Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/ogNnyhE4C0ewNFU5CAa64OjQTF8.roa
File: ogNnyhE4C0ewNFU5CAa64OjQTF8.roa (raw, json)
Hash identifier: hiO6lhShPXJXIHzfDwpFCgqltDM73aRKrTCPNyu3AX0=
Subject key identifier: A2:03:67:CA:11:38:0B:47:B0:34:55:39:08:06:BA:E0:E8:D0:4C:5F
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 01884D7E07EFA7D4E6E2EAE51601F7AE1972
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/ogNnyhE4C0ewNFU5CAa64OjQTF8.roa
Signing time: Wed 24 May 2023 11:21:25 +0000
ROA not before: Wed 24 May 2023 11:21:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.185.0.0/22 maxlen: 22
81.22.128.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 May 2023 18:47:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:4d:7e:07:ef:a7:d4:e6:e2:ea:e5:16:01:f7:ae:19:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: May 24 11:21:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a20367ca11380b47b03455390806bae0e8d04c5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:81:cc:c8:b4:ba:6a:79:b4:c6:02:df:0b:33:
b0:c0:40:4d:ab:af:28:86:ae:3d:c9:12:b8:10:7b:
3f:28:fa:d1:af:4e:a3:7b:99:62:7b:8a:76:bb:7e:
38:55:39:93:c8:ff:c4:ca:1d:ea:4d:fb:91:0a:8f:
a0:05:0b:89:6c:03:6f:7c:76:26:71:a9:a6:19:5d:
0f:fd:5a:e4:08:f8:fc:10:03:b3:24:0f:95:6c:11:
44:97:86:6d:f2:e5:77:9d:0a:17:bb:20:49:44:b9:
36:e5:dc:97:01:fb:e2:ee:3e:69:12:14:57:a8:15:
1c:a5:69:7a:ff:d6:95:26:1f:92:8b:a8:f7:57:0f:
d1:70:bb:d1:ff:bf:30:6f:a6:48:77:c4:91:a0:82:
34:7c:df:2f:fb:ed:c9:f6:73:c8:85:74:14:2e:df:
a8:f3:df:12:22:1c:03:ed:20:03:9c:9b:08:fc:c9:
2b:05:bc:a5:67:b1:ff:05:4a:d0:8d:1a:13:01:3a:
e2:70:b3:e0:7f:45:02:71:47:1c:72:15:9d:fb:5d:
ec:62:c1:e9:e4:0d:28:50:e1:71:2b:3c:4d:46:6a:
01:96:0a:92:ed:ae:71:c1:5b:96:db:74:c9:86:6c:
da:35:b4:07:4a:74:30:23:43:0b:86:48:10:1e:0c:
eb:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:03:67:CA:11:38:0B:47:B0:34:55:39:08:06:BA:E0:E8:D0:4C:5F
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/ogNnyhE4C0ewNFU5CAa64OjQTF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.128.0/24
89.185.0.0/22
Signature Algorithm: sha256WithRSAEncryption
67:9c:ae:36:0d:91:05:29:e5:9f:16:66:c6:18:ba:dc:f2:82:
20:82:9c:fd:e1:57:e6:a6:2c:a8:88:6d:97:56:9e:51:e7:da:
2c:ac:60:47:84:10:d3:97:89:69:7d:bb:5c:38:03:4d:5d:36:
b0:b7:8f:3e:46:f6:11:97:b4:ec:91:d9:51:3e:8f:13:25:f4:
03:4c:5b:ba:7a:4b:11:3d:10:32:2c:54:f8:e8:2f:c7:1f:a0:
2a:22:0c:26:06:15:08:dd:72:aa:e5:4b:78:51:0d:57:77:fa:
7d:21:e0:a5:7c:7e:1a:76:c0:56:b1:2c:47:1b:75:8d:d0:36:
0f:14:38:a2:97:ca:e4:51:c3:93:92:e8:04:5e:cd:7c:51:b1:
c9:1c:60:48:e0:40:45:b5:33:2b:05:d8:51:a5:3b:3d:fb:81:
8a:e2:4a:ca:24:32:df:b9:28:ec:d1:42:d8:46:eb:74:84:c3:
31:0a:8d:8d:a1:43:37:53:ac:82:00:58:5c:67:05:44:8f:34:
dc:e1:02:a7:02:8d:b3:29:02:3d:10:78:fd:ee:5c:4f:4d:66:
79:dd:20:41:2f:ab:4a:75:12:53:ab:04:6d:cd:41:bc:4e:ab:
52:17:94:cc:1e:34:21:a0:81:14:2b:c5:ec:fa:c3:31:d5:82:
83:cc:42:71
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYhNfgfvp9Tm4urlFgH3rhlyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwNTI0MTEyMTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjAzNjdjYTExMzgwYjQ3YjAzNDU1MzkwODA2YmFlMGU4ZDA0YzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk4HMyLS6anm0xgLfCzOwwEBNq68o
hq49yRK4EHs/KPrRr06je5lie4p2u344VTmTyP/Eyh3qTfuRCo+gBQuJbANvfHYm
cammGV0P/VrkCPj8EAOzJA+VbBFEl4Zt8uV3nQoXuyBJRLk25dyXAfvi7j5pEhRX
qBUcpWl6/9aVJh+Si6j3Vw/RcLvR/78wb6ZId8SRoII0fN8v++3J9nPIhXQULt+o
898SIhwD7SADnJsI/MkrBbylZ7H/BUrQjRoTATricLPgf0UCcUccchWd+13sYsHp
5A0oUOFxKzxNRmoBlgqS7a5xwVuW23TJhmzaNbQHSnQwI0MLhkgQHgzrRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKIDZ8oROAtHsDRVOQgGuuDo0ExfMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvb2dObnloRTRDMGV3TkZVNUNBYTY0T2pRVEY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAURaAAwQC
WbkAMA0GCSqGSIb3DQEBCwUAA4IBAQBnnK42DZEFKeWfFmbGGLrc8oIggpz94Vfm
piyoiG2XVp5R59osrGBHhBDTl4lpfbtcOANNXTawt48+RvYRl7TskdlRPo8TJfQD
TFu6eksRPRAyLFT46C/HH6AqIgwmBhUI3XKq5Ut4UQ1Xd/p9IeClfH4adsBWsSxH
G3WN0DYPFDiil8rkUcOTkugEXs18UbHJHGBI4EBFtTMrBdhRpTs9+4GK4krKJDLf
uSjs0ULYRut0hMMxCo2NoUM3U6yCAFhcZwVEjzTc4QKnAo2zKQI9EHj97lxPTWZ5
3SBBL6tKdRJTqwRtzUG8TqtSF5TMHjQhoIEUK8Xs+sMx1YKDzEJx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org