Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/o4Wa8bbfJfyscSX28cn8MB6gkEk.roa
File: o4Wa8bbfJfyscSX28cn8MB6gkEk.roa (raw, json)
Hash identifier: hSr4PjYN114Q7UCakdGpX0WX9Q5/c/Ak67a+37PFJu0=
Subject key identifier: A3:85:9A:F1:B6:DF:25:FC:AC:71:25:F6:F1:C9:FC:30:1E:A0:90:49
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018A17DE19D28F8DE0EAB41A6598A73B7135
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/o4Wa8bbfJfyscSX28cn8MB6gkEk.roa
Signing time: Mon 21 Aug 2023 11:32:26 +0000
ROA not before: Mon 21 Aug 2023 11:32:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 81.22.135.0/24 maxlen: 24
109.72.120.0/24 maxlen: 24
109.72.127.0/24 maxlen: 24
89.185.1.0/24 maxlen: 24
81.22.128.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Sep 2023 11:08:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:17:de:19:d2:8f:8d:e0:ea:b4:1a:65:98:a7:3b:71:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Aug 21 11:32:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3859af1b6df25fcac7125f6f1c9fc301ea09049
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:6c:40:a2:af:10:e9:46:80:32:5a:38:7c:06:
ac:3f:c8:ac:1e:b3:0f:61:5a:1b:7a:8f:87:2e:fa:
06:4f:2a:62:ec:57:45:e1:a9:c8:4f:5b:71:29:f1:
e8:ea:db:4b:ca:c6:df:48:6a:65:6c:01:d7:8c:74:
51:b9:3b:0b:9a:a8:a2:21:97:db:20:90:00:9a:27:
96:4f:90:bc:2b:57:03:ba:74:3b:61:c2:97:78:d9:
0d:e8:52:ed:f7:45:b1:51:fe:9a:58:a7:dd:0e:fa:
8f:95:9b:79:60:94:ee:1b:6a:6b:f1:71:6c:66:ee:
cb:f3:ee:c2:66:a0:1c:24:1c:ae:79:d7:f9:f2:40:
eb:03:3e:b9:90:20:57:b4:4f:7f:82:d4:fa:4b:b2:
b3:62:40:ce:06:41:b0:00:89:f2:2e:26:fb:83:75:
c8:ed:67:61:e5:50:bd:90:c6:88:61:e5:5a:5e:15:
5a:14:51:91:f6:33:20:67:00:63:2e:a0:36:e1:99:
c0:52:f2:5b:0e:58:57:e4:b1:c2:24:23:a2:e7:13:
dc:ec:9c:52:a2:69:3b:25:9b:7d:61:6f:de:46:29:
11:83:76:78:d6:b1:46:a5:90:a6:bc:e1:c4:32:66:
f7:09:a9:5b:89:92:08:81:e8:be:ee:e2:6f:14:ff:
d6:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:85:9A:F1:B6:DF:25:FC:AC:71:25:F6:F1:C9:FC:30:1E:A0:90:49
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/o4Wa8bbfJfyscSX28cn8MB6gkEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.128.0/24
81.22.135.0/24
89.185.1.0/24
109.72.120.0/24
109.72.127.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:6c:36:33:4b:b9:e0:87:a0:e8:02:15:2b:d1:aa:f5:cd:8a:
1d:41:8c:c8:d5:b3:5c:06:b7:7e:02:14:e4:a5:a5:0a:e7:98:
6f:f6:5a:94:31:5d:6f:04:72:4e:6e:14:94:10:10:81:dc:f7:
1c:8c:ee:03:72:c5:fe:0b:64:37:33:e4:de:a5:f6:e1:35:43:
21:e5:45:05:e0:c3:22:73:4d:50:55:a4:86:05:a0:92:1b:27:
4b:89:5a:7d:b5:db:51:2b:3d:71:5f:50:3b:bc:88:cf:cc:3e:
2b:1e:3a:17:ad:f5:11:ab:6a:18:21:76:e7:8c:96:87:d3:33:
b4:2e:f7:60:cb:a8:51:e5:be:ec:28:5d:82:cd:b5:ed:79:19:
a3:51:2a:2e:29:47:5f:67:57:ad:58:66:5e:84:71:eb:32:1d:
0d:62:60:4d:84:53:ae:44:24:3a:7e:35:f6:bf:b6:4b:e3:9c:
99:e2:6c:4f:e0:b2:91:ce:ab:22:4d:25:87:a4:a0:a8:96:86:
09:d2:a0:a0:69:3c:2b:98:5a:d7:90:b2:22:79:98:57:8b:cf:
1f:8a:0a:fd:a7:d6:da:27:5a:36:7c:b9:9e:9c:17:bd:25:2f:
1d:ee:8c:99:83:c9:14:cb:48:2e:85:c6:8c:54:f5:fe:bb:fa:
fe:d5:5f:00
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYoX3hnSj43g6rQaZZinO3E1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwODIxMTEzMjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzg1OWFmMWI2ZGYyNWZjYWM3MTI1ZjZmMWM5ZmMzMDFlYTA5MDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA12xAoq8Q6UaAMlo4fAasP8isHrMP
YVobeo+HLvoGTypi7FdF4anIT1txKfHo6ttLysbfSGplbAHXjHRRuTsLmqiiIZfb
IJAAmieWT5C8K1cDunQ7YcKXeNkN6FLt90WxUf6aWKfdDvqPlZt5YJTuG2pr8XFs
Zu7L8+7CZqAcJByuedf58kDrAz65kCBXtE9/gtT6S7KzYkDOBkGwAInyLib7g3XI
7Wdh5VC9kMaIYeVaXhVaFFGR9jMgZwBjLqA24ZnAUvJbDlhX5LHCJCOi5xPc7JxS
omk7JZt9YW/eRikRg3Z41rFGpZCmvOHEMmb3CalbiZIIgei+7uJvFP/WMwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKOFmvG23yX8rHEl9vHJ/DAeoJBJMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvbzRXYThiYmZKZnlzY1NYMjhjbjhNQjZna0VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAURaAAwQA
URaHAwQAWbkBAwQAbUh4AwQAbUh/MA0GCSqGSIb3DQEBCwUAA4IBAQAKbDYzS7ng
h6DoAhUr0ar1zYodQYzI1bNcBrd+AhTkpaUK55hv9lqUMV1vBHJObhSUEBCB3Pcc
jO4DcsX+C2Q3M+TepfbhNUMh5UUF4MMic01QVaSGBaCSGydLiVp9tdtRKz1xX1A7
vIjPzD4rHjoXrfURq2oYIXbnjJaH0zO0Lvdgy6hR5b7sKF2CzbXteRmjUSouKUdf
Z1etWGZehHHrMh0NYmBNhFOuRCQ6fjX2v7ZL45yZ4mxP4LKRzqsiTSWHpKColoYJ
0qCgaTwrmFrXkLIieZhXi88figr9p9baJ1o2fLmenBe9JS8d7oyZg8kUy0guhcaM
VPX+u/r+1V8A
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org