Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/nmDNlivQwS0QjKePSZk-HFkzXnQ.roa
File: nmDNlivQwS0QjKePSZk-HFkzXnQ.roa (raw, json)
Hash identifier: 5xWSq1SBeUIn1UgGl33tHtF65a6z5EOzZ2GL51ksNkQ=
Subject key identifier: 9E:60:CD:96:2B:D0:C1:2D:10:8C:A7:8F:49:99:3E:1C:59:33:5E:74
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018C8BB7A7E9BB7EF6931FC7B3D63E3897AC
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/nmDNlivQwS0QjKePSZk-HFkzXnQ.roa
Signing time: Thu 21 Dec 2023 09:31:58 +0000
ROA not before: Thu 21 Dec 2023 09:31:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 24
81.22.140.0/22 maxlen: 24
109.72.116.0/24 maxlen: 24
109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 21 Dec 2023 09:52:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8b:b7:a7:e9:bb:7e:f6:93:1f:c7:b3:d6:3e:38:97:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Dec 21 09:31:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e60cd962bd0c12d108ca78f49993e1c59335e74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:02:ff:e9:aa:6c:45:47:57:70:e3:db:48:0a:
dc:f9:9d:58:f1:00:c3:07:9e:b4:a0:1d:7b:8e:07:
23:2c:b2:ab:54:c2:06:77:98:2d:1c:6d:4e:a4:39:
e8:12:8b:41:4a:46:bd:6c:98:3e:4b:36:64:a5:03:
62:58:91:d7:ff:c1:cf:9b:0a:97:82:0a:08:ed:70:
74:ab:47:07:04:88:26:0b:95:4b:df:fd:93:f2:fb:
dd:11:78:70:72:b9:57:3c:df:3f:bb:90:d2:33:f1:
fb:55:e4:ab:9f:d5:c6:d3:9f:6b:7d:9f:d9:fc:1d:
c7:3c:da:b1:cb:20:7f:ad:a7:9f:c3:09:40:54:93:
eb:63:73:b9:c7:3c:dc:64:fb:1e:cb:79:59:71:02:
5d:b6:33:c8:42:7e:b3:3f:87:f3:05:48:3d:47:62:
60:45:5e:ce:05:05:42:86:4e:38:2c:5c:07:f5:b6:
d9:3b:52:68:24:6d:93:88:9f:45:81:27:44:f9:57:
ae:54:4f:63:ba:4e:d9:6f:b3:6d:e8:93:c1:80:37:
10:06:c0:de:9b:49:c9:b0:47:1a:7c:9a:b0:e2:fb:
b2:2f:6a:42:30:8a:e7:68:9f:ce:90:31:a2:3e:55:
6c:47:4b:c4:a4:8e:af:60:c5:e7:b5:ed:e7:4c:6a:
90:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:60:CD:96:2B:D0:C1:2D:10:8C:A7:8F:49:99:3E:1C:59:33:5E:74
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/nmDNlivQwS0QjKePSZk-HFkzXnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:51:e5:a5:d9:ea:5b:13:cc:45:d6:ea:c5:5a:e5:7d:f3:0c:
03:1b:af:44:6f:de:a6:a5:f8:97:f4:bd:e6:1c:d7:86:3c:b4:
7e:af:0f:8c:1a:73:92:b1:50:c2:12:40:a6:60:d2:06:15:08:
0d:0b:0f:ed:4b:45:8f:33:63:43:15:4b:21:e8:2e:bb:08:94:
29:0b:55:c1:ec:33:72:05:49:72:c5:f4:7c:f4:0c:98:b2:19:
a8:74:cf:68:11:3b:bd:3f:28:08:e5:e6:7d:72:81:2d:c1:fb:
db:3e:f3:c1:99:ab:b4:ee:0e:ce:b6:7d:28:15:64:89:e1:21:
31:2b:2d:05:f9:ab:52:12:4e:ca:60:4a:51:34:74:7f:25:74:
dc:71:26:89:70:73:e2:87:86:b6:6e:f2:48:1a:37:1f:4f:9a:
70:85:e9:a8:c7:9f:a3:0f:36:01:b7:76:97:13:f5:df:20:c9:
af:31:53:74:63:d2:8e:8c:96:0f:08:25:27:e9:88:38:43:af:
ea:02:12:d7:a9:d3:8b:4e:06:09:fc:c4:12:25:5b:f6:82:12:
07:d9:2b:ba:56:c2:df:4c:f1:e1:c8:d4:cd:18:49:24:b0:3c:
c0:91:c2:00:52:d6:f8:51:1d:48:8a:86:4b:e2:b2:f4:a6:c8:
03:61:84:f0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYyLt6fpu372kx/Hs9Y+OJesMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMxMjIxMDkzMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTYwY2Q5NjJiZDBjMTJkMTA4Y2E3OGY0OTk5M2UxYzU5MzM1ZTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQL/6apsRUdXcOPbSArc+Z1Y8QDD
B560oB17jgcjLLKrVMIGd5gtHG1OpDnoEotBSka9bJg+SzZkpQNiWJHX/8HPmwqX
ggoI7XB0q0cHBIgmC5VL3/2T8vvdEXhwcrlXPN8/u5DSM/H7VeSrn9XG059rfZ/Z
/B3HPNqxyyB/raefwwlAVJPrY3O5xzzcZPsey3lZcQJdtjPIQn6zP4fzBUg9R2Jg
RV7OBQVChk44LFwH9bbZO1JoJG2TiJ9FgSdE+VeuVE9juk7Zb7Nt6JPBgDcQBsDe
m0nJsEcafJqw4vuyL2pCMIrnaJ/OkDGiPlVsR0vEpI6vYMXnte3nTGqQCQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ5gzZYr0MEtEIynj0mZPhxZM150MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvbm1ETmxpdlF3UzBRaktlUFNaay1IRmt6WG5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDURaIAwQC
WbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQChUeWl2epbE8xF1urFWuV98wwD
G69Eb96mpfiX9L3mHNeGPLR+rw+MGnOSsVDCEkCmYNIGFQgNCw/tS0WPM2NDFUsh
6C67CJQpC1XB7DNyBUlyxfR89AyYshmodM9oETu9PygI5eZ9coEtwfvbPvPBmau0
7g7Otn0oFWSJ4SExKy0F+atSEk7KYEpRNHR/JXTccSaJcHPih4a2bvJIGjcfT5pw
hemox5+jDzYBt3aXE/XfIMmvMVN0Y9KOjJYPCCUn6Yg4Q6/qAhLXqdOLTgYJ/MQS
JVv2ghIH2Su6VsLfTPHhyNTNGEkksDzAkcIAUtb4UR1IioZL4rL0psgDYYTw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org