Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/sZvu_Mdcjin4pqIgRcfo7i3XKpk.roa
File: sZvu_Mdcjin4pqIgRcfo7i3XKpk.roa (raw, json)
Hash identifier: XwnjVItgCVFyXEbeg3ykJPtRm9XoqJ0v+cE+n31iepw=
Subject key identifier: B1:9B:EE:FC:C7:5C:8E:29:F8:A6:A2:20:45:C7:E8:EE:2D:D7:2A:99
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018BB88617D36725784C60F96AC3DD9599F8
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/sZvu_Mdcjin4pqIgRcfo7i3XKpk.roa
Signing time: Fri 10 Nov 2023 09:17:57 +0000
ROA not before: Fri 10 Nov 2023 09:17:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.72.112.0/24 maxlen: 24
109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sat 11 Nov 2023 12:17:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b8:86:17:d3:67:25:78:4c:60:f9:6a:c3:dd:95:99:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Nov 10 09:17:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b19beefcc75c8e29f8a6a22045c7e8ee2dd72a99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:7a:36:fb:08:c5:15:76:b7:1c:16:85:98:40:
76:83:31:1d:4f:19:04:34:bd:7f:30:98:89:76:e7:
07:68:91:05:c5:89:3c:0e:3e:38:3b:df:d7:2f:5a:
8a:ed:9a:4b:a8:27:c1:ba:bb:03:df:e7:bc:60:a5:
ec:c7:91:b5:ca:4c:43:bd:c2:80:8e:8a:3d:f4:c5:
c0:c3:ec:96:50:e9:b2:89:84:49:66:7d:0c:57:5d:
33:90:77:37:05:04:0e:1b:38:ea:1a:c4:70:45:7d:
1c:23:05:c1:c8:24:8c:f2:b4:a8:91:fa:9c:63:76:
43:d0:2b:e3:d5:a1:29:25:d5:32:d6:21:e5:fa:24:
1a:e6:18:d1:9a:e7:e1:4f:d5:86:fd:cd:74:69:b9:
3c:1e:38:31:6f:12:c7:78:6d:c4:eb:e5:20:3e:82:
03:5c:2c:03:42:31:b4:f9:6d:8b:b1:63:e8:2e:3d:
5c:c8:72:59:94:ef:6e:8e:6f:df:62:0f:9a:7a:06:
06:6c:54:0d:f9:f1:95:df:5c:e1:06:da:9b:d8:d3:
92:74:84:45:0c:40:a2:08:83:52:fc:03:68:bc:41:
d2:77:fd:b4:65:be:08:6d:0e:57:3b:d1:7c:a7:f8:
97:c2:4d:89:4f:06:ed:21:bf:8c:6f:13:e6:e6:d7:
3d:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:9B:EE:FC:C7:5C:8E:29:F8:A6:A2:20:45:C7:E8:EE:2D:D7:2A:99
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/sZvu_Mdcjin4pqIgRcfo7i3XKpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.0.0/22
109.72.112.0/24
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
63:e9:31:c0:9b:f1:09:01:dd:b6:f3:3f:6d:73:48:67:96:44:
35:1a:3e:af:12:17:32:b5:49:9b:3a:9f:6a:d6:d1:c2:70:62:
b5:f0:e5:dd:ce:c8:44:c8:da:93:57:75:11:c7:e5:68:e3:05:
00:8a:39:63:ed:7a:21:8f:62:7f:83:68:89:2e:9e:84:48:b6:
3d:b6:1e:c6:af:da:64:74:29:dc:be:c1:d0:b2:47:49:39:88:
6d:f6:08:c6:f5:9b:10:7a:c9:11:9a:c7:fb:88:cb:3f:43:2a:
63:bd:53:19:f6:a3:d7:dc:31:cb:ef:f0:06:be:c1:05:f4:78:
fe:e4:05:6d:39:33:12:c0:02:c6:66:67:20:91:33:4b:75:ac:
d0:90:28:cd:03:cd:47:52:a2:90:07:c3:c2:b5:b3:c5:e4:74:
7c:b3:a5:9a:08:d3:ae:cf:af:19:38:30:6e:12:4d:ed:35:3c:
3c:89:02:6c:d6:1d:60:2e:c4:f4:55:3f:f3:7e:d6:f8:45:c5:
e2:8e:32:af:ff:7f:c6:f7:d8:f5:bd:c0:a6:09:d8:16:cf:ce:
be:15:34:ae:5c:91:88:56:0d:73:a5:ae:2a:33:f6:23:83:9a:
29:49:21:ce:83:af:5c:34:8d:32:fa:28:f2:c6:dd:13:ba:bb:
3d:d0:85:9f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYu4hhfTZyV4TGD5asPdlZn4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMxMTEwMDkxNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTliZWVmY2M3NWM4ZTI5ZjhhNmEyMjA0NWM3ZThlZTJkZDcyYTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHo2+wjFFXa3HBaFmEB2gzEdTxkE
NL1/MJiJducHaJEFxYk8Dj44O9/XL1qK7ZpLqCfBursD3+e8YKXsx5G1ykxDvcKA
joo99MXAw+yWUOmyiYRJZn0MV10zkHc3BQQOGzjqGsRwRX0cIwXByCSM8rSokfqc
Y3ZD0Cvj1aEpJdUy1iHl+iQa5hjRmufhT9WG/c10abk8HjgxbxLHeG3E6+UgPoID
XCwDQjG0+W2LsWPoLj1cyHJZlO9ujm/fYg+aegYGbFQN+fGV31zhBtqb2NOSdIRF
DECiCINS/ANovEHSd/20Zb4IbQ5XO9F8p/iXwk2JTwbtIb+MbxPm5tc9twIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLGb7vzHXI4p+KaiIEXH6O4t1yqZMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvc1p2dV9NZGNqaW40cHFJZ1JjZm83aTNYS3BrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCWbkAAwQA
bUhwAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQBj6THAm/EJAd228z9tc0hnlkQ1
Gj6vEhcytUmbOp9q1tHCcGK18OXdzshEyNqTV3URx+Vo4wUAijlj7Xohj2J/g2iJ
Lp6ESLY9th7Gr9pkdCncvsHQskdJOYht9gjG9ZsQeskRmsf7iMs/QypjvVMZ9qPX
3DHL7/AGvsEF9Hj+5AVtOTMSwALGZmcgkTNLdazQkCjNA81HUqKQB8PCtbPF5HR8
s6WaCNOuz68ZODBuEk3tNTw8iQJs1h1gLsT0VT/zftb4RcXijjKv/3/G99j1vcCm
CdgWz86+FTSuXJGIVg1zpa4qM/Yjg5opSSHOg69cNI0y+ijyxt0Turs90IWf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org