Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/t7YVRPlh5iHHuOxm1FDTFtTEFEE.roa
File: t7YVRPlh5iHHuOxm1FDTFtTEFEE.roa (raw, json)
Hash identifier: 3b20WppsS92zyLGrbjs2Pex1JaWd8Gk7spX80Iqh3oc=
Subject key identifier: B7:B6:15:44:F9:61:E6:21:C7:B8:EC:66:D4:50:D3:16:D4:C4:14:41
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018D30E63DB7558AE61A699BCBBDC3906ADA
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/t7YVRPlh5iHHuOxm1FDTFtTEFEE.roa
Signing time: Mon 22 Jan 2024 11:20:11 +0000
ROA not before: Mon 22 Jan 2024 11:20:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 23
81.22.140.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
109.72.116.0/22 maxlen: 24
109.72.116.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 26 Jan 2024 10:02:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:30:e6:3d:b7:55:8a:e6:1a:69:9b:cb:bd:c3:90:6a:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 22 11:20:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7b61544f961e621c7b8ec66d450d316d4c41441
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:c2:fc:ed:22:5b:89:1a:20:1c:ed:4a:15:c8:
c3:b9:cd:fc:3f:2b:c2:93:55:6b:16:8e:8b:b8:4c:
a1:bd:e6:e2:eb:3d:f2:33:2c:9f:a2:6d:a6:a2:39:
b8:54:d8:81:8f:f5:13:33:a3:69:4a:1a:85:c8:ff:
01:8e:db:75:13:41:54:aa:df:35:b5:63:a3:f9:ee:
ff:82:0d:1a:60:8b:95:69:da:03:45:18:0f:95:83:
82:50:68:84:cf:52:85:f9:c5:49:79:96:50:b3:e9:
ce:f2:0b:8c:ea:c0:11:a5:69:4b:55:c1:db:12:ab:
3d:7a:a2:2f:03:fb:72:4b:fa:35:a4:d8:60:83:b3:
14:16:79:fa:05:c8:2b:fa:0f:60:30:22:78:40:f7:
80:1d:df:8e:81:5e:4b:b9:71:de:6c:23:cd:07:8c:
aa:06:73:20:4e:1a:f0:61:e7:58:44:c5:6a:ba:21:
a6:c4:79:00:6c:29:d3:8e:3e:12:91:cb:a0:21:14:
9b:55:c0:c9:ff:a1:a9:a5:02:24:2a:9f:82:38:32:
81:c4:27:c2:17:29:af:2e:af:68:e9:17:a5:f0:e5:
5e:49:26:2b:34:0c:cf:a0:bf:da:17:d0:86:f3:95:
7f:a2:1e:50:36:3f:39:e8:0e:60:12:1a:5e:c5:eb:
3f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:B6:15:44:F9:61:E6:21:C7:B8:EC:66:D4:50:D3:16:D4:C4:14:41
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/t7YVRPlh5iHHuOxm1FDTFtTEFEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
72:e9:e6:fc:76:c8:d0:c3:07:a4:30:33:d7:92:2f:1e:63:fc:
ee:e2:47:4f:01:23:90:63:fc:71:53:40:5b:c9:dd:44:ac:d1:
7d:c9:a8:5c:61:88:40:c9:5f:22:69:1f:ea:6b:1b:28:7f:49:
ce:91:6b:c8:d9:58:46:14:b5:9d:be:4f:31:33:7d:94:33:ca:
f1:93:4f:af:2d:7d:4c:55:28:d6:87:c3:b3:e1:da:82:4f:58:
36:d1:28:c0:78:b6:13:49:15:60:b6:bd:89:a1:ee:dd:f4:28:
71:68:6a:d3:50:fb:13:73:94:26:df:73:1a:74:e3:3a:a0:e3:
2c:19:94:0b:f2:b3:1e:30:84:75:39:89:bc:e9:66:c1:6f:f7:
2b:ad:80:67:e4:46:24:4a:29:fe:9b:09:0f:ac:2e:8c:3f:b9:
fc:df:a3:48:96:41:48:67:c2:4a:57:7c:b6:9a:80:95:79:ba:
a0:77:ca:b2:f7:af:3a:e9:db:e9:57:f3:e6:93:f8:6f:f2:e2:
e9:b8:de:3b:d5:28:2f:a0:db:71:82:a6:14:22:05:f7:5c:dc:
3c:20:6f:f0:34:03:03:f9:5e:24:ae:bc:ae:45:09:91:11:7b:
f8:6a:1a:d3:44:a7:c0:20:16:92:09:13:08:52:93:d1:0f:11:
d5:dc:99:07
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY0w5j23VYrmGmmby73DkGraMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMTIyMTEyMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2I2MTU0NGY5NjFlNjIxYzdiOGVjNjZkNDUwZDMxNmQ0YzQxNDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8L87SJbiRogHO1KFcjDuc38PyvC
k1VrFo6LuEyhvebi6z3yMyyfom2mojm4VNiBj/UTM6NpShqFyP8Bjtt1E0FUqt81
tWOj+e7/gg0aYIuVadoDRRgPlYOCUGiEz1KF+cVJeZZQs+nO8guM6sARpWlLVcHb
Eqs9eqIvA/tyS/o1pNhgg7MUFnn6Bcgr+g9gMCJ4QPeAHd+OgV5LuXHebCPNB4yq
BnMgThrwYedYRMVquiGmxHkAbCnTjj4SkcugIRSbVcDJ/6GppQIkKp+CODKBxCfC
FymvLq9o6Rel8OVeSSYrNAzPoL/aF9CG85V/oh5QNj856A5gEhpexes/IwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLe2FUT5YeYhx7jsZtRQ0xbUxBRBMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvdDdZVlJQbGg1aUhIdU94bTFGRFRGdFRFRkVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDURaIAwQC
WbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQBy6eb8dsjQwwekMDPXki8eY/zu
4kdPASOQY/xxU0Bbyd1ErNF9yahcYYhAyV8iaR/qaxsof0nOkWvI2VhGFLWdvk8x
M32UM8rxk0+vLX1MVSjWh8Oz4dqCT1g20SjAeLYTSRVgtr2Joe7d9ChxaGrTUPsT
c5Qm33MadOM6oOMsGZQL8rMeMIR1OYm86WbBb/crrYBn5EYkSin+mwkPrC6MP7n8
36NIlkFIZ8JKV3y2moCVebqgd8qy96866dvpV/Pmk/hv8uLpuN471SgvoNtxgqYU
IgX3XNw8IG/wNAMD+V4krryuRQmREXv4ahrTRKfAIBaSCRMIUpPRDxHV3JkH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org