Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mS4zI2pLIxXmgBjfYlGO6kR5VaE.roa
File: mS4zI2pLIxXmgBjfYlGO6kR5VaE.roa (raw, json)
Hash identifier: XdPT4zP6uKCjhi8DYag1jRqHyr9oLGOIpUuC88deBIQ=
Subject key identifier: 99:2E:33:23:6A:4B:23:15:E6:80:18:DF:62:51:8E:EA:44:79:55:A1
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 01876BED3C3A1F3CE49BCEF069C1139A5A75
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mS4zI2pLIxXmgBjfYlGO6kR5VaE.roa
Signing time: Mon 10 Apr 2023 16:08:42 +0000
ROA not before: Mon 10 Apr 2023 16:08:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 81.22.135.0/24 maxlen: 24
109.72.125.0/24 maxlen: 24
81.22.129.0/24 maxlen: 24
81.22.130.0/24 maxlen: 24
81.22.131.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Apr 2023 12:10:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6b:ed:3c:3a:1f:3c:e4:9b:ce:f0:69:c1:13:9a:5a:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Apr 10 16:08:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=992e33236a4b2315e68018df62518eea447955a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:c9:19:46:cc:3c:69:66:49:16:b7:bf:34:cc:
ad:f0:18:20:fb:17:8d:df:63:2b:a0:43:ad:53:6f:
6e:b1:29:4d:59:a4:cd:ba:cd:92:7d:56:a9:7d:fd:
95:79:12:5a:d3:a1:53:72:ab:2f:0b:67:b8:ac:ea:
1b:e4:64:38:f8:1a:6d:c9:8f:03:0e:77:16:48:90:
93:c5:40:51:78:a9:94:fa:78:42:c4:c4:8d:d6:14:
38:ba:76:6d:6d:fc:91:8b:ad:3f:72:8e:d3:8d:3b:
23:ea:ad:46:de:92:e8:93:27:97:b1:77:7d:a5:f9:
24:51:86:6a:42:aa:1e:9c:b0:db:b9:83:ba:02:fb:
b0:17:f5:f8:5c:81:03:10:13:a2:d0:84:4a:e8:07:
2d:c4:df:55:8c:91:e5:fa:48:d7:38:ab:e9:89:6e:
bb:3c:49:5b:76:47:d9:e2:88:0d:ec:ec:8c:e7:68:
93:06:44:75:1f:e9:35:61:f0:4e:c6:5e:fb:10:98:
4a:51:81:e0:22:76:b3:b8:88:37:6e:f8:28:fa:5f:
19:f9:16:fa:71:40:c9:58:7a:17:05:67:f0:88:35:
00:6c:73:03:74:e2:a0:38:5b:67:fd:ad:17:fc:32:
b4:94:b7:90:3d:44:ef:a9:f8:e4:de:f8:e7:b7:8a:
e2:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:2E:33:23:6A:4B:23:15:E6:80:18:DF:62:51:8E:EA:44:79:55:A1
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mS4zI2pLIxXmgBjfYlGO6kR5VaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.129.0-81.22.131.255
81.22.135.0/24
109.72.125.0/24
Signature Algorithm: sha256WithRSAEncryption
54:b8:44:30:10:c0:e4:e5:4f:92:a2:1e:a1:03:e1:c0:a1:d4:
27:d8:eb:52:70:4c:cf:23:d2:96:8f:16:e8:2d:b6:3e:79:18:
82:33:d4:e3:71:e6:a3:a4:87:a9:6e:41:89:e3:5a:11:14:48:
0f:87:0a:95:e2:44:91:d1:b5:7c:ff:ce:eb:2e:73:ac:9d:ec:
b3:3e:30:52:66:79:ef:4b:a1:e5:ba:88:81:f4:2a:e0:0d:0c:
bc:d3:48:78:29:ce:fb:8e:83:e1:93:61:32:24:3e:9d:eb:07:
1b:6e:fd:01:02:98:47:f5:67:da:90:98:d0:43:c4:d1:0a:0e:
88:38:9b:23:d1:d1:28:04:e6:12:12:cf:c6:ab:69:b8:88:3a:
1f:53:d7:70:43:c9:69:e9:0a:a1:b4:2c:32:a9:b8:eb:64:a2:
42:77:7b:db:04:66:89:b4:b2:1d:b5:f6:2a:7c:06:7f:3b:3a:
33:3f:6b:6e:c4:55:79:5c:2d:2f:78:05:26:5b:32:86:a7:c6:
4c:59:d5:ec:db:ed:82:ef:c7:92:4a:1a:79:54:e1:6e:94:eb:
3b:69:4f:a0:52:07:15:e4:02:8c:33:9d:98:ca:56:0e:70:6d:
ec:77:cd:e2:75:7f:f5:b7:de:19:47:43:8b:cf:69:d3:0b:a3:
eb:cb:7d:b5
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYdr7Tw6Hzzkm87wacETmlp1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwNDEwMTYwODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTJlMzMyMzZhNGIyMzE1ZTY4MDE4ZGY2MjUxOGVlYTQ0Nzk1NWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ckZRsw8aWZJFre/NMyt8Bgg+xeN
32MroEOtU29usSlNWaTNus2SfVapff2VeRJa06FTcqsvC2e4rOob5GQ4+BptyY8D
DncWSJCTxUBReKmU+nhCxMSN1hQ4unZtbfyRi60/co7TjTsj6q1G3pLokyeXsXd9
pfkkUYZqQqoenLDbuYO6AvuwF/X4XIEDEBOi0IRK6ActxN9VjJHl+kjXOKvpiW67
PElbdkfZ4ogN7OyM52iTBkR1H+k1YfBOxl77EJhKUYHgInazuIg3bvgo+l8Z+Rb6
cUDJWHoXBWfwiDUAbHMDdOKgOFtn/a0X/DK0lLeQPUTvqfjk3vjnt4riiQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJkuMyNqSyMV5oAY32JRjupEeVWhMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvbVM0ekkycExJeFhtZ0JqZllsR082a1I1VmFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABRFoED
BAJRFoADBABRFocDBABtSH0wDQYJKoZIhvcNAQELBQADggEBAFS4RDAQwOTlT5Ki
HqED4cCh1CfY61JwTM8j0paPFugttj55GIIz1ONx5qOkh6luQYnjWhEUSA+HCpXi
RJHRtXz/zusuc6yd7LM+MFJmee9LoeW6iIH0KuANDLzTSHgpzvuOg+GTYTIkPp3r
Bxtu/QECmEf1Z9qQmNBDxNEKDog4myPR0SgE5hISz8arabiIOh9T13BDyWnpCqG0
LDKpuOtkokJ3e9sEZom0sh219ip8Bn87OjM/a27EVXlcLS94BSZbMoanxkxZ1ezb
7YLvx5JKGnlU4W6U6ztpT6BSBxXkAowznZjKVg5wbex3zeJ1f/W33hlHQ4vPadML
o+vLfbU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org