Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/upXrjFRbOOjoFl_FggwSn28J0zU.roa
File: upXrjFRbOOjoFl_FggwSn28J0zU.roa (raw, json)
Hash identifier: /Cq8fBvY9v9RKpyo5Z210KSX1GWDeGq+cIrHXjj5AEo=
Subject key identifier: BA:95:EB:8C:54:5B:38:E8:E8:16:5F:C5:82:0C:12:9F:6F:09:D3:35
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018DF49A49AA9B3A20688407A588397D7D75
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/upXrjFRbOOjoFl_FggwSn28J0zU.roa
Signing time: Thu 29 Feb 2024 11:22:48 +0000
ROA not before: Thu 29 Feb 2024 11:22:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.128.0/24 maxlen: 24
81.22.136.0/22 maxlen: 23
81.22.140.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
109.72.116.0/22 maxlen: 24
109.72.116.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 18:37:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f4:9a:49:aa:9b:3a:20:68:84:07:a5:88:39:7d:7d:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Feb 29 11:22:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba95eb8c545b38e8e8165fc5820c129f6f09d335
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:77:4c:6a:b3:ef:57:1c:ef:42:14:61:7e:e2:
d8:1f:be:36:fb:8d:0e:70:5e:6c:cf:b0:26:d1:cb:
c2:5b:4e:6d:2c:c0:50:55:4b:5f:24:b2:87:0d:fd:
6a:8e:92:73:77:4b:20:5b:65:61:5f:12:20:f8:7e:
26:7f:03:5d:b9:a3:a8:db:ad:4e:ad:74:7b:93:08:
29:05:e5:16:17:80:d5:07:d9:39:55:6c:68:e2:7c:
b0:ee:6e:ff:14:4b:86:a4:15:c1:3e:d9:5c:83:73:
6d:e6:3e:f7:c5:00:6b:d5:33:85:cf:d8:0a:cf:ee:
a8:7a:4e:46:4b:1d:b0:54:b3:32:b0:85:75:52:a7:
98:8a:ed:55:dd:65:aa:4f:9b:ff:db:cb:86:c5:ec:
61:13:89:7e:a4:49:74:0d:8e:4f:39:7c:c2:e5:5f:
87:3e:61:0e:0d:d2:37:28:30:d8:fd:01:61:6d:fb:
c8:01:6a:e6:4f:5d:e1:53:53:42:39:26:82:be:7d:
aa:19:0e:75:c0:f0:02:23:e0:19:0f:41:b2:17:09:
b3:82:11:72:fb:63:dd:fe:f7:e9:6a:62:5c:ed:26:
65:79:bf:ec:2c:ea:ec:85:93:98:7c:e2:58:74:17:
31:52:c6:f7:33:3f:a0:d0:50:b5:af:5f:06:a2:c2:
87:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:95:EB:8C:54:5B:38:E8:E8:16:5F:C5:82:0C:12:9F:6F:09:D3:35
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/upXrjFRbOOjoFl_FggwSn28J0zU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.128.0/24
81.22.136.0/21
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
16:a8:0f:4e:ce:bc:e7:0f:2d:e9:65:8b:d1:4d:0d:04:80:4c:
b6:6a:56:10:92:73:66:e0:90:df:ed:04:76:13:36:91:5a:5d:
ef:c2:91:0b:cb:f8:eb:fc:6c:d0:4c:60:b0:c4:dc:4b:3e:be:
e0:ac:04:92:02:70:b0:35:20:a0:10:71:d3:06:70:e4:b2:51:
5f:6c:fb:51:69:7b:e0:cc:fa:2b:9c:d1:f3:12:50:08:be:e3:
c3:ec:25:f1:f1:12:17:3e:9f:d8:6f:a8:a5:27:14:d7:f9:97:
4a:19:07:9e:a7:ea:9b:8c:ac:ad:ff:cf:6f:08:dc:0e:51:47:
3a:fe:ea:de:25:c9:41:31:34:02:29:f5:90:e3:42:ba:20:76:
05:94:ae:9b:2f:51:39:9e:e5:bc:4d:40:3e:b3:d2:b7:b8:ab:
a4:b5:dc:32:f3:12:be:93:5e:cf:5d:81:3a:20:dc:3c:fb:60:
bd:df:a9:04:bf:89:37:cf:cd:94:5f:67:fe:cc:c5:b5:e2:61:
ac:22:33:d4:e9:0e:83:e9:a3:9f:97:14:1a:99:64:1b:bb:e6:
2a:0c:9f:f5:fa:c1:fd:fe:89:9f:98:68:28:fa:59:6f:22:46:
25:59:34:c4:91:44:81:3d:47:b8:17:e6:50:d8:93:24:0e:61:
f2:c2:66:76
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY30mkmqmzogaIQHpYg5fX11MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMjI5MTEyMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTk1ZWI4YzU0NWIzOGU4ZTgxNjVmYzU4MjBjMTI5ZjZmMDlkMzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3dMarPvVxzvQhRhfuLYH742+40O
cF5sz7Am0cvCW05tLMBQVUtfJLKHDf1qjpJzd0sgW2VhXxIg+H4mfwNduaOo261O
rXR7kwgpBeUWF4DVB9k5VWxo4nyw7m7/FEuGpBXBPtlcg3Nt5j73xQBr1TOFz9gK
z+6oek5GSx2wVLMysIV1UqeYiu1V3WWqT5v/28uGxexhE4l+pEl0DY5POXzC5V+H
PmEODdI3KDDY/QFhbfvIAWrmT13hU1NCOSaCvn2qGQ51wPACI+AZD0GyFwmzghFy
+2Pd/vfpamJc7SZleb/sLOrshZOYfOJYdBcxUsb3Mz+g0FC1r18GosKHKwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLqV64xUWzjo6BZfxYIMEp9vCdM1MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvdXBYcmpGUmJPT2pvRmxfRmdnd1NuMjhKMHpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAURaAAwQD
URaIAwQCWbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQAWqA9OzrznDy3pZYvR
TQ0EgEy2alYQknNm4JDf7QR2EzaRWl3vwpELy/jr/GzQTGCwxNxLPr7grASSAnCw
NSCgEHHTBnDkslFfbPtRaXvgzPornNHzElAIvuPD7CXx8RIXPp/Yb6ilJxTX+ZdK
GQeep+qbjKyt/89vCNwOUUc6/ureJclBMTQCKfWQ40K6IHYFlK6bL1E5nuW8TUA+
s9K3uKuktdwy8xK+k17PXYE6INw8+2C936kEv4k3z82UX2f+zMW14mGsIjPU6Q6D
6aOflxQamWQbu+YqDJ/1+sH9/omfmGgo+llvIkYlWTTEkUSBPUe4F+ZQ2JMkDmHy
wmZ2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org