b0:ad:98:ea:cd:ba:9e:1e:53:1a:be:c9:cc:
34:ad:44:3f:de:bc:ea:78:96:0e:c5:69:32:20:b2:1e:06:9e:
1f:57:fc:41:3f:69:28:b9:b1:e3:1d:f8:4d:55:00:66:58:b0:
e6:3c:5a:c0:c5:9a:44:71:72:c4:5c:4e:3f:d3:69:15:18:e7:
76:8e:99:18
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY32KIqzqM0wcSldao4zSFESMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMjI5MTgzNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGE3NTZhODE0MDg0YWFmM2RmOTQ4ZjlmMzYwYjMxYWI2ZDIzNmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyc+iUvhm7xcfwDuLVMrGegsfHMs
+pwTnTgpfQTBh6HGgZA+vE3PDtLtJiTC8Veajfi7+XY6MJ4RhKhmYu8z+Qz7Jt+j
d2sYF3MPhD6S9OPqai1PAFoYbliRR2K9oJd6UMdx57DhrJJdLqDl1WxMaJiUPiEx
qakEMw81vg5w76U1xKV50cvmbdLUOCcNYG2osHELPRrU8zDtWxY43AozXzhqCIgg
7zU+VzJxU1Ub266yTPtjrXMYmGaZy9KqvhvUJJ8AFcxsoTpNcWS4RH9zcVkh5Ar5
RJI82w09RpzGrdriIJbxCPnCXDUpLidGNegOTdmgmxh8oQKNiedHMMlNxQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJinVqgUCEqvPflI+fNgsxq20jb3MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvbUtkV3FCUUlTcTg5LVVqNTgyQ3pHcmJTTnZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAURaAAwQD
URaIAwQCWbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQCT+9yZkv7ii++YOOTz
IDxKe6fEUIoLDkJc4M1lmrbXVg+biL0zxfx753mbJ3NgyiMfqzV6/u2aGbvNzh6T
FXazL8Yb2NiEtyPgd1a2dC39ySx03IH0Iq+Ci+fYf1hh1dzI6JXBEjey07relgEZ
KGKLWLo7qJdHt6fkx9GxNQYIu897rTaQNFpfJ1VYDpxrp37X1/aKa1NKP20UA1JA
EHFHUjjSnJH2CL1rsW5cnEsKfd0mTIPDmD78n7CtmOrNup4eUxq+ycw0rUQ/3rzq
eJYOxWkyILIeBp4fV/xBP2koubHjHfhNVQBmWLDmPFrAxZpEcXLEXE4/02kVGOd2
jpkY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org