Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/v5MoQxDTcz5BWs5TY2_ltUYQ5SM.roa
File: v5MoQxDTcz5BWs5TY2_ltUYQ5SM.roa (raw, json)
Hash identifier: Bp4DxAJMXSJILzLIHfVFKZ5PtrFDGg1VJoDZeq7Xkls=
Subject key identifier: BF:93:28:43:10:D3:73:3E:41:5A:CE:53:63:6F:E5:B5:46:10:E5:23
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0189BFBF1488D8A384366568913CB1910B40
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/v5MoQxDTcz5BWs5TY2_ltUYQ5SM.roa
Signing time: Fri 04 Aug 2023 08:51:58 +0000
ROA not before: Fri 04 Aug 2023 08:51:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.185.24.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
109.72.126.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 10 Aug 2023 13:41:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bf:bf:14:88:d8:a3:84:36:65:68:91:3c:b1:91:0b:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Aug 4 08:51:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf93284310d3733e415ace53636fe5b54610e523
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f8:2c:e1:27:5e:c7:b0:1b:5a:ff:2e:a7:83:
ad:b5:5a:c9:2c:bb:54:4a:30:57:0f:8d:61:5a:2a:
77:85:82:31:1f:61:64:48:b8:7c:3c:33:f4:74:74:
5c:f9:f5:71:e3:69:30:9f:15:bf:c3:8c:ce:13:c1:
60:9e:77:f9:a0:8e:5d:a4:f3:90:12:d2:86:b3:cc:
1c:16:0d:64:3c:34:bb:fd:47:24:ba:84:4d:c8:c4:
b4:b1:8f:7a:d9:72:81:a6:86:b2:a9:f2:f6:32:f2:
85:c7:0e:64:53:af:e8:f0:31:38:87:1e:91:78:51:
5e:07:ea:e2:b9:e2:68:bd:6c:ca:d5:ac:a1:26:8b:
c5:d3:03:44:a4:5d:1d:35:ab:b8:b1:14:6b:76:dd:
84:7a:99:3c:aa:f8:4c:50:c4:9f:a2:fc:1f:99:1c:
d9:1e:9b:29:7a:d6:e9:46:70:20:97:08:a4:00:32:
79:65:47:8a:7b:c8:a1:b9:f2:06:62:fb:1a:f8:a9:
8d:fa:c4:d1:45:e4:61:af:7a:b1:b2:8c:7a:6d:11:
7e:50:e6:3f:c2:fb:08:7c:ae:b3:e1:4d:e8:e2:70:
aa:9a:3d:49:87:88:34:7c:17:87:38:a7:7c:ca:d0:
d0:56:d7:85:d7:6b:64:0b:d0:b4:be:6a:6c:77:c9:
9f:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:93:28:43:10:D3:73:3E:41:5A:CE:53:63:6F:E5:B5:46:10:E5:23
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/v5MoQxDTcz5BWs5TY2_ltUYQ5SM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.0.0/22
89.185.24.0/22
109.72.116.0/22
109.72.126.0/24
Signature Algorithm: sha256WithRSAEncryption
87:b5:8f:3c:b3:40:af:dc:f7:9a:c1:cc:09:82:18:6d:e7:d1:
4b:75:ed:7d:f4:df:d0:ca:06:2e:65:8a:e2:7e:96:0e:bc:fe:
66:39:e2:9e:67:7c:8a:8b:09:96:8d:d7:18:3a:0a:ba:2f:3d:
1f:ec:b2:1e:83:f5:64:06:d9:2f:73:0f:77:c4:1d:f0:e0:38:
d3:02:b2:74:53:f0:2e:8e:b4:2e:93:ef:c3:73:e6:65:6f:ad:
cc:19:3b:75:b2:3f:b0:32:44:b7:32:58:a9:58:47:72:3f:82:
d2:cf:8f:d3:04:10:a7:2c:a3:60:15:25:2f:47:6e:81:db:2f:
cd:7a:51:1c:fa:c3:c3:68:3b:7e:c1:b7:c6:02:55:9c:b4:c3:
0d:f0:f9:44:10:35:cc:9a:0d:3a:d2:7a:0b:9e:ef:cb:3f:e5:
3b:f4:96:72:4d:fa:19:4f:b5:4c:81:b1:3b:d8:82:1e:80:02:
7b:67:81:9f:02:99:be:1e:96:1d:c6:71:1e:03:96:99:cf:26:
6e:56:8a:df:6b:f9:7d:dd:4a:50:23:0d:58:18:0a:31:0e:2c:
23:49:07:f8:03:2b:55:fb:2d:ea:72:cc:f8:f6:99:a3:c3:85:
68:e7:3e:ca:ff:8b:1f:00:6c:0a:ba:24:6a:13:48:1f:24:2a:
32:6f:78:93
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYm/vxSI2KOENmVokTyxkQtAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwODA0MDg1MTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjkzMjg0MzEwZDM3MzNlNDE1YWNlNTM2MzZmZTViNTQ2MTBlNTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivgs4Sdex7AbWv8up4OttVrJLLtU
SjBXD41hWip3hYIxH2FkSLh8PDP0dHRc+fVx42kwnxW/w4zOE8Fgnnf5oI5dpPOQ
EtKGs8wcFg1kPDS7/UckuoRNyMS0sY962XKBpoayqfL2MvKFxw5kU6/o8DE4hx6R
eFFeB+riueJovWzK1ayhJovF0wNEpF0dNau4sRRrdt2Eepk8qvhMUMSfovwfmRzZ
HpspetbpRnAglwikADJ5ZUeKe8ihufIGYvsa+KmN+sTRReRhr3qxsox6bRF+UOY/
wvsIfK6z4U3o4nCqmj1Jh4g0fBeHOKd8ytDQVteF12tkC9C0vmpsd8mf4wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFL+TKEMQ03M+QVrOU2Nv5bVGEOUjMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvdjVNb1F4RFRjejVCV3M1VFkyX2x0VVlRNVNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCWbkAAwQC
WbkYAwQCbUh0AwQAbUh+MA0GCSqGSIb3DQEBCwUAA4IBAQCHtY88s0Cv3PeawcwJ
ghht59FLde199N/QygYuZYrifpYOvP5mOeKeZ3yKiwmWjdcYOgq6Lz0f7LIeg/Vk
Btkvcw93xB3w4DjTArJ0U/AujrQuk+/Dc+Zlb63MGTt1sj+wMkS3MlipWEdyP4LS
z4/TBBCnLKNgFSUvR26B2y/NelEc+sPDaDt+wbfGAlWctMMN8PlEEDXMmg060noL
nu/LP+U79JZyTfoZT7VMgbE72IIegAJ7Z4GfApm+HpYdxnEeA5aZzyZuVorfa/l9
3UpQIw1YGAoxDiwjSQf4AytV+y3qcsz49pmjw4Vo5z7K/4sfAGwKuiRqE0gfJCoy
b3iT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org