Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/q7i2Wv6cCSun3GijfRGPCCz8cHA.roa
File: q7i2Wv6cCSun3GijfRGPCCz8cHA.roa (raw, json)
Hash identifier: 5BDmKQLii19TKYAfU1AF6uoOYeXxc8qku/uqmuHHb7k=
Subject key identifier: AB:B8:B6:5A:FE:9C:09:2B:A7:DC:68:A3:7D:11:8F:08:2C:FC:70:70
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018AEF772ED76B4D8332A64210EC4051A24C
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/q7i2Wv6cCSun3GijfRGPCCz8cHA.roa
Signing time: Mon 02 Oct 2023 08:17:59 +0000
ROA not before: Mon 02 Oct 2023 08:17:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
89.185.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Oct 2023 16:54:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ef:77:2e:d7:6b:4d:83:32:a6:42:10:ec:40:51:a2:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Oct 2 08:17:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=abb8b65afe9c092ba7dc68a37d118f082cfc7070
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ad:a4:90:18:02:c2:a9:bb:4c:08:1d:f9:5f:
38:d7:b9:6a:bc:f9:f1:55:43:96:34:cc:70:6d:fb:
8f:12:a6:e0:1f:8f:d9:53:81:96:d0:cd:97:0d:36:
a4:a7:27:80:43:70:d0:f0:08:eb:7f:f2:62:8b:e7:
23:89:1f:c9:f2:2d:50:75:bb:e9:74:c7:29:85:2b:
0a:33:b8:40:65:ac:6c:36:63:85:58:c9:41:fe:7a:
49:29:ee:86:41:50:16:3d:24:7e:90:e1:01:3e:a9:
04:b2:a0:f0:b4:ef:69:3b:fc:98:ff:14:8d:14:fa:
7e:90:05:28:87:69:fa:49:dd:8f:da:86:0d:e3:c1:
fb:d8:d0:71:b2:5a:7f:6c:55:8a:97:e3:c8:27:ab:
28:1e:f7:60:23:4e:dc:91:ae:89:26:00:c4:64:40:
d4:a7:da:ce:a4:b1:a6:57:97:72:66:69:20:da:e4:
75:59:26:bc:66:30:bd:38:9a:21:3b:a2:e2:b5:07:
52:3e:08:77:9c:0e:be:7f:56:f6:52:bf:d3:02:e2:
33:c4:ce:b8:d2:a6:b0:ea:1c:25:e6:5b:e8:dd:47:
72:d4:20:e2:73:ce:61:70:e4:09:bb:9a:7e:46:6c:
5f:58:df:f6:87:68:16:15:35:0a:d2:36:f6:f3:8e:
45:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:B8:B6:5A:FE:9C:09:2B:A7:DC:68:A3:7D:11:8F:08:2C:FC:70:70
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/q7i2Wv6cCSun3GijfRGPCCz8cHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
36:6b:fe:af:e2:33:5d:83:92:cd:0c:18:ed:4d:a6:52:33:cb:
ef:f0:b5:09:4e:60:c2:5d:c0:9d:86:7c:9f:da:25:c5:71:46:
51:95:94:fb:0c:66:bb:71:84:37:b7:54:03:8e:37:f5:db:82:
d1:28:dc:a5:46:03:b7:12:0f:b1:45:45:e0:68:ab:c2:75:ee:
12:a7:51:0a:f3:59:2e:ff:9c:3d:a9:b8:31:5e:7b:75:22:9a:
bd:c5:79:cd:8f:56:9f:b0:eb:dc:75:f1:b3:59:6f:29:a9:2e:
94:99:93:ed:3b:f0:bd:f5:e7:af:ae:c6:ab:dc:24:9b:65:e3:
62:fc:60:40:3b:08:d6:d8:32:38:1c:2e:a0:63:d2:a9:0a:79:
91:fa:6e:cc:1a:32:f9:82:ba:63:9d:63:2c:60:a0:09:b1:30:
9a:97:c0:16:aa:d7:1c:f3:66:4e:3c:1d:09:ea:9e:ee:3d:37:
9c:e8:31:d9:2f:2d:bb:20:b0:57:b2:c5:b4:d6:5b:46:95:aa:
1b:c8:63:79:e4:91:20:67:6c:92:b1:82:5f:01:63:1b:c4:a4:
06:6e:ab:db:7b:ad:a9:23:22:82:1e:e3:34:4f:89:62:9b:9f:
6d:15:b3:f6:9c:50:68:c2:f3:38:28:35:9f:29:f0:2d:68:d0:
86:0d:ad:ca
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYrvdy7Xa02DMqZCEOxAUaJMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMxMDAyMDgxNzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmI4YjY1YWZlOWMwOTJiYTdkYzY4YTM3ZDExOGYwODJjZmM3MDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApK2kkBgCwqm7TAgd+V8417lqvPnx
VUOWNMxwbfuPEqbgH4/ZU4GW0M2XDTakpyeAQ3DQ8Ajrf/Jii+cjiR/J8i1Qdbvp
dMcphSsKM7hAZaxsNmOFWMlB/npJKe6GQVAWPSR+kOEBPqkEsqDwtO9pO/yY/xSN
FPp+kAUoh2n6Sd2P2oYN48H72NBxslp/bFWKl+PIJ6soHvdgI07cka6JJgDEZEDU
p9rOpLGmV5dyZmkg2uR1WSa8ZjC9OJohO6LitQdSPgh3nA6+f1b2Ur/TAuIzxM64
0qaw6hwl5lvo3Udy1CDic85hcOQJu5p+RmxfWN/2h2gWFTUK0jb2845F2wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKu4tlr+nAkrp9xoo30Rjwgs/HBwMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvcTdpMld2NmNDU3VuM0dpamZSR1BDQ3o4Y0hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWbkAAwQC
bUh0MA0GCSqGSIb3DQEBCwUAA4IBAQA2a/6v4jNdg5LNDBjtTaZSM8vv8LUJTmDC
XcCdhnyf2iXFcUZRlZT7DGa7cYQ3t1QDjjf124LRKNylRgO3Eg+xRUXgaKvCde4S
p1EK81ku/5w9qbgxXnt1Ipq9xXnNj1afsOvcdfGzWW8pqS6UmZPtO/C99eevrsar
3CSbZeNi/GBAOwjW2DI4HC6gY9KpCnmR+m7MGjL5grpjnWMsYKAJsTCal8AWqtcc
82ZOPB0J6p7uPTec6DHZLy27ILBXssW01ltGlaobyGN55JEgZ2ySsYJfAWMbxKQG
bqvbe62pIyKCHuM0T4lim59tFbP2nFBowvM4KDWfKfAtaNCGDa3K
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org