Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/oCtTqMoXGtNFrWEY4YU4Wki8om0.roa
File: oCtTqMoXGtNFrWEY4YU4Wki8om0.roa (raw, json)
Hash identifier: Rxe1pQsuOWewXY5bczodCgV9+pEVIHdHzun76WMrDi0=
Subject key identifier: A0:2B:53:A8:CA:17:1A:D3:45:AD:61:18:E1:85:38:5A:48:BC:A2:6D
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018CA5818751D4E20406E5F2FD88F573F71F
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/oCtTqMoXGtNFrWEY4YU4Wki8om0.roa
Signing time: Tue 26 Dec 2023 09:42:58 +0000
ROA not before: Tue 26 Dec 2023 09:42:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21859
IP address blocks: 81.22.138.0/24 maxlen: 24
81.22.137.0/24 maxlen: 24
109.72.123.0/24 maxlen: 24
81.22.128.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a5:81:87:51:d4:e2:04:06:e5:f2:fd:88:f5:73:f7:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Dec 26 09:42:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a02b53a8ca171ad345ad6118e185385a48bca26d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:ba:0e:37:f8:d6:89:89:43:38:af:60:f3:ae:
c8:62:fd:81:5b:55:d8:a5:55:c3:ba:63:5d:d5:20:
e1:e4:e2:90:f2:c9:c3:86:fc:9b:e8:da:fe:fe:c9:
93:af:30:6f:4b:f1:87:a6:44:c7:fe:3a:39:63:8a:
e5:4b:ae:b8:84:6b:00:34:a1:9d:fb:ea:92:a0:ab:
09:49:79:96:b4:30:6c:af:9c:be:44:b3:b3:d2:da:
f9:be:b4:38:53:79:b3:27:c7:96:dd:5c:88:0b:c9:
e2:39:27:af:48:97:2b:b2:92:04:70:d7:d2:1c:0a:
9e:a7:a0:0c:13:4c:44:c4:e5:9f:63:c8:b7:e5:93:
10:52:b9:9b:0e:59:99:e4:37:43:2a:e7:25:d1:45:
02:4e:10:fd:d5:49:ac:5e:d0:c5:22:34:e7:3c:7e:
5e:e9:54:6d:38:2e:b1:d5:4a:1d:e5:68:06:91:bb:
3e:ea:40:74:4c:a2:f0:53:06:8c:7f:ff:c4:0d:64:
ad:2f:b2:bd:1c:b8:cd:65:0e:90:3d:fd:f1:db:36:
14:3e:28:7e:64:3e:e6:27:30:f0:0b:c0:ce:8c:af:
19:37:13:97:e6:2f:e0:79:cc:ec:51:1f:a5:9f:b2:
1b:51:b8:a5:fd:e8:7b:a4:b0:41:f4:e3:5e:25:53:
c8:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:2B:53:A8:CA:17:1A:D3:45:AD:61:18:E1:85:38:5A:48:BC:A2:6D
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/oCtTqMoXGtNFrWEY4YU4Wki8om0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.128.0/24
81.22.137.0-81.22.138.255
109.72.123.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:40:f0:09:d3:f8:d7:2d:43:55:1a:9a:13:94:21:23:a5:07:
80:a5:26:15:98:e1:7e:e0:9a:62:c9:0a:2f:24:11:1c:f5:33:
cc:e3:20:13:0e:2b:a9:2c:3d:b2:36:dc:51:22:ea:05:e3:6c:
0a:1b:70:8d:bd:d3:1b:84:2e:b5:60:d8:d6:75:71:15:3b:63:
f2:70:dc:41:c8:88:c4:d8:88:d7:60:5b:3b:44:5e:5c:39:c7:
b9:bf:78:fb:d1:5d:84:02:9e:6f:4c:00:f4:d4:b8:d6:13:96:
b9:02:19:df:da:f2:37:d2:ed:83:ae:eb:51:f4:83:88:f3:ed:
b4:c7:8b:5a:76:33:61:6f:90:a2:11:76:d5:ed:98:f0:af:fc:
37:35:55:f4:7d:a6:3a:f0:29:bf:32:4f:75:ff:97:02:5d:24:
df:20:c0:79:ff:d1:a1:80:d8:c2:5b:c3:28:5e:63:f7:d4:29:
6c:30:70:72:a0:8a:70:b2:18:bd:b4:10:29:e6:24:fe:f7:ec:
08:70:d5:a1:6b:f5:59:ac:88:4b:d7:e1:2b:87:ba:99:bf:4e:
a4:1a:e9:ee:72:a6:eb:4f:ef:a9:ca:a0:23:78:54:14:3c:56:
4f:c9:bb:81:0f:d0:fd:ec:63:eb:28:c1:b7:d6:4e:e2:76:a4:
19:ac:2d:41
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYylgYdR1OIEBuXy/Yj1c/cfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMxMjI2MDk0MjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDJiNTNhOGNhMTcxYWQzNDVhZDYxMThlMTg1Mzg1YTQ4YmNhMjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5LoON/jWiYlDOK9g867IYv2BW1XY
pVXDumNd1SDh5OKQ8snDhvyb6Nr+/smTrzBvS/GHpkTH/jo5Y4rlS664hGsANKGd
++qSoKsJSXmWtDBsr5y+RLOz0tr5vrQ4U3mzJ8eW3VyIC8niOSevSJcrspIEcNfS
HAqep6AME0xExOWfY8i35ZMQUrmbDlmZ5DdDKucl0UUCThD91UmsXtDFIjTnPH5e
6VRtOC6x1Uod5WgGkbs+6kB0TKLwUwaMf//EDWStL7K9HLjNZQ6QPf3x2zYUPih+
ZD7mJzDwC8DOjK8ZNxOX5i/geczsUR+ln7IbUbil/eh7pLBB9ONeJVPIHQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFKArU6jKFxrTRa1hGOGFOFpIvKJtMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvb0N0VHFNb1hHdE5GcldFWTRZVTRXa2k4b20wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAURaAMAwD
BABRFokDBABRFooDBABtSHswDQYJKoZIhvcNAQELBQADggEBAHtA8AnT+NctQ1Ua
mhOUISOlB4ClJhWY4X7gmmLJCi8kERz1M8zjIBMOK6ksPbI23FEi6gXjbAobcI29
0xuELrVg2NZ1cRU7Y/Jw3EHIiMTYiNdgWztEXlw5x7m/ePvRXYQCnm9MAPTUuNYT
lrkCGd/a8jfS7YOu61H0g4jz7bTHi1p2M2FvkKIRdtXtmPCv/Dc1VfR9pjrwKb8y
T3X/lwJdJN8gwHn/0aGA2MJbwyheY/fUKWwwcHKginCyGL20ECnmJP737Ahw1aFr
9VmsiEvX4SuHupm/TqQa6e5yputP76nKoCN4VBQ8Vk/Ju4EP0P3sY+sowbfWTuJ2
pBmsLUE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org