Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/qF07F2M5LF877Gt2n9p0JVidFxI.roa
File: qF07F2M5LF877Gt2n9p0JVidFxI.roa (raw, json)
Hash identifier: 1BRuGBWBpBJhmvmE2JmneDt/jkTTBEZz8oyX063FNHI=
Subject key identifier: A8:5D:3B:17:63:39:2C:5F:3B:EC:6B:76:9F:DA:74:25:58:9D:17:12
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018DD6AD2732A492ACFEF5F0FA4FD7279E68
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/qF07F2M5LF877Gt2n9p0JVidFxI.roa
Signing time: Fri 23 Feb 2024 15:54:48 +0000
ROA not before: Fri 23 Feb 2024 15:54:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 23
81.22.140.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
109.72.116.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 11:20:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d6:ad:27:32:a4:92:ac:fe:f5:f0:fa:4f:d7:27:9e:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Feb 23 15:54:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a85d3b1763392c5f3bec6b769fda7425589d1712
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:57:97:8d:22:af:6c:0b:df:d6:33:ac:a9:e2:
24:cb:58:16:a2:e7:72:8e:34:41:16:2c:71:bb:9d:
f5:c2:58:0d:50:51:00:c8:c7:fa:b8:73:45:8a:3e:
39:b7:64:ad:19:93:2e:d7:ea:0b:4f:3a:bd:67:a6:
d4:52:81:89:15:2a:35:b6:62:7c:a4:70:f4:8c:24:
00:39:55:dd:91:89:a1:15:84:52:0f:45:57:60:e1:
0a:08:08:43:79:7c:2c:1c:5b:72:82:7f:7d:9d:7e:
b3:7a:63:5a:92:ca:ee:35:fd:17:c0:88:3d:a2:4c:
b8:65:b7:5e:98:3a:08:32:35:57:89:ed:99:d7:73:
9d:e6:00:b8:54:90:89:65:1c:ab:83:c7:dc:7a:69:
c7:2d:8e:64:9f:e9:40:d5:d5:50:3d:6a:f8:d0:4f:
08:cd:96:23:41:5d:2b:e1:15:6f:2e:be:dd:e5:ab:
f8:d8:5b:86:77:de:b1:11:69:fc:92:0a:8f:65:ea:
12:8c:c4:bb:ae:de:36:ea:b8:f4:00:7d:46:d2:e0:
47:df:8f:07:8a:77:e3:58:a3:c5:1c:16:bd:58:19:
73:ad:2e:ec:88:92:0e:ef:d9:03:bc:75:55:3d:d2:
ed:9b:0a:1a:c6:8b:b9:e1:84:3f:5a:e2:58:e4:3d:
69:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:5D:3B:17:63:39:2C:5F:3B:EC:6B:76:9F:DA:74:25:58:9D:17:12
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/qF07F2M5LF877Gt2n9p0JVidFxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
84:51:3e:ce:8a:03:e9:8f:c6:1e:62:32:fc:f7:ec:a8:29:61:
0d:89:01:a3:ae:08:49:3e:89:ba:bf:ee:00:6d:56:0d:1b:54:
b7:68:df:2c:e1:9f:ce:3e:ab:78:f3:e8:0d:3c:81:2f:29:75:
54:6c:dd:86:d5:b6:8d:4a:ba:2c:ea:9d:4e:1c:55:33:6d:44:
06:48:69:27:ee:3c:18:28:99:2b:45:8c:4a:5e:8a:ae:7b:60:
a0:c8:72:81:9e:2b:15:bf:f9:50:8f:c5:44:08:7b:07:6b:76:
5f:ee:10:de:87:52:9b:4a:0d:17:eb:bb:05:3a:ee:6b:0e:0d:
24:03:7e:28:dc:af:c1:ef:4b:0d:17:53:83:5b:d8:a5:6d:0a:
ee:e4:98:5a:1c:ad:a2:4e:62:7d:7b:35:e6:6f:8a:ca:95:c3:
72:54:20:9d:5a:33:1f:9c:97:fe:63:8d:8a:7c:59:20:36:f8:
29:d4:cf:f3:4a:7b:3e:99:0f:45:04:05:cc:a4:84:59:f8:ed:
20:9f:52:4f:d0:e9:7a:1e:61:18:37:82:4d:70:80:50:82:fc:
78:1d:4e:d4:97:5f:fc:9e:72:98:52:e5:72:2b:14:2a:de:d9:
4d:ec:29:1a:8c:7f:86:f7:fd:6d:f9:0b:e4:6d:75:a1:c6:19:
6a:e8:ec:69
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY3WrScypJKs/vXw+k/XJ55oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMjIzMTU1NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODVkM2IxNzYzMzkyYzVmM2JlYzZiNzY5ZmRhNzQyNTU4OWQxNzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxleXjSKvbAvf1jOsqeIky1gWoudy
jjRBFixxu531wlgNUFEAyMf6uHNFij45t2StGZMu1+oLTzq9Z6bUUoGJFSo1tmJ8
pHD0jCQAOVXdkYmhFYRSD0VXYOEKCAhDeXwsHFtygn99nX6zemNaksruNf0XwIg9
oky4ZbdemDoIMjVXie2Z13Od5gC4VJCJZRyrg8fcemnHLY5kn+lA1dVQPWr40E8I
zZYjQV0r4RVvLr7d5av42FuGd96xEWn8kgqPZeoSjMS7rt426rj0AH1G0uBH348H
infjWKPFHBa9WBlzrS7siJIO79kDvHVVPdLtmwoaxou54YQ/WuJY5D1p7wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKhdOxdjOSxfO+xrdp/adCVYnRcSMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvcUYwN0YyTTVMRjg3N0d0Mm45cDBKVmlkRnhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDURaIAwQC
WbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQCEUT7OigPpj8YeYjL89+yoKWEN
iQGjrghJPom6v+4AbVYNG1S3aN8s4Z/OPqt48+gNPIEvKXVUbN2G1baNSros6p1O
HFUzbUQGSGkn7jwYKJkrRYxKXoque2CgyHKBnisVv/lQj8VECHsHa3Zf7hDeh1Kb
Sg0X67sFOu5rDg0kA34o3K/B70sNF1ODW9ilbQru5JhaHK2iTmJ9ezXmb4rKlcNy
VCCdWjMfnJf+Y42KfFkgNvgp1M/zSns+mQ9FBAXMpIRZ+O0gn1JP0Ol6HmEYN4JN
cIBQgvx4HU7Ul1/8nnKYUuVyKxQq3tlN7CkajH+G9/1t+QvkbXWhxhlq6Oxp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org