Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/y3YUpHOYvaROUKw1LQb8ciST63M.roa
File: y3YUpHOYvaROUKw1LQb8ciST63M.roa (raw, json)
Hash identifier: 69ynw77Jt8fa3yQkHlvOd70OSb+qL8mEs2sNEDn8Ur8=
Subject key identifier: CB:76:14:A4:73:98:BD:A4:4E:50:AC:35:2D:06:FC:72:24:93:EB:73
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0187E0A9974905372434ECD0CD40D93AECF8
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/y3YUpHOYvaROUKw1LQb8ciST63M.roa
Signing time: Wed 03 May 2023 08:10:23 +0000
ROA not before: Wed 03 May 2023 08:10:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 81.22.135.0/24 maxlen: 24
89.185.24.0/22 maxlen: 24
109.72.127.0/24 maxlen: 24
81.22.128.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 May 2023 11:21:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e0:a9:97:49:05:37:24:34:ec:d0:cd:40:d9:3a:ec:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: May 3 08:10:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb7614a47398bda44e50ac352d06fc722493eb73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:90:a8:d5:1a:1f:ed:73:d3:e4:97:2a:c8:8b:
09:04:ac:8f:ea:0d:72:4a:01:28:bb:56:d2:d7:80:
5b:7e:dc:18:2f:7c:2c:42:4e:4b:a5:92:59:2f:29:
b5:9b:c9:8a:39:cd:99:10:1d:bf:17:3f:2a:ff:d0:
f8:da:1b:c2:2a:ee:f1:40:de:f7:da:3c:51:01:21:
f3:10:35:e8:54:63:2b:d0:90:43:a6:1b:6f:a6:05:
2a:ec:9e:c7:45:ec:f9:23:00:f7:07:43:26:8e:8b:
aa:9c:d7:3b:09:d7:3b:ec:f9:dd:3b:b0:47:a3:b2:
7d:12:ec:c0:f8:df:11:e7:4f:66:06:29:44:1e:1d:
f9:15:51:f6:ce:0e:48:80:17:95:cf:a5:c9:d2:bf:
82:76:90:3a:a0:16:1a:7d:33:90:f8:fd:a8:04:c6:
b9:eb:d3:38:e2:8b:15:7e:22:ed:7e:6c:4f:9d:c0:
96:d1:3e:ae:a2:98:0a:09:10:f2:3b:83:1c:a0:f9:
59:31:e9:9a:4e:24:6f:26:6d:b0:ff:99:d1:66:a1:
05:8b:3e:e9:d5:22:e0:df:c8:cc:e9:04:19:8c:5a:
bd:9b:8f:7e:f0:86:c1:95:94:64:6c:6a:93:8c:b7:
4a:5e:4d:60:0b:11:d9:86:82:97:5a:42:66:de:c3:
91:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:76:14:A4:73:98:BD:A4:4E:50:AC:35:2D:06:FC:72:24:93:EB:73
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/y3YUpHOYvaROUKw1LQb8ciST63M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.128.0/24
81.22.135.0/24
89.185.24.0/22
109.72.127.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:89:b1:71:eb:93:59:35:42:11:d3:d4:65:e7:c6:ab:5b:d4:
7b:79:74:22:89:81:9d:42:6d:02:5f:85:3a:4f:6f:f8:72:9c:
95:62:c4:82:f3:fa:99:39:a9:0e:44:06:20:03:58:d9:52:4b:
00:a9:46:ba:12:d0:68:ad:9d:d0:ab:a9:d5:26:0c:60:75:71:
3e:07:74:5d:a1:1e:6b:18:2f:34:42:97:5a:a0:ce:da:21:e5:
65:0a:4f:ed:63:2c:4d:83:11:56:dc:12:97:bc:41:a6:93:ed:
43:d9:09:6a:7f:e8:1a:5c:cf:38:09:3f:b3:d6:5f:41:cf:5c:
54:ae:18:b7:0e:87:69:5c:a3:14:78:8a:82:61:d9:79:0e:1f:
0d:00:ec:ab:8f:39:cf:ed:07:63:53:86:3b:82:5a:f5:66:33:
e2:f5:6a:3b:4c:77:ae:b0:24:15:47:f6:3c:d3:27:4e:fd:0e:
1d:69:da:45:b5:69:35:b4:04:12:b2:31:89:f4:db:e0:fa:f3:
ac:15:a9:b5:e9:a5:75:7a:e4:27:c4:49:6f:cb:7a:de:d1:c7:
b2:d8:aa:0c:9a:16:1d:d7:8a:8e:c6:d7:13:02:6d:6e:df:06:
39:d7:b0:ed:55:ef:ea:75:6f:6a:d2:ab:33:ae:f8:f9:35:0b:
7b:1e:a0:3c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYfgqZdJBTckNOzQzUDZOuz4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwNTAzMDgxMDIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjc2MTRhNDczOThiZGE0NGU1MGFjMzUyZDA2ZmM3MjI0OTNlYjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZCo1Rof7XPT5JcqyIsJBKyP6g1y
SgEou1bS14BbftwYL3wsQk5LpZJZLym1m8mKOc2ZEB2/Fz8q/9D42hvCKu7xQN73
2jxRASHzEDXoVGMr0JBDphtvpgUq7J7HRez5IwD3B0MmjouqnNc7Cdc77PndO7BH
o7J9EuzA+N8R509mBilEHh35FVH2zg5IgBeVz6XJ0r+CdpA6oBYafTOQ+P2oBMa5
69M44osVfiLtfmxPncCW0T6uopgKCRDyO4McoPlZMemaTiRvJm2w/5nRZqEFiz7p
1SLg38jM6QQZjFq9m49+8IbBlZRkbGqTjLdKXk1gCxHZhoKXWkJm3sORsQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMt2FKRzmL2kTlCsNS0G/HIkk+tzMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEveTNZVXBIT1l2YVJPVUt3MUxRYjhjaVNUNjNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAURaAAwQA
URaHAwQCWbkYAwQAbUh/MA0GCSqGSIb3DQEBCwUAA4IBAQCeibFx65NZNUIR09Rl
58arW9R7eXQiiYGdQm0CX4U6T2/4cpyVYsSC8/qZOakORAYgA1jZUksAqUa6EtBo
rZ3Qq6nVJgxgdXE+B3RdoR5rGC80QpdaoM7aIeVlCk/tYyxNgxFW3BKXvEGmk+1D
2Qlqf+gaXM84CT+z1l9Bz1xUrhi3DodpXKMUeIqCYdl5Dh8NAOyrjznP7QdjU4Y7
glr1ZjPi9Wo7THeusCQVR/Y80ydO/Q4dadpFtWk1tAQSsjGJ9Nvg+vOsFam16aV1
euQnxElvy3re0cey2KoMmhYd14qOxtcTAm1u3wY517DtVe/qdW9q0qszrvj5NQt7
HqA8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org