Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/x3IU2DsIGRfKFQf4xJqW5ewhWXk.roa
File: x3IU2DsIGRfKFQf4xJqW5ewhWXk.roa (raw, json)
Hash identifier: GF0e85DecubOzUbIICbcRlWQoh4sVls+NREJto6+4Pc=
Subject key identifier: C7:72:14:D8:3B:08:19:17:CA:15:07:F8:C4:9A:96:E5:EC:21:59:79
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 01891B94E65A4BDA6AE6F977D6E69CF817F6
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/x3IU2DsIGRfKFQf4xJqW5ewhWXk.roa
Signing time: Mon 03 Jul 2023 11:48:10 +0000
ROA not before: Mon 03 Jul 2023 11:48:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.185.24.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
109.72.126.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
89.185.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Jul 2023 10:33:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1b:94:e6:5a:4b:da:6a:e6:f9:77:d6:e6:9c:f8:17:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jul 3 11:48:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c77214d83b081917ca1507f8c49a96e5ec215979
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d0:1f:53:23:88:22:54:1f:1b:88:69:6e:b5:
2b:92:a2:53:2a:88:34:43:84:d4:99:da:92:ca:bd:
62:69:28:e3:d9:9c:a3:a2:c9:3a:18:8c:4e:c0:5e:
92:a0:e1:66:1c:15:c7:d5:2f:a0:c4:a6:ba:56:ba:
90:9f:f8:45:14:ea:c7:e6:5f:b3:f9:09:51:7d:38:
d6:fb:f8:c8:4a:d9:85:d7:8b:a7:07:50:c6:37:01:
e3:a9:b6:6e:5e:db:1b:b8:47:03:d5:93:f6:f2:2b:
3d:0b:e5:d9:25:76:1e:6a:f0:4d:6b:79:9d:c3:4a:
cd:c4:10:2d:db:c7:85:43:fe:36:ca:96:7a:19:71:
46:a3:2d:76:fc:1b:87:d5:be:04:7b:c6:99:65:19:
fb:09:7f:bd:4c:26:a3:4c:0f:db:ea:17:00:87:5d:
eb:2d:7f:cc:31:7d:42:2b:41:41:c1:82:60:43:a8:
ff:f5:cd:d9:3c:db:8f:ba:7c:1c:66:f9:e3:64:4f:
c8:8f:99:2c:d8:03:26:1a:5e:28:b6:db:48:7d:ca:
d5:41:cb:3a:7e:7f:0a:cb:cf:ad:db:92:a3:c3:2a:
32:ac:c1:78:2b:b0:bf:8c:37:bd:9e:09:8b:c2:c3:
e2:7f:36:3d:3b:78:21:65:b5:9f:5c:4e:0b:5e:d5:
8f:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:72:14:D8:3B:08:19:17:CA:15:07:F8:C4:9A:96:E5:EC:21:59:79
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/x3IU2DsIGRfKFQf4xJqW5ewhWXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.0.0/22
89.185.24.0/22
109.72.116.0/22
109.72.126.0/24
Signature Algorithm: sha256WithRSAEncryption
52:d3:83:6f:25:15:2a:ec:d4:fb:84:94:16:e9:45:6b:8b:0d:
3c:17:bf:a6:15:5b:b1:45:d7:f8:cb:de:cc:28:14:5f:6e:c3:
11:3d:51:94:cb:70:8a:80:6c:ab:d3:4e:1c:43:80:8a:5e:9f:
3c:75:4b:16:39:e4:d7:84:48:c0:82:76:98:be:0d:0b:69:52:
60:f1:44:15:4a:58:b7:84:00:86:cd:04:54:75:8b:6d:1d:63:
aa:ee:13:8d:88:bd:f4:19:14:d1:7d:aa:7b:1e:fe:d5:4a:97:
89:ec:20:09:4b:8f:89:a0:7b:6e:c3:c6:f6:ac:4c:49:dd:78:
66:73:e6:0c:ef:01:4b:c8:3a:f2:bc:b7:da:9b:0a:6c:bc:36:
26:4e:4a:4a:e0:35:da:be:07:10:51:e3:f1:05:3c:74:d2:45:
ab:91:1b:77:98:9b:b3:a5:f8:59:66:5b:5e:a5:17:71:01:ba:
a2:64:f1:2c:58:c4:e7:31:eb:2f:ca:b8:4f:49:5d:f4:c6:c3:
f0:26:f9:b9:89:5e:6c:07:88:d9:07:f5:ef:7d:81:e9:b6:01:
99:93:54:82:db:c4:0c:00:95:76:92:22:09:35:9c:f9:a2:39:
32:d1:1f:81:4e:80:66:88:e1:bd:14:91:b7:3a:95:f3:c0:92:
1e:cf:c5:49
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYkblOZaS9pq5vl31uac+Bf2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwNzAzMTE0ODEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzcyMTRkODNiMDgxOTE3Y2ExNTA3ZjhjNDlhOTZlNWVjMjE1OTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNAfUyOIIlQfG4hpbrUrkqJTKog0
Q4TUmdqSyr1iaSjj2Zyjosk6GIxOwF6SoOFmHBXH1S+gxKa6VrqQn/hFFOrH5l+z
+QlRfTjW+/jIStmF14unB1DGNwHjqbZuXtsbuEcD1ZP28is9C+XZJXYeavBNa3md
w0rNxBAt28eFQ/42ypZ6GXFGoy12/BuH1b4Ee8aZZRn7CX+9TCajTA/b6hcAh13r
LX/MMX1CK0FBwYJgQ6j/9c3ZPNuPunwcZvnjZE/Ij5ks2AMmGl4otttIfcrVQcs6
fn8Ky8+t25KjwyoyrMF4K7C/jDe9ngmLwsPifzY9O3ghZbWfXE4LXtWPNwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMdyFNg7CBkXyhUH+MSaluXsIVl5MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEveDNJVTJEc0lHUmZLRlFmNHhKcVc1ZXdoV1hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCWbkAAwQC
WbkYAwQCbUh0AwQAbUh+MA0GCSqGSIb3DQEBCwUAA4IBAQBS04NvJRUq7NT7hJQW
6UVriw08F7+mFVuxRdf4y97MKBRfbsMRPVGUy3CKgGyr004cQ4CKXp88dUsWOeTX
hEjAgnaYvg0LaVJg8UQVSli3hACGzQRUdYttHWOq7hONiL30GRTRfap7Hv7VSpeJ
7CAJS4+JoHtuw8b2rExJ3Xhmc+YM7wFLyDryvLfamwpsvDYmTkpK4DXavgcQUePx
BTx00kWrkRt3mJuzpfhZZltepRdxAbqiZPEsWMTnMesvyrhPSV30xsPwJvm5iV5s
B4jZB/XvfYHptgGZk1SC28QMAJV2kiIJNZz5ojky0R+BToBmiOG9FJG3OpXzwJIe
z8VJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org