Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/tGsRtIRITJl6sklXfv9Pp6s3eXI.roa
File: tGsRtIRITJl6sklXfv9Pp6s3eXI.roa (raw, json)
Hash identifier: fstLOfhWdLXOJwveWLqjON6fJfLfCorwPxQ51vezFnQ=
Subject key identifier: B4:6B:11:B4:84:48:4C:99:7A:B2:49:57:7E:FF:4F:A7:AB:37:79:72
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018F33D2DDCDBD86332B7B8AA15038296764
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/tGsRtIRITJl6sklXfv9Pp6s3eXI.roa
Signing time: Wed 01 May 2024 11:03:28 +0000
ROA not before: Wed 01 May 2024 11:03:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.131.0/24 maxlen: 24
81.22.136.0/22 maxlen: 23
81.22.140.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
109.72.116.0/22 maxlen: 24
109.72.116.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 May 2024 15:04:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:33:d2:dd:cd:bd:86:33:2b:7b:8a:a1:50:38:29:67:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: May 1 11:03:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b46b11b484484c997ab249577eff4fa7ab377972
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:4f:5a:38:56:14:32:84:26:62:e6:70:46:57:
75:71:68:42:f4:f8:eb:7c:e5:5c:45:39:a9:9f:c7:
80:28:87:00:39:50:fd:7d:c3:51:47:86:27:84:94:
52:c2:eb:b4:05:0f:96:49:d6:81:7c:fd:7b:df:b4:
13:55:03:16:85:dc:a1:ee:28:e9:b5:fd:0b:55:61:
28:98:36:c4:8d:fd:a5:db:02:05:d3:b0:57:f6:88:
79:0f:9a:e3:35:30:09:1b:52:90:aa:43:f4:ad:2d:
3f:c9:ec:ac:7e:96:fb:33:0d:4e:ad:48:24:2d:21:
e7:60:2f:aa:82:0c:d2:b6:42:bf:03:d9:9f:8b:ce:
31:84:46:88:ad:74:a7:84:c3:c8:32:fd:46:6c:79:
90:5f:76:de:e3:51:3a:75:dd:7b:8e:99:6f:16:2f:
c3:b4:aa:8e:09:57:ce:b6:12:87:f1:c4:6a:c9:af:
49:91:87:11:be:51:2b:fb:71:8c:b0:c0:b4:29:d1:
8b:dc:0b:fe:bf:ca:16:ca:c4:bf:66:06:de:32:a7:
36:58:85:47:b2:df:64:22:98:0a:51:e3:34:10:7c:
52:75:e8:90:e6:4f:42:88:8f:ca:68:4d:f3:a9:75:
31:30:6a:9e:28:e3:03:1e:7f:02:42:59:31:71:b1:
a9:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:6B:11:B4:84:48:4C:99:7A:B2:49:57:7E:FF:4F:A7:AB:37:79:72
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/tGsRtIRITJl6sklXfv9Pp6s3eXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.131.0/24
81.22.136.0/21
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:26:cf:1a:2d:69:06:3e:11:e3:ce:53:86:d2:40:02:01:ad:
94:06:86:93:c9:37:24:6a:c7:c4:09:ab:05:34:52:84:44:64:
49:57:6e:e8:2c:05:e8:cf:46:6c:a6:e7:f2:b7:8f:68:43:96:
3b:e6:81:76:f3:53:40:d9:8d:c2:9b:3c:3a:02:24:af:9e:8d:
39:1c:36:c6:d3:e9:49:e6:38:b1:42:2b:d6:c3:c1:bb:f9:37:
4d:f3:1b:3d:d6:69:af:5e:50:54:96:fc:e3:db:00:6b:d6:ee:
ee:d3:70:4b:15:18:27:66:84:ec:77:1f:61:e5:c7:ab:a7:79:
09:21:a2:2e:5e:fc:c4:1b:7b:25:72:e1:03:08:18:ea:f0:2c:
0e:30:c4:20:eb:49:3c:5a:90:e4:7d:bf:bf:59:50:28:aa:f5:
02:ae:c7:a5:e1:f3:ad:ec:c7:40:84:61:f8:04:42:f1:35:62:
cf:ce:e6:31:29:7a:d0:34:35:82:f6:47:be:f5:59:63:d1:3c:
62:f0:73:94:7e:f8:f6:ba:00:e3:d3:65:39:e6:3b:51:2b:4a:
b8:6c:08:ad:bf:b5:f5:6e:87:f2:7e:23:cc:fc:c4:11:79:ca:
3e:1c:75:4b:e8:42:c9:5f:9d:22:b4:c4:e3:e8:dc:d1:9a:1a:
b8:ea:ed:e6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY8z0t3NvYYzK3uKoVA4KWdkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwNTAxMTEwMzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDZiMTFiNDg0NDg0Yzk5N2FiMjQ5NTc3ZWZmNGZhN2FiMzc3OTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAok9aOFYUMoQmYuZwRld1cWhC9Pjr
fOVcRTmpn8eAKIcAOVD9fcNRR4YnhJRSwuu0BQ+WSdaBfP1737QTVQMWhdyh7ijp
tf0LVWEomDbEjf2l2wIF07BX9oh5D5rjNTAJG1KQqkP0rS0/yeysfpb7Mw1OrUgk
LSHnYC+qggzStkK/A9mfi84xhEaIrXSnhMPIMv1GbHmQX3be41E6dd17jplvFi/D
tKqOCVfOthKH8cRqya9JkYcRvlEr+3GMsMC0KdGL3Av+v8oWysS/ZgbeMqc2WIVH
st9kIpgKUeM0EHxSdeiQ5k9CiI/KaE3zqXUxMGqeKOMDHn8CQlkxcbGpHQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLRrEbSESEyZerJJV37/T6erN3lyMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvdEdzUnRJUklUSmw2c2tsWGZ2OVBwNnMzZVhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAURaDAwQD
URaIAwQCWbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQCgJs8aLWkGPhHjzlOG
0kACAa2UBoaTyTckasfECasFNFKERGRJV27oLAXoz0Zspufyt49oQ5Y75oF281NA
2Y3Cmzw6AiSvno05HDbG0+lJ5jixQivWw8G7+TdN8xs91mmvXlBUlvzj2wBr1u7u
03BLFRgnZoTsdx9h5cerp3kJIaIuXvzEG3slcuEDCBjq8CwOMMQg60k8WpDkfb+/
WVAoqvUCrsel4fOt7MdAhGH4BELxNWLPzuYxKXrQNDWC9ke+9Vlj0Txi8HOUfvj2
ugDj02U55jtRK0q4bAitv7X1bofyfiPM/MQReco+HHVL6ELJX50itMTj6NzRmhq4
6u3m
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org