Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/sR-ScfXLid3eIGahZNnCmhB1ItQ.roa
File: sR-ScfXLid3eIGahZNnCmhB1ItQ.roa (raw, json)
Hash identifier: vMnBa01tOepFXQi89odbs/qAgBSbfWmA7pSYlyxErBQ=
Subject key identifier: B1:1F:92:71:F5:CB:89:DD:DE:20:66:A1:64:D9:C2:9A:10:75:22:D4
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018E15A334F92F903E5BA43FBDC6C919748E
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/sR-ScfXLid3eIGahZNnCmhB1ItQ.roa
Signing time: Wed 06 Mar 2024 21:20:01 +0000
ROA not before: Wed 06 Mar 2024 21:20:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 23
81.22.137.0/24 maxlen: 24
81.22.140.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
109.72.116.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Mar 2024 13:25:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:15:a3:34:f9:2f:90:3e:5b:a4:3f:bd:c6:c9:19:74:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Mar 6 21:20:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b11f9271f5cb89ddde2066a164d9c29a107522d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ea:2f:b4:00:9c:ff:40:15:20:52:da:d8:d0:
97:60:8d:e0:ab:f3:37:3d:ef:9e:58:f1:ef:44:66:
68:5e:09:59:b0:1b:95:16:2d:0e:ac:e1:b2:b0:c2:
b4:4a:cd:04:ae:9c:99:23:86:3f:12:cb:36:8d:74:
4d:2f:f3:e4:9c:2b:a2:36:fe:9a:38:77:e0:a9:8c:
b9:2e:48:d6:8f:49:51:eb:fb:f4:14:15:88:4f:d9:
85:a7:a7:34:6e:ea:66:3e:f7:b6:0f:a5:aa:ba:46:
79:95:22:77:bf:80:f6:d1:a3:1c:d8:55:68:e1:59:
e2:0e:8a:ff:41:2a:9b:5a:36:54:19:7c:7b:3e:fd:
1d:89:0d:dd:f5:72:20:36:ae:ac:17:72:64:dc:10:
29:de:0d:44:2c:81:28:06:a9:46:de:62:72:6c:d1:
18:5c:60:6e:91:96:30:84:cd:4a:ff:85:53:ed:df:
24:ba:17:26:23:dd:a9:2b:dc:21:af:a1:00:f4:8d:
6c:b1:16:f1:44:b9:ba:0c:1b:87:d3:d1:f4:f6:91:
04:7e:a3:86:24:24:44:a6:01:9d:72:1e:3a:47:57:
a2:ad:4f:ea:9f:e2:d3:b5:9c:cc:10:f2:b4:e2:c6:
51:67:7e:e0:2e:fd:a7:79:60:f3:eb:6c:5f:15:5d:
00:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:1F:92:71:F5:CB:89:DD:DE:20:66:A1:64:D9:C2:9A:10:75:22:D4
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/sR-ScfXLid3eIGahZNnCmhB1ItQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:91:65:a1:c0:e8:a7:a0:ac:d3:71:6f:3e:7e:10:98:18:2b:
d7:3a:ab:01:7e:e3:e7:33:d8:61:9d:d1:d9:f1:9c:6f:a8:6c:
61:f4:7b:4b:3d:6e:99:a2:eb:12:de:10:39:00:65:58:87:7d:
f9:c9:e4:7d:a5:67:f6:94:a4:e7:b5:73:29:6d:cf:0b:8e:86:
3d:e7:40:60:d1:bb:78:de:98:21:e5:eb:2c:71:56:1b:20:95:
1b:a9:7e:c5:c2:eb:cd:09:56:5a:d4:f7:6f:85:69:0c:8e:5b:
42:29:85:7c:2a:b2:cb:58:c4:2e:b3:4b:f9:4a:3e:4d:c4:8f:
34:56:9d:d6:a7:b9:a5:b1:0d:a6:61:49:6e:12:78:aa:64:7d:
e0:f3:74:51:e8:f6:86:f1:c0:5f:fc:95:ce:02:a8:6b:38:09:
40:60:d8:87:bc:7d:57:64:d4:b3:cf:ec:8a:37:a7:e8:ba:cf:
bd:22:0d:f5:dd:96:88:c4:8c:a7:12:03:5e:76:15:c3:b6:2b:
64:b9:9f:3b:ad:63:47:46:2e:1a:a5:2f:ac:6a:26:38:9c:f6:
25:46:ba:84:9e:c2:47:d6:99:75:93:51:41:84:4f:f5:6c:19:
d1:72:cd:e3:01:03:98:fe:3a:11:d7:85:7b:a2:01:2c:53:c1:
93:fd:f5:1a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY4VozT5L5A+W6Q/vcbJGXSOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMzA2MjEyMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTFmOTI3MWY1Y2I4OWRkZGUyMDY2YTE2NGQ5YzI5YTEwNzUyMmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOovtACc/0AVIFLa2NCXYI3gq/M3
Pe+eWPHvRGZoXglZsBuVFi0OrOGysMK0Ss0ErpyZI4Y/Ess2jXRNL/PknCuiNv6a
OHfgqYy5LkjWj0lR6/v0FBWIT9mFp6c0bupmPve2D6WqukZ5lSJ3v4D20aMc2FVo
4VniDor/QSqbWjZUGXx7Pv0diQ3d9XIgNq6sF3Jk3BAp3g1ELIEoBqlG3mJybNEY
XGBukZYwhM1K/4VT7d8kuhcmI92pK9whr6EA9I1ssRbxRLm6DBuH09H09pEEfqOG
JCREpgGdch46R1eirU/qn+LTtZzMEPK04sZRZ37gLv2neWDz62xfFV0A2wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLEfknH1y4nd3iBmoWTZwpoQdSLUMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvc1ItU2NmWExpZDNlSUdhaFpObkNtaEIxSXRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDURaIAwQC
WbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQA8kWWhwOinoKzTcW8+fhCYGCvX
OqsBfuPnM9hhndHZ8ZxvqGxh9HtLPW6ZousS3hA5AGVYh335yeR9pWf2lKTntXMp
bc8LjoY950Bg0bt43pgh5esscVYbIJUbqX7FwuvNCVZa1PdvhWkMjltCKYV8KrLL
WMQus0v5Sj5NxI80Vp3Wp7mlsQ2mYUluEniqZH3g83RR6PaG8cBf/JXOAqhrOAlA
YNiHvH1XZNSzz+yKN6fous+9Ig313ZaIxIynEgNedhXDtitkuZ87rWNHRi4apS+s
aiY4nPYlRrqEnsJH1pl1k1FBhE/1bBnRcs3jAQOY/joR14V7ogEsU8GT/fUa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org