Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/opnOTKi8cLP7_BS_uspB51WgAOQ.roa
File: opnOTKi8cLP7_BS_uspB51WgAOQ.roa (raw, json)
Hash identifier: qCebemgI4CaOH8/GfAvgUDfZNv8rGiU8yBOouvxnC/8=
Subject key identifier: A2:99:CE:4C:A8:BC:70:B3:FB:FC:14:BF:BA:CA:41:E7:55:A0:00:E4
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018E98BD46ADB2AC3970182B7F4B4A26C263
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/opnOTKi8cLP7_BS_uspB51WgAOQ.roa
Signing time: Mon 01 Apr 2024 08:18:44 +0000
ROA not before: Mon 01 Apr 2024 08:18:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.131.0/24 maxlen: 24
81.22.136.0/22 maxlen: 23
81.22.140.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
109.72.116.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Apr 2024 10:24:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:98:bd:46:ad:b2:ac:39:70:18:2b:7f:4b:4a:26:c2:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Apr 1 08:18:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a299ce4ca8bc70b3fbfc14bfbaca41e755a000e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:44:b4:8e:4a:2e:0a:96:19:04:1a:33:7f:de:
df:fe:d6:dc:1c:f9:99:f0:f9:5b:2c:92:42:fd:fb:
99:73:2d:fa:c3:3b:2e:a4:cb:d7:6d:f0:b2:58:78:
3a:2b:40:92:bd:a1:88:80:41:9c:ba:ca:d4:65:f9:
db:2d:d9:7d:67:62:f5:5b:1f:aa:b7:c0:e8:fe:ba:
f4:d8:f3:43:79:64:e1:23:f0:c1:39:81:4f:c8:b1:
e5:33:e9:8d:c3:0c:a6:cb:5c:81:b1:e4:dd:4f:ac:
6f:47:dc:dc:4e:5a:91:b0:b7:5d:6d:6c:0d:0d:53:
4a:50:c2:88:ee:f7:46:6c:c5:0a:57:02:0d:97:15:
48:87:fb:14:d2:05:c7:aa:3c:53:8a:3d:40:61:fc:
3f:a0:71:89:79:be:b0:6a:c5:9c:dc:dd:8d:66:ed:
f5:84:83:d0:45:3b:87:45:ca:e6:2b:e9:d7:21:5a:
42:8a:6c:d0:d1:51:05:43:45:4d:8d:fc:e2:ae:8d:
04:7f:e5:6d:c7:96:ad:77:a0:b2:ad:94:f2:e4:fb:
09:93:d4:d6:cb:4a:9c:e7:94:28:1c:ce:ac:8d:d2:
9d:97:f2:55:16:51:24:02:c3:f8:37:49:d6:e2:07:
81:80:9a:a5:6a:48:4d:b5:af:f8:c9:df:9c:ad:a0:
96:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:99:CE:4C:A8:BC:70:B3:FB:FC:14:BF:BA:CA:41:E7:55:A0:00:E4
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/opnOTKi8cLP7_BS_uspB51WgAOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.131.0/24
81.22.136.0/21
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
57:5d:ee:2d:62:2c:3f:4b:55:8b:b1:7a:c5:a3:f4:9f:bb:14:
eb:9d:e0:77:e9:85:6c:bc:8c:a6:66:01:1d:41:6d:3e:c1:94:
2c:73:fe:3e:c8:52:89:86:08:8d:f7:c0:64:18:92:4d:cc:f8:
ec:d4:3f:1a:4a:5a:09:5b:18:32:10:5f:ef:f0:bf:60:43:8c:
3f:0a:92:52:09:a0:37:1c:72:d6:2d:d1:31:aa:22:ca:fa:22:
05:20:23:d1:77:ff:2a:7f:d1:66:c9:e6:36:0f:58:34:a7:79:
75:9f:c8:0f:fa:89:ca:e3:db:e3:74:46:1c:8e:84:6b:e6:e7:
21:8d:9b:ae:4f:90:67:a6:35:e4:af:93:b8:b5:7c:95:fe:00:
20:8e:b3:ff:c2:99:1c:4a:59:fd:e3:0c:58:ee:65:9f:83:22:
fe:9f:58:d3:db:51:16:7e:a1:ea:8a:9b:b6:ab:29:b1:b8:a0:
3c:40:c7:de:e7:f9:66:f1:3d:3f:67:50:86:28:4b:e2:ac:c4:
cf:a1:07:f3:56:b6:cf:bb:81:71:19:8f:07:ef:6a:30:81:91:
82:b4:da:1f:32:82:67:90:22:ec:72:35:50:52:76:b7:ae:2a:
c3:fc:b2:b5:fb:c7:00:d8:95:c9:1b:99:bb:c1:c8:90:33:9a:
7d:83:4f:43
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY6YvUatsqw5cBgrf0tKJsJjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwNDAxMDgxODQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjk5Y2U0Y2E4YmM3MGIzZmJmYzE0YmZiYWNhNDFlNzU1YTAwMGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApES0jkouCpYZBBozf97f/tbcHPmZ
8PlbLJJC/fuZcy36wzsupMvXbfCyWHg6K0CSvaGIgEGcusrUZfnbLdl9Z2L1Wx+q
t8Do/rr02PNDeWThI/DBOYFPyLHlM+mNwwymy1yBseTdT6xvR9zcTlqRsLddbWwN
DVNKUMKI7vdGbMUKVwINlxVIh/sU0gXHqjxTij1AYfw/oHGJeb6wasWc3N2NZu31
hIPQRTuHRcrmK+nXIVpCimzQ0VEFQ0VNjfziro0Ef+Vtx5atd6CyrZTy5PsJk9TW
y0qc55QoHM6sjdKdl/JVFlEkAsP4N0nW4geBgJqlakhNta/4yd+craCWtwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKKZzkyovHCz+/wUv7rKQedVoADkMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvb3BuT1RLaThjTFA3X0JTX3VzcEI1MVdnQU9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAURaDAwQD
URaIAwQCWbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQBXXe4tYiw/S1WLsXrF
o/SfuxTrneB36YVsvIymZgEdQW0+wZQsc/4+yFKJhgiN98BkGJJNzPjs1D8aSloJ
WxgyEF/v8L9gQ4w/CpJSCaA3HHLWLdExqiLK+iIFICPRd/8qf9FmyeY2D1g0p3l1
n8gP+onK49vjdEYcjoRr5uchjZuuT5BnpjXkr5O4tXyV/gAgjrP/wpkcSln94wxY
7mWfgyL+n1jT21EWfqHqipu2qymxuKA8QMfe5/lm8T0/Z1CGKEvirMTPoQfzVrbP
u4FxGY8H72owgZGCtNofMoJnkCLscjVQUna3rirD/LK1+8cA2JXJG5m7wciQM5p9
g09D
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org