Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/nxUDPtBho6DB60eG7I4F3SBhMcY.roa
File: nxUDPtBho6DB60eG7I4F3SBhMcY.roa (raw, json)
Hash identifier: YAzOxGWnrj+JnV8RhOezdSAs+oyD4CsUNgIF8oTacak=
Subject key identifier: 9F:15:03:3E:D0:61:A3:A0:C1:EB:47:86:EC:8E:05:DD:20:61:31:C6
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018C3924139B450AEC517533941310C90BB1
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/nxUDPtBho6DB60eG7I4F3SBhMcY.roa
Signing time: Tue 05 Dec 2023 08:41:54 +0000
ROA not before: Tue 05 Dec 2023 08:41:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 24
89.185.24.0/22 maxlen: 24
81.22.140.0/22 maxlen: 24
89.185.22.0/24 maxlen: 24
109.72.116.0/22 maxlen: 24
109.72.123.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 05 Dec 2023 21:48:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:39:24:13:9b:45:0a:ec:51:75:33:94:13:10:c9:0b:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Dec 5 08:41:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f15033ed061a3a0c1eb4786ec8e05dd206131c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:59:3e:a1:9e:f2:db:dd:ff:22:85:5b:ab:1e:
6a:b1:3f:11:1f:52:9e:02:ba:3b:45:7e:7a:76:71:
62:c8:b0:ef:60:0a:05:01:89:36:b1:6d:ae:70:77:
93:1b:8f:a5:fd:aa:51:cc:39:03:52:b8:a4:27:1c:
64:1e:79:a3:23:e1:43:24:df:c4:eb:be:9a:58:e6:
be:4c:24:4f:6b:dd:26:70:0a:7d:20:95:62:79:2e:
8b:02:11:c4:f8:4e:c2:54:53:d8:06:25:1c:8b:9f:
51:78:9e:89:8b:89:d2:89:6f:39:ed:1e:9a:5f:30:
77:e5:0b:a5:c2:ac:5f:4e:8b:ed:19:e9:fe:dd:4d:
75:00:73:14:21:d2:6b:d0:34:dd:17:c9:92:67:1a:
1e:1d:7b:77:6c:2e:ae:d3:40:5b:7d:f7:b8:9d:c5:
3e:99:ca:74:7e:d1:fc:ef:2d:18:87:0e:08:dc:06:
ca:a9:c7:b9:61:cf:04:95:0b:b5:99:a6:eb:73:a5:
33:29:41:7a:73:c3:68:51:4d:0d:9e:af:8d:e0:a6:
86:62:3b:d3:25:18:09:c1:f7:a0:fa:b1:52:18:af:
10:43:87:df:37:c3:5d:f0:fa:4d:4b:95:90:d9:35:
bd:76:cc:d0:92:7c:41:25:59:b7:1d:b7:09:66:91:
00:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:15:03:3E:D0:61:A3:A0:C1:EB:47:86:EC:8E:05:DD:20:61:31:C6
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/nxUDPtBho6DB60eG7I4F3SBhMcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
89.185.22.0/24
89.185.24.0/22
109.72.116.0/22
109.72.123.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:32:21:4f:b8:93:54:e2:d9:4e:40:e0:c0:26:92:0d:c1:48:
19:8f:74:8c:45:4f:dd:a3:35:e4:6d:08:f3:d3:47:cf:a4:3d:
89:93:40:a1:1c:db:21:d3:e8:4c:57:59:62:0e:cc:97:5b:45:
ab:89:6a:01:e7:3f:36:b0:89:78:6f:1b:21:2a:ab:39:9c:b0:
dd:22:ed:6d:5b:5a:ea:7d:35:71:53:df:79:7f:8a:b2:29:f8:
23:cb:8e:ee:49:f3:cd:ad:dd:72:f7:d6:3e:bc:b2:97:df:9e:
a8:01:15:71:e0:cb:92:e8:eb:8e:8c:a5:e3:22:36:c5:5a:c8:
ac:c4:71:99:55:69:b0:b8:e4:d3:35:be:aa:eb:7e:b6:36:f9:
56:90:73:d9:bd:af:74:33:8e:85:b4:0d:30:00:49:25:4d:6c:
9a:68:40:a1:e4:ba:e9:85:b7:74:4c:11:42:02:80:0e:51:ad:
cb:c5:05:56:75:1e:9d:4f:46:43:4b:db:16:f6:82:27:29:31:
23:86:f6:fe:47:73:28:46:ce:7d:6d:57:9b:48:49:4f:f6:60:
e1:ec:bc:f0:d0:0b:08:0c:ee:1c:62:98:75:59:f5:ec:32:9c:
d7:75:c1:7c:15:9d:47:07:f7:0d:f8:4f:e2:a3:fa:fc:de:49:
3c:81:29:83
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYw5JBObRQrsUXUzlBMQyQuxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMxMjA1MDg0MTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjE1MDMzZWQwNjFhM2EwYzFlYjQ3ODZlYzhlMDVkZDIwNjEzMWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVk+oZ7y293/IoVbqx5qsT8RH1Ke
Aro7RX56dnFiyLDvYAoFAYk2sW2ucHeTG4+l/apRzDkDUrikJxxkHnmjI+FDJN/E
676aWOa+TCRPa90mcAp9IJVieS6LAhHE+E7CVFPYBiUci59ReJ6Ji4nSiW857R6a
XzB35QulwqxfTovtGen+3U11AHMUIdJr0DTdF8mSZxoeHXt3bC6u00Bbffe4ncU+
mcp0ftH87y0Yhw4I3AbKqce5Yc8ElQu1mabrc6UzKUF6c8NoUU0Nnq+N4KaGYjvT
JRgJwfeg+rFSGK8QQ4ffN8Nd8PpNS5WQ2TW9dszQknxBJVm3HbcJZpEAtwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJ8VAz7QYaOgwetHhuyOBd0gYTHGMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvbnhVRFB0QmhvNkRCNjBlRzdJNEYzU0JoTWNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDURaIAwQC
WbkAAwQAWbkWAwQCWbkYAwQCbUh0AwQAbUh7MA0GCSqGSIb3DQEBCwUAA4IBAQCa
MiFPuJNU4tlOQODAJpINwUgZj3SMRU/dozXkbQjz00fPpD2Jk0ChHNsh0+hMV1li
DsyXW0WriWoB5z82sIl4bxshKqs5nLDdIu1tW1rqfTVxU995f4qyKfgjy47uSfPN
rd1y99Y+vLKX356oARVx4MuS6OuOjKXjIjbFWsisxHGZVWmwuOTTNb6q6362NvlW
kHPZva90M46FtA0wAEklTWyaaECh5Lrphbd0TBFCAoAOUa3LxQVWdR6dT0ZDS9sW
9oInKTEjhvb+R3MoRs59bVebSElP9mDh7Lzw0AsIDO4cYph1WfXsMpzXdcF8FZ1H
B/cN+E/io/r83kk8gSmD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org