Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/siZqdodZs9IltPgoy7W8Nx1HGqQ.roa
File: siZqdodZs9IltPgoy7W8Nx1HGqQ.roa (raw, json)
Hash identifier: C4Xonz8jzXWlOUymvVoeqJGIfXv0EV59YbrEw8UErto=
Subject key identifier: B2:26:6A:76:87:59:B3:D2:25:B4:F8:28:CB:B5:BC:37:1D:47:1A:A4
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018D6B2CD3ACCBEF72EA7B4FFAEE990CAFE8
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/siZqdodZs9IltPgoy7W8Nx1HGqQ.roa
Signing time: Fri 02 Feb 2024 18:55:16 +0000
ROA not before: Fri 02 Feb 2024 18:55:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.134.0/24 maxlen: 24
81.22.136.0/22 maxlen: 23
81.22.140.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
109.72.116.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 03 Feb 2024 08:23:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6b:2c:d3:ac:cb:ef:72:ea:7b:4f:fa:ee:99:0c:af:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Feb 2 18:55:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b2266a768759b3d225b4f828cbb5bc371d471aa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b7:4c:cc:d6:e0:f5:d9:13:11:20:dd:05:ec:
b8:9d:65:17:fe:71:1e:97:9a:7d:e1:38:ff:71:50:
cc:c7:f2:d6:63:5f:26:1c:8c:25:8f:2d:d7:4a:8f:
66:62:69:a8:6f:69:a1:a3:0b:73:06:40:81:f3:6c:
23:e1:45:00:64:ea:b1:d6:1b:f6:98:d1:85:83:22:
03:70:6e:ba:b3:01:c4:31:b8:6c:b5:57:66:e2:b6:
51:7c:0f:06:cb:cc:69:ec:d5:83:e9:2e:2a:b0:71:
93:23:92:59:11:3d:de:82:d6:3b:dc:bb:16:32:b4:
14:02:90:64:c9:00:8a:df:18:16:d9:58:90:a0:f0:
e4:c2:c1:8a:5c:d5:3f:6c:6d:92:7e:79:1e:cf:ab:
89:cf:5e:da:2d:ff:8e:c2:ba:77:17:f2:ab:09:f8:
6c:38:e0:ed:90:8f:83:2d:17:23:a5:96:9f:61:eb:
2d:e8:03:4d:94:cd:26:4a:42:7b:b7:9b:32:60:41:
35:20:39:83:28:7a:2f:f7:47:fe:be:81:53:81:ff:
09:6d:0a:b6:80:c8:b1:54:ba:8e:e0:38:d6:83:69:
2c:7c:d5:04:25:4d:d5:1e:23:da:f3:37:5c:b6:dc:
c6:9c:47:48:f0:7d:ea:af:ad:3f:db:10:8f:97:0e:
03:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:26:6A:76:87:59:B3:D2:25:B4:F8:28:CB:B5:BC:37:1D:47:1A:A4
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/siZqdodZs9IltPgoy7W8Nx1HGqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.134.0/24
81.22.136.0/21
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
60:b2:6e:0f:99:76:a0:04:06:94:ba:2d:56:00:bd:10:f9:a6:
9e:a2:94:58:ea:b9:00:e0:a4:22:aa:30:2f:0f:1d:ff:09:50:
ad:92:bb:e8:14:69:9f:2a:37:97:a1:52:86:f3:6d:3b:de:3d:
0a:37:56:18:5c:13:84:5a:79:a3:62:5b:9a:cb:d5:07:d7:c4:
b7:fa:ba:2d:60:2e:00:7d:26:23:19:1b:a7:cb:25:e3:72:1f:
88:38:69:b0:9c:d7:c9:d4:89:df:e8:98:44:72:ba:0a:9b:47:
52:09:88:5c:44:d2:73:7c:28:a4:be:5d:73:36:69:bd:ff:45:
8a:52:db:90:dd:70:9b:78:84:25:dc:55:b7:f5:e9:a3:9d:b4:
69:eb:e0:a2:7f:eb:98:14:7c:17:b3:ee:2e:2e:f5:e4:cc:9a:
87:aa:30:b9:47:bd:b8:d2:0b:24:a5:3e:c7:de:45:23:f7:4d:
af:7f:9c:1e:b8:e5:51:cc:11:31:86:e8:7b:75:07:c5:67:ee:
84:f6:3c:31:12:70:49:c7:33:28:f0:1a:d2:ef:c3:48:8a:13:
91:bd:cb:7b:f0:36:fc:85:be:fc:53:56:29:c9:9b:e4:d5:47:
cb:ba:62:a2:10:8c:c8:55:0f:ce:34:f3:60:93:fd:03:1f:70:
9c:c8:cd:d2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY1rLNOsy+9y6ntP+u6ZDK/oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMjAyMTg1NTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjI2NmE3Njg3NTliM2QyMjViNGY4MjhjYmI1YmMzNzFkNDcxYWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbdMzNbg9dkTESDdBey4nWUX/nEe
l5p94Tj/cVDMx/LWY18mHIwljy3XSo9mYmmob2mhowtzBkCB82wj4UUAZOqx1hv2
mNGFgyIDcG66swHEMbhstVdm4rZRfA8Gy8xp7NWD6S4qsHGTI5JZET3egtY73LsW
MrQUApBkyQCK3xgW2ViQoPDkwsGKXNU/bG2Sfnkez6uJz17aLf+Owrp3F/KrCfhs
OODtkI+DLRcjpZafYest6ANNlM0mSkJ7t5syYEE1IDmDKHov90f+voFTgf8JbQq2
gMixVLqO4DjWg2ksfNUEJU3VHiPa8zdcttzGnEdI8H3qr60/2xCPlw4DWwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLImanaHWbPSJbT4KMu1vDcdRxqkMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvc2lacWRvZFpzOUlsdFBnb3k3VzhOeDFIR3FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAURaGAwQD
URaIAwQCWbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQBgsm4PmXagBAaUui1W
AL0Q+aaeopRY6rkA4KQiqjAvDx3/CVCtkrvoFGmfKjeXoVKG82073j0KN1YYXBOE
WnmjYluay9UH18S3+rotYC4AfSYjGRunyyXjch+IOGmwnNfJ1Inf6JhEcroKm0dS
CYhcRNJzfCikvl1zNmm9/0WKUtuQ3XCbeIQl3FW39emjnbRp6+Cif+uYFHwXs+4u
LvXkzJqHqjC5R7240gskpT7H3kUj902vf5weuOVRzBExhuh7dQfFZ+6E9jwxEnBJ
xzMo8BrS78NIihORvct78Db8hb78U1YpyZvk1UfLumKiEIzIVQ/ONPNgk/0DH3Cc
yM3S
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org