Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/rFi-JWZ8Cwf-kU-Knqok8vcPUSg.roa
File: rFi-JWZ8Cwf-kU-Knqok8vcPUSg.roa (raw, json)
Hash identifier: Awt46xFbpWkpOlFJEUTWZbHchxDix6xYVWVqwQSXcX8=
Subject key identifier: AC:58:BE:25:66:7C:0B:07:FE:91:4F:8A:9E:AA:24:F2:F7:0F:51:28
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0188B93D9F13F22D950826EBCC7E5BB118DC
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/rFi-JWZ8Cwf-kU-Knqok8vcPUSg.roa
Signing time: Wed 14 Jun 2023 09:30:03 +0000
ROA not before: Wed 14 Jun 2023 09:30:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 109.72.118.0/24 maxlen: 24
109.72.117.0/24 maxlen: 24
109.72.116.0/24 maxlen: 24
81.22.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Jun 2023 14:53:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b9:3d:9f:13:f2:2d:95:08:26:eb:cc:7e:5b:b1:18:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jun 14 09:30:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac58be25667c0b07fe914f8a9eaa24f2f70f5128
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:e7:af:7b:be:ec:89:4f:c9:69:8a:8a:ce:c4:
55:9f:df:17:f6:d0:39:3d:2e:5a:b2:61:27:99:d5:
c8:26:fb:df:bf:7e:20:2a:ef:3f:3e:6e:12:4a:a4:
51:6f:a9:e3:89:32:38:94:a2:ff:4a:3d:47:9a:b0:
dd:08:a5:5a:51:56:ad:55:7e:94:82:0b:9f:42:8b:
6e:04:c5:1f:12:e6:e8:0c:1e:a1:df:18:6e:8b:56:
81:3a:19:b2:82:b5:4e:c2:c6:c5:c9:f3:88:48:70:
2d:ab:5d:98:56:4b:1e:ad:78:52:2d:a7:a5:c9:1a:
b9:e6:79:c3:03:79:e0:7c:01:c5:35:27:a8:c0:19:
f9:4b:c0:bf:62:7f:17:5c:b5:df:b9:7c:e5:e8:b2:
63:cf:5a:b0:f4:ce:95:08:65:ef:86:3e:a5:24:62:
87:3f:a7:d8:6d:8e:45:36:c2:7e:2e:04:29:80:9a:
d8:dc:ff:63:02:ff:7b:b7:e6:22:a4:6c:c2:55:1b:
58:9a:f7:05:47:31:87:b4:8d:49:81:8f:6f:5d:1a:
22:43:b0:df:ff:11:94:a2:4f:58:51:98:ac:db:d2:
e1:ba:f3:86:bf:7a:39:4d:7a:69:b8:8c:68:d4:18:
83:72:f8:7c:99:6f:57:3d:84:47:5c:78:ea:15:dc:
7d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:58:BE:25:66:7C:0B:07:FE:91:4F:8A:9E:AA:24:F2:F7:0F:51:28
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/rFi-JWZ8Cwf-kU-Knqok8vcPUSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.129.0/24
109.72.116.0-109.72.118.255
Signature Algorithm: sha256WithRSAEncryption
4d:08:7a:69:6f:29:16:cd:c8:4f:f9:9c:85:46:83:4a:e6:1b:
1d:a9:b4:98:85:9f:af:d8:6a:7a:ac:60:8f:a2:6d:13:db:d2:
53:e0:b9:23:c3:dc:b2:96:72:04:f1:2a:e7:9a:40:4d:52:83:
84:f4:5d:13:6f:7a:e0:95:5f:8b:12:3d:4d:27:b9:c8:3e:b3:
10:2d:8f:00:26:bc:65:c4:ae:6c:95:9d:8a:51:47:48:e7:02:
d1:19:f6:e6:9d:9f:28:2c:19:a6:5d:82:73:87:55:58:6d:f0:
25:d5:56:87:4e:02:11:a7:45:98:79:75:8e:78:e8:4c:41:51:
86:49:84:01:d5:6c:74:12:ff:27:93:2c:f4:ea:99:83:8b:12:
22:c5:84:ee:43:8d:2c:63:19:77:3d:5d:9c:ca:8d:1d:d3:b5:
1c:d4:f4:f8:f0:8e:cb:89:5b:9f:ef:50:1b:4a:b3:35:b2:ea:
46:40:d8:ac:b3:20:b5:05:d0:c3:3d:51:f6:f9:23:e3:24:ad:
3e:ad:03:9e:54:ec:e8:06:ef:22:6e:f9:fb:43:76:a9:85:7f:
50:41:dd:02:b0:67:0e:49:83:08:aa:25:f1:4d:fd:b5:e7:1a:
4f:79:27:5c:be:bd:02:86:97:8c:d3:c8:52:c9:0e:93:e5:52:
3a:80:94:b3
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYi5PZ8T8i2VCCbrzH5bsRjcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwNjE0MDkzMDAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzU4YmUyNTY2N2MwYjA3ZmU5MTRmOGE5ZWFhMjRmMmY3MGY1MTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhueve77siU/JaYqKzsRVn98X9tA5
PS5asmEnmdXIJvvfv34gKu8/Pm4SSqRRb6njiTI4lKL/Sj1HmrDdCKVaUVatVX6U
ggufQotuBMUfEuboDB6h3xhui1aBOhmygrVOwsbFyfOISHAtq12YVkserXhSLael
yRq55nnDA3ngfAHFNSeowBn5S8C/Yn8XXLXfuXzl6LJjz1qw9M6VCGXvhj6lJGKH
P6fYbY5FNsJ+LgQpgJrY3P9jAv97t+YipGzCVRtYmvcFRzGHtI1JgY9vXRoiQ7Df
/xGUok9YUZis29LhuvOGv3o5TXppuIxo1BiDcvh8mW9XPYRHXHjqFdx9xwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKxYviVmfAsH/pFPip6qJPL3D1EoMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvckZpLUpXWjhDd2Yta1UtS25xb2s4dmNQVVNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAURaBMAwD
BAJtSHQDBABtSHYwDQYJKoZIhvcNAQELBQADggEBAE0IemlvKRbNyE/5nIVGg0rm
Gx2ptJiFn6/YanqsYI+ibRPb0lPguSPD3LKWcgTxKueaQE1Sg4T0XRNveuCVX4sS
PU0nucg+sxAtjwAmvGXErmyVnYpRR0jnAtEZ9uadnygsGaZdgnOHVVht8CXVVodO
AhGnRZh5dY546ExBUYZJhAHVbHQS/yeTLPTqmYOLEiLFhO5DjSxjGXc9XZzKjR3T
tRzU9PjwjsuJW5/vUBtKszWy6kZA2KyzILUF0MM9Ufb5I+MkrT6tA55U7OgG7yJu
+ftDdqmFf1BB3QKwZw5JgwiqJfFN/bXnGk95J1y+vQKGl4zTyFLJDpPlUjqAlLM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org