Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/y9zZskyiOhfVM0PtNQhzCO0wfTM.roa
File: y9zZskyiOhfVM0PtNQhzCO0wfTM.roa (raw, json)
Hash identifier: OWbu6GFfrQnnzbKVxWCkyyq3rcaatrUNwdNk7EQPEoM=
Subject key identifier: CB:DC:D9:B2:4C:A2:3A:17:D5:33:43:ED:35:08:73:08:ED:30:7D:33
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018F92AC2000B0EC0C714897E3DDE8E4F8DD
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/y9zZskyiOhfVM0PtNQhzCO0wfTM.roa
Signing time: Sun 19 May 2024 21:05:04 +0000
ROA not before: Sun 19 May 2024 21:05:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 81.22.129.0/24 maxlen: 24
81.22.131.0/24 maxlen: 24
81.22.138.0/24 maxlen: 24
89.185.0.0/24 maxlen: 24
109.72.123.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Aug 2024 22:08:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:92:ac:20:00:b0:ec:0c:71:48:97:e3:dd:e8:e4:f8:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: May 19 21:05:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cbdcd9b24ca23a17d53343ed35087308ed307d33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:10:5e:f0:09:fd:8e:38:c4:a4:c9:cd:ac:20:
17:28:d3:64:5a:f4:eb:53:b6:a7:5c:93:e5:48:56:
c4:57:2d:3d:dc:6c:2a:ab:57:e6:bd:e5:40:15:82:
47:1b:4c:f6:4b:70:2a:b9:82:66:b7:e7:d5:31:1c:
69:13:aa:db:4f:d5:8b:10:48:ef:2c:4d:6d:a4:a1:
c3:33:0e:c7:b8:3a:4c:80:ab:ed:8b:fd:8d:c1:24:
bc:2b:dd:7b:88:f4:36:28:2e:7e:08:96:67:63:dc:
81:68:7d:8b:e7:ca:df:e2:6a:28:3a:3c:c9:3e:77:
d3:0d:90:1c:57:08:8c:35:21:51:f9:e5:27:4d:f6:
45:9d:20:67:ff:ad:db:c3:82:1d:52:f2:7a:73:68:
09:68:6b:7e:e5:8e:2b:c4:d6:d6:73:ae:ce:28:69:
99:13:5a:c0:3f:8d:2c:7f:86:6a:97:d8:3e:fb:1a:
ae:d8:e6:ac:20:29:21:d4:90:ce:fe:31:59:63:f0:
ce:ae:7e:a0:ea:6a:cf:b2:67:65:11:c8:6a:fe:a2:
60:b2:14:4d:5a:e9:20:ba:f2:5b:f7:22:5b:00:e4:
0c:bc:e3:55:f0:46:0d:c1:82:b1:cf:07:a9:12:1e:
2b:0a:cb:5b:dc:2a:59:36:b3:e7:31:d7:85:20:14:
b4:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:DC:D9:B2:4C:A2:3A:17:D5:33:43:ED:35:08:73:08:ED:30:7D:33
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/y9zZskyiOhfVM0PtNQhzCO0wfTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.129.0/24
81.22.131.0/24
81.22.138.0/24
89.185.0.0/24
109.72.123.0/24
Signature Algorithm: sha256WithRSAEncryption
86:12:70:dd:2e:9a:ec:92:9f:2e:13:bb:04:a4:99:03:a0:07:
d2:32:5f:cd:e2:c8:8c:88:bc:61:27:73:4e:23:b1:25:12:6b:
e6:a4:14:70:62:06:7b:4a:d9:1d:05:24:f7:92:d5:fb:9f:d2:
54:1e:be:6f:e8:b1:14:f1:78:14:27:14:4c:4d:48:00:b3:dc:
d6:20:f0:b6:3b:c0:38:0f:8b:9d:8f:16:11:6e:6a:de:d1:5d:
69:0a:a9:8e:9d:38:7c:bd:3b:44:92:fe:9e:f7:5f:72:27:f3:
79:5f:49:db:66:02:9a:d5:35:ef:fa:81:f9:7d:fa:99:c7:5d:
80:97:0d:27:01:33:22:9c:90:dd:69:22:95:c3:85:ed:46:44:
2e:b7:19:49:47:01:ba:fc:f6:dd:e9:e0:f7:a0:48:35:14:2c:
a4:9b:fc:5f:95:d1:bc:ab:07:74:d4:78:6b:0a:ae:77:6d:35:
9d:a0:17:eb:fb:ba:3c:28:ac:29:52:93:05:fc:bd:c0:3f:a0:
6d:9d:e6:4f:ed:b4:de:b2:c3:5d:fd:e6:a9:37:d8:60:26:ae:
5b:68:08:e8:fc:59:89:f6:3b:2f:df:55:6f:22:1b:b3:15:e6:
74:b7:58:d6:c5:20:a1:ed:f4:93:20:88:85:0d:73:42:a5:8f:
d0:5c:d7:f7
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY+SrCAAsOwMcUiX493o5PjdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwNTE5MjEwNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmRjZDliMjRjYTIzYTE3ZDUzMzQzZWQzNTA4NzMwOGVkMzA3ZDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5xBe8An9jjjEpMnNrCAXKNNkWvTr
U7anXJPlSFbEVy093Gwqq1fmveVAFYJHG0z2S3AquYJmt+fVMRxpE6rbT9WLEEjv
LE1tpKHDMw7HuDpMgKvti/2NwSS8K917iPQ2KC5+CJZnY9yBaH2L58rf4mooOjzJ
PnfTDZAcVwiMNSFR+eUnTfZFnSBn/63bw4IdUvJ6c2gJaGt+5Y4rxNbWc67OKGmZ
E1rAP40sf4Zql9g++xqu2OasICkh1JDO/jFZY/DOrn6g6mrPsmdlEchq/qJgshRN
WukguvJb9yJbAOQMvONV8EYNwYKxzwepEh4rCstb3CpZNrPnMdeFIBS0cQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMvc2bJMojoX1TND7TUIcwjtMH0zMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEveTl6WnNreWlPaGZWTTBQdE5RaHpDTzB3ZlRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAURaBAwQA
URaDAwQAURaKAwQAWbkAAwQAbUh7MA0GCSqGSIb3DQEBCwUAA4IBAQCGEnDdLprs
kp8uE7sEpJkDoAfSMl/N4siMiLxhJ3NOI7ElEmvmpBRwYgZ7StkdBST3ktX7n9JU
Hr5v6LEU8XgUJxRMTUgAs9zWIPC2O8A4D4udjxYRbmre0V1pCqmOnTh8vTtEkv6e
919yJ/N5X0nbZgKa1TXv+oH5ffqZx12Alw0nATMinJDdaSKVw4XtRkQutxlJRwG6
/Pbd6eD3oEg1FCykm/xfldG8qwd01HhrCq53bTWdoBfr+7o8KKwpUpMF/L3AP6Bt
neZP7bTessNd/eapN9hgJq5baAjo/FmJ9jsv31VvIhuzFeZ0t1jWxSCh7fSTIIiF
DXNCpY/QXNf3
Generated at Tue Aug 13 23:45:41 2024 by rpki-client on console-fra.rpki-client.org