Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/pvcwqnzdiC4AV-ozjQJAtGfuMmQ.roa
File: pvcwqnzdiC4AV-ozjQJAtGfuMmQ.roa (raw, json)
Hash identifier: o807ObjOPHxZCFd1T0UTfe6NCGUm6oR8rZPhXRE7hMk=
Subject key identifier: A6:F7:30:AA:7C:DD:88:2E:00:57:EA:33:8D:02:40:B4:67:EE:32:64
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018DA8C776C3D13599543D5F74BA2D000C7A
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/pvcwqnzdiC4AV-ozjQJAtGfuMmQ.roa
Signing time: Wed 14 Feb 2024 18:01:00 +0000
ROA not before: Wed 14 Feb 2024 18:01:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23470
IP address blocks: 81.22.141.0/24 maxlen: 24
109.72.119.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Aug 2024 08:30:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a8:c7:76:c3:d1:35:99:54:3d:5f:74:ba:2d:00:0c:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Feb 14 18:01:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6f730aa7cdd882e0057ea338d0240b467ee3264
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:50:7b:5e:04:71:48:47:3f:6c:c1:75:86:4d:
0d:1b:67:1d:d9:30:3e:00:65:e5:bb:06:27:ee:2a:
b8:55:20:03:48:f6:6f:39:ba:c2:f7:fe:be:3f:74:
19:6f:d8:83:7c:f6:08:8b:d1:37:7d:a7:46:18:2d:
55:da:3b:06:ef:fb:35:a3:03:7a:49:c4:51:ad:02:
b4:76:1d:37:45:82:b1:ce:53:40:54:7d:a9:10:14:
8c:04:4f:0c:29:16:80:8f:f9:4d:04:17:8f:37:c1:
39:b0:f9:ad:ca:85:43:2c:04:7a:3e:cc:ec:09:7d:
38:ad:88:33:af:97:91:61:27:74:fa:b3:ec:a3:67:
33:19:37:51:f9:3f:89:c5:40:b2:67:4e:11:d1:e1:
d7:8f:55:22:1d:b7:aa:4f:42:92:4c:76:c8:f7:16:
73:ee:06:f8:0b:50:f5:8e:13:63:8a:5f:dc:8a:cd:
1c:83:1c:6c:2c:00:b2:7e:fd:d2:55:92:2c:06:a0:
cf:aa:d0:b6:26:18:f6:30:38:ae:0d:02:77:f0:da:
1a:6d:66:5b:1e:30:03:95:f2:11:e7:23:bb:9b:8c:
eb:64:0b:b5:c1:e6:0e:d2:5c:b8:c2:51:d8:af:36:
9d:65:55:a8:0e:bb:80:62:fd:f2:c9:51:79:4c:fc:
0e:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:F7:30:AA:7C:DD:88:2E:00:57:EA:33:8D:02:40:B4:67:EE:32:64
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/pvcwqnzdiC4AV-ozjQJAtGfuMmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.141.0/24
109.72.119.0/24
Signature Algorithm: sha256WithRSAEncryption
19:ed:20:7a:c8:ef:f0:18:0a:89:e6:a8:92:76:7b:48:fb:27:
10:86:a9:2a:1a:61:3f:5a:85:6d:58:f6:74:c3:28:a9:61:6d:
a3:04:04:60:2f:d1:d5:89:ac:c7:6c:d5:32:ec:bb:47:bf:e1:
24:61:fe:60:33:00:1b:c4:80:3d:38:a2:9b:d9:53:aa:4c:8a:
69:fa:bf:e8:90:cf:9e:9f:2d:ee:c6:ed:4b:a8:94:68:93:4e:
a6:2d:fd:d1:dd:37:5b:c4:bd:fd:ba:d9:22:ae:f1:c3:04:8b:
62:1d:62:e7:61:72:1b:05:60:27:b2:73:a8:56:f2:5c:c0:81:
f9:03:f6:fc:05:91:d7:4d:3c:69:2a:3e:e5:0d:11:55:0e:0f:
8f:97:86:0b:a4:b6:94:fb:d0:63:0a:82:3a:09:5f:b1:0b:12:
72:ca:57:95:f1:5b:84:45:f9:b8:61:f7:f2:2e:09:51:f5:d2:
61:a8:11:80:ea:ee:ba:07:74:b4:35:82:d7:44:78:45:ab:00:
99:5c:4f:f2:e6:9f:a2:db:c6:bd:9f:c1:74:1c:7c:1d:d2:bd:
16:0f:be:f4:fd:06:aa:80:61:74:bf:8e:83:e8:e5:bf:1e:49:
35:d8:1a:7d:03:6e:ab:31:2a:45:b9:99:7d:c1:82:e1:4f:d2:
82:c5:29:14
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2ox3bD0TWZVD1fdLotAAx6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMjE0MTgwMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmY3MzBhYTdjZGQ4ODJlMDA1N2VhMzM4ZDAyNDBiNDY3ZWUzMjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1B7XgRxSEc/bMF1hk0NG2cd2TA+
AGXluwYn7iq4VSADSPZvObrC9/6+P3QZb9iDfPYIi9E3fadGGC1V2jsG7/s1owN6
ScRRrQK0dh03RYKxzlNAVH2pEBSMBE8MKRaAj/lNBBePN8E5sPmtyoVDLAR6Pszs
CX04rYgzr5eRYSd0+rPso2czGTdR+T+JxUCyZ04R0eHXj1UiHbeqT0KSTHbI9xZz
7gb4C1D1jhNjil/cis0cgxxsLACyfv3SVZIsBqDPqtC2Jhj2MDiuDQJ38NoabWZb
HjADlfIR5yO7m4zrZAu1weYO0ly4wlHYrzadZVWoDruAYv3yyVF5TPwOrwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKb3MKp83YguAFfqM40CQLRn7jJkMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvcHZjd3FuemRpQzRBVi1vempRSkF0R2Z1TW1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAURaNAwQA
bUh3MA0GCSqGSIb3DQEBCwUAA4IBAQAZ7SB6yO/wGAqJ5qiSdntI+ycQhqkqGmE/
WoVtWPZ0wyipYW2jBARgL9HViazHbNUy7LtHv+EkYf5gMwAbxIA9OKKb2VOqTIpp
+r/okM+eny3uxu1LqJRok06mLf3R3TdbxL39utkirvHDBItiHWLnYXIbBWAnsnOo
VvJcwIH5A/b8BZHXTTxpKj7lDRFVDg+Pl4YLpLaU+9BjCoI6CV+xCxJyyleV8VuE
Rfm4YffyLglR9dJhqBGA6u66B3S0NYLXRHhFqwCZXE/y5p+i28a9n8F0HHwd0r0W
D770/QaqgGF0v46D6OW/Hkk12Bp9A26rMSpFuZl9wYLhT9KCxSkU
-----END CERTIFICATE-----
Generated at Tue Aug 13 11:36:48 2024 by rpki-client on console-ams.rpki-client.org