Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/y225YekAfzwhi4_7PaMoM31UsG8.roa
File: y225YekAfzwhi4_7PaMoM31UsG8.roa (raw, json)
Hash identifier: HZAf7NjATbxft0emMKlJWOrsC95jFQihzZrT1lbpKMY=
Subject key identifier: CB:6D:B9:61:E9:00:7F:3C:21:8B:8F:FB:3D:A3:28:33:7D:54:B0:6F
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018C3BF4993B7F837526945246A259A80CCD
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/y225YekAfzwhi4_7PaMoM31UsG8.roa
Signing time: Tue 05 Dec 2023 21:48:54 +0000
ROA not before: Tue 05 Dec 2023 21:48:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 24
89.185.24.0/22 maxlen: 24
81.22.140.0/22 maxlen: 24
89.185.22.0/24 maxlen: 24
89.185.28.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
109.72.123.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 06 Dec 2023 09:22:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3b:f4:99:3b:7f:83:75:26:94:52:46:a2:59:a8:0c:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Dec 5 21:48:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb6db961e9007f3c218b8ffb3da328337d54b06f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:82:50:5b:91:2c:68:20:c1:a5:78:ac:a5:7f:
f8:a6:ef:ae:8b:26:71:b6:b3:25:f4:6d:41:2e:c2:
fb:56:1f:dc:14:2f:58:16:a0:5d:fa:d6:1d:ed:56:
5a:01:9c:05:6c:8f:fb:65:d8:d0:08:23:91:1c:4c:
a8:c3:85:2f:4a:56:cd:5f:50:b0:1f:08:21:f3:98:
4c:30:20:9a:34:19:24:12:51:28:c6:0f:3d:ee:c1:
62:ac:e0:36:3a:27:af:98:6c:a6:59:6e:a1:79:8c:
29:e7:1a:66:1a:f2:8a:1c:de:87:70:d0:a5:58:03:
19:c6:d8:40:fc:69:8c:3b:17:1f:48:be:75:1d:06:
70:da:49:22:4c:32:03:55:d4:13:80:18:6f:bb:b2:
cb:91:20:80:b4:fc:7b:8c:90:72:bf:1f:96:f5:8a:
92:d7:72:fb:d9:3a:8e:d4:6e:67:1a:41:59:0a:c4:
d2:fa:d0:73:10:72:8d:53:5d:c0:46:7b:64:82:32:
8b:2b:63:39:eb:43:75:40:11:08:63:68:82:f4:3c:
b3:9f:21:91:a2:13:92:ba:ab:df:f0:b8:eb:3e:00:
52:f2:bf:c3:bf:cb:6a:cb:d3:31:3d:83:52:7f:88:
76:9a:3b:67:e2:72:dd:51:45:7c:b7:81:24:70:41:
67:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:6D:B9:61:E9:00:7F:3C:21:8B:8F:FB:3D:A3:28:33:7D:54:B0:6F
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/y225YekAfzwhi4_7PaMoM31UsG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
89.185.22.0/24
89.185.24.0/21
109.72.116.0/22
109.72.123.0/24
Signature Algorithm: sha256WithRSAEncryption
48:4b:f7:fa:86:bf:e0:88:c3:ee:ce:cd:1c:6e:8d:aa:7a:99:
e7:5f:d3:8b:57:6c:9e:85:21:e2:50:3f:6c:1e:e7:dd:1b:1d:
61:14:02:a9:d4:36:9c:6d:e5:94:c6:68:af:39:19:bf:a8:c2:
81:a8:df:dd:ea:10:9d:14:ac:35:1a:5f:24:14:b1:38:b6:41:
be:a4:18:43:8b:fd:ed:e9:5f:63:62:c3:ae:83:23:88:62:e6:
e3:0e:76:a5:8e:72:0e:fe:7f:44:5b:cf:5f:4d:c4:3d:f1:f9:
ee:86:3b:d7:f0:2c:36:82:9c:83:67:44:74:08:8c:7e:b9:15:
7f:b0:0b:b6:4f:1f:77:cd:a7:61:f7:7e:bf:25:13:39:68:90:
94:29:9c:8c:94:fb:59:35:de:86:d6:e3:8e:76:b4:ad:8b:e9:
ed:a8:15:81:b7:ad:f6:ec:f0:5d:18:dd:5f:ad:8e:23:16:eb:
88:27:95:85:c7:68:84:aa:63:60:8e:a3:91:37:ff:ed:16:79:
47:d9:5f:3a:8c:2e:61:8b:ea:0b:07:ee:0b:21:d3:d4:57:f1:
70:c2:d8:02:5b:d6:8d:ad:7a:2c:a4:0b:5d:9a:21:95:dc:d7:
82:1e:7d:cd:85:10:21:0c:4b:9b:cb:32:05:58:5d:b1:5f:3c:
59:bb:b6:3c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYw79Jk7f4N1JpRSRqJZqAzNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMxMjA1MjE0ODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjZkYjk2MWU5MDA3ZjNjMjE4YjhmZmIzZGEzMjgzMzdkNTRiMDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgoJQW5EsaCDBpXispX/4pu+uiyZx
trMl9G1BLsL7Vh/cFC9YFqBd+tYd7VZaAZwFbI/7ZdjQCCORHEyow4UvSlbNX1Cw
Hwgh85hMMCCaNBkkElEoxg897sFirOA2OievmGymWW6heYwp5xpmGvKKHN6HcNCl
WAMZxthA/GmMOxcfSL51HQZw2kkiTDIDVdQTgBhvu7LLkSCAtPx7jJByvx+W9YqS
13L72TqO1G5nGkFZCsTS+tBzEHKNU13ARntkgjKLK2M560N1QBEIY2iC9DyznyGR
ohOSuqvf8LjrPgBS8r/Dv8tqy9MxPYNSf4h2mjtn4nLdUUV8t4EkcEFnRQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMttuWHpAH88IYuP+z2jKDN9VLBvMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEveTIyNVlla0FmendoaTRfN1BhTW9NMzFVc0c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDURaIAwQC
WbkAAwQAWbkWAwQDWbkYAwQCbUh0AwQAbUh7MA0GCSqGSIb3DQEBCwUAA4IBAQBI
S/f6hr/giMPuzs0cbo2qepnnX9OLV2yehSHiUD9sHufdGx1hFAKp1DacbeWUxmiv
ORm/qMKBqN/d6hCdFKw1Gl8kFLE4tkG+pBhDi/3t6V9jYsOugyOIYubjDnaljnIO
/n9EW89fTcQ98fnuhjvX8Cw2gpyDZ0R0CIx+uRV/sAu2Tx93zadh936/JRM5aJCU
KZyMlPtZNd6G1uOOdrSti+ntqBWBt6327PBdGN1frY4jFuuIJ5WFx2iEqmNgjqOR
N//tFnlH2V86jC5hi+oLB+4LIdPUV/FwwtgCW9aNrXospAtdmiGV3NeCHn3NhRAh
DEubyzIFWF2xXzxZu7Y8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org