Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/o0-7eHQEHehsLWin6O6f4XWxEsc.roa
File: o0-7eHQEHehsLWin6O6f4XWxEsc.roa (raw, json)
Hash identifier: NYRd5tqzF97TIuAPrntbBYnNw3ghqOUBO6q+5ufM4Fk=
Subject key identifier: A3:4F:BB:78:74:04:1D:E8:6C:2D:68:A7:E8:EE:9F:E1:75:B1:12:C7
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018ADAF4237B75573A96FD86162669D43B9E
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/o0-7eHQEHehsLWin6O6f4XWxEsc.roa
Signing time: Thu 28 Sep 2023 08:42:27 +0000
ROA not before: Thu 28 Sep 2023 08:42:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 81.22.140.0/22 maxlen: 22
89.185.24.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sat 14 Oct 2023 09:10:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:da:f4:23:7b:75:57:3a:96:fd:86:16:26:69:d4:3b:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Sep 28 08:42:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a34fbb7874041de86c2d68a7e8ee9fe175b112c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:b7:b8:d3:25:78:9e:71:ca:3d:9b:ac:8c:39:
c0:70:76:16:8a:d4:0b:f4:60:8f:a5:22:80:cd:2c:
63:e0:e1:25:21:80:d9:f7:8b:b4:57:db:fc:03:77:
6e:ce:89:5c:aa:8e:05:0f:d3:98:99:58:5d:2e:2a:
f4:66:fa:0b:4a:31:9c:12:54:60:ce:08:18:e1:88:
3c:f6:ac:71:aa:86:39:0c:4d:02:a8:1f:68:f7:af:
48:7f:dd:bb:5a:1d:2b:95:39:2b:92:a9:47:3c:c9:
72:2d:27:1f:b3:67:ba:74:05:fd:e8:1f:da:a5:6a:
82:ba:c6:64:4d:5a:08:f7:32:02:8b:a7:0e:cf:7a:
b6:a4:04:1e:dd:ff:36:85:40:c1:ea:c3:38:c4:c5:
1f:e7:fa:6f:64:f9:02:b7:a0:28:6c:b3:4e:5b:5b:
6f:b9:6c:31:18:28:dc:d3:f5:18:3b:fc:37:04:ae:
91:7d:4e:aa:75:5c:63:88:5d:16:91:96:89:cc:ea:
9e:19:de:75:f6:8b:87:b5:fa:55:6c:99:06:4d:b0:
7e:ca:d0:d5:7a:1c:3d:31:1c:73:ca:e8:2e:85:79:
e1:b1:2e:16:e6:4c:40:fd:7b:63:0b:9f:08:6d:60:
d4:6b:59:13:72:66:be:b3:b1:37:74:55:7a:2c:8c:
b6:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:4F:BB:78:74:04:1D:E8:6C:2D:68:A7:E8:EE:9F:E1:75:B1:12:C7
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/o0-7eHQEHehsLWin6O6f4XWxEsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.140.0/22
89.185.24.0/22
Signature Algorithm: sha256WithRSAEncryption
02:88:79:21:89:37:e1:c0:22:c7:2f:94:81:fe:a0:a3:41:75:
da:37:8c:42:5e:ea:09:79:52:15:2c:25:b4:99:de:20:d5:74:
33:f2:17:74:96:66:e6:38:2d:49:ef:8e:66:96:b9:94:2d:2c:
7b:ce:1c:af:1a:9e:69:e1:3d:f8:c6:98:0c:97:5c:66:bc:30:
d3:61:8e:26:e5:ab:ae:73:9e:1d:04:7b:a5:cc:98:27:5b:a8:
69:0f:38:df:54:7c:8f:fe:b3:17:70:3a:09:67:91:49:dc:2f:
7e:3c:21:d8:69:e9:12:72:5e:d7:20:f9:ef:03:95:a6:d0:12:
a4:db:e8:59:aa:ee:ee:bb:da:13:be:e6:b2:15:1a:76:e1:16:
ae:b2:a2:61:9c:09:3e:a4:f7:4f:40:a6:67:58:be:8b:f3:b4:
79:fd:c6:48:65:6c:c0:38:04:c8:59:76:5d:3e:5f:db:61:c9:
5e:48:b9:88:47:e4:4b:09:b0:5a:cc:23:f4:79:de:74:e6:62:
1e:cc:fb:88:9c:2e:90:9a:db:94:96:a1:31:ec:7a:e4:de:28:
61:20:57:48:63:5b:c4:49:d6:eb:dc:88:75:cc:10:71:01:c4:
9a:64:4c:b4:68:d5:b2:db:c8:e8:2d:51:a1:09:12:13:2a:bf:
d8:6c:f2:e5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYra9CN7dVc6lv2GFiZp1DueMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwOTI4MDg0MjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzRmYmI3ODc0MDQxZGU4NmMyZDY4YTdlOGVlOWZlMTc1YjExMmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLe40yV4nnHKPZusjDnAcHYWitQL
9GCPpSKAzSxj4OElIYDZ94u0V9v8A3duzolcqo4FD9OYmVhdLir0ZvoLSjGcElRg
zggY4Yg89qxxqoY5DE0CqB9o969If927Wh0rlTkrkqlHPMlyLScfs2e6dAX96B/a
pWqCusZkTVoI9zICi6cOz3q2pAQe3f82hUDB6sM4xMUf5/pvZPkCt6AobLNOW1tv
uWwxGCjc0/UYO/w3BK6RfU6qdVxjiF0WkZaJzOqeGd519ouHtfpVbJkGTbB+ytDV
ehw9MRxzyuguhXnhsS4W5kxA/XtjC58IbWDUa1kTcma+s7E3dFV6LIy2ywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKNPu3h0BB3obC1op+jun+F1sRLHMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvbzAtN2VIUUVIZWhzTFdpbjZPNmY0WFd4RXNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCURaMAwQC
WbkYMA0GCSqGSIb3DQEBCwUAA4IBAQACiHkhiTfhwCLHL5SB/qCjQXXaN4xCXuoJ
eVIVLCW0md4g1XQz8hd0lmbmOC1J745mlrmULSx7zhyvGp5p4T34xpgMl1xmvDDT
YY4m5auuc54dBHulzJgnW6hpDzjfVHyP/rMXcDoJZ5FJ3C9+PCHYaekScl7XIPnv
A5Wm0BKk2+hZqu7uu9oTvuayFRp24RausqJhnAk+pPdPQKZnWL6L87R5/cZIZWzA
OATIWXZdPl/bYcleSLmIR+RLCbBazCP0ed505mIezPuInC6QmtuUlqEx7Hrk3ihh
IFdIY1vESdbr3Ih1zBBxAcSaZEy0aNWy28joLVGhCRITKr/YbPLl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org