Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/yDdNS_PyMK1-7n92vs54KPe-Q7g.roa
File: yDdNS_PyMK1-7n92vs54KPe-Q7g.roa (raw, json)
Hash identifier: HSQqS6Ppn57DWni1bWgnCkZT9/JP9BaGxqQcOHUL1ZM=
Subject key identifier: C8:37:4D:4B:F3:F2:30:AD:7E:EE:7F:76:BE:CE:78:28:F7:BE:43:B8
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018CE7557C34802C7A5644CF194A99B197B9
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/yDdNS_PyMK1-7n92vs54KPe-Q7g.roa
Signing time: Mon 08 Jan 2024 04:29:48 +0000
ROA not before: Mon 08 Jan 2024 04:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 81.22.138.0/24 maxlen: 24
81.22.137.0/24 maxlen: 24
81.22.128.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 26 Jan 2024 10:02:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e7:55:7c:34:80:2c:7a:56:44:cf:19:4a:99:b1:97:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 8 04:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8374d4bf3f230ad7eee7f76bece7828f7be43b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:7c:14:e3:3e:d4:22:01:dc:09:1b:04:5d:05:
d5:3c:1a:50:92:04:be:8a:12:19:20:40:85:1f:d1:
a4:98:5e:94:69:59:2c:27:d3:8e:5c:f2:e4:20:e8:
3d:75:1c:b8:43:ff:8b:cb:56:9b:30:1e:51:91:85:
02:a9:0f:cd:30:59:9a:3f:b1:d2:1c:7d:f1:05:bf:
cc:0d:a1:1e:f1:49:67:30:5b:06:f9:17:1a:bd:66:
01:40:a5:57:a7:ab:14:9b:eb:0b:b4:5b:07:6d:1d:
7d:b5:7d:4b:62:52:2d:21:03:52:15:2b:80:49:6b:
85:b8:7d:3d:72:7d:72:cc:b0:e0:0e:94:95:91:d2:
cc:bf:aa:a6:92:4f:27:1a:e9:54:0c:58:b9:1c:ca:
dd:5a:6a:21:3b:25:8b:66:eb:c0:70:5c:f1:4e:50:
dd:88:83:25:e9:c4:ce:7b:6f:68:be:73:4c:bc:4c:
b7:be:ad:de:b1:a9:93:c3:d3:fa:f1:81:28:ca:60:
17:fe:8d:28:8e:15:5b:e1:8f:ba:0f:0a:43:9d:c1:
70:37:c6:57:c3:a1:7f:2e:93:74:91:68:57:94:49:
eb:20:d5:7a:b0:9f:c7:b4:94:50:4d:c8:a4:5c:b8:
f4:e9:e0:f8:ff:d3:5e:d9:ab:5c:e2:a8:7b:ba:3f:
b8:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:37:4D:4B:F3:F2:30:AD:7E:EE:7F:76:BE:CE:78:28:F7:BE:43:B8
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/yDdNS_PyMK1-7n92vs54KPe-Q7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.128.0/24
81.22.137.0-81.22.138.255
Signature Algorithm: sha256WithRSAEncryption
71:86:55:1d:f1:b7:66:8d:df:b0:58:a4:22:a2:62:6e:e6:65:
a0:da:5a:fa:ca:16:11:18:2b:c9:d5:c4:56:3f:7f:9c:a8:43:
4b:ed:9d:89:19:bc:50:04:af:ab:cb:d0:12:f6:f3:4e:9f:25:
5e:b6:15:c4:67:d8:1d:20:75:f7:41:b9:f3:1c:06:62:36:5f:
0e:9f:92:04:6a:2c:2b:3b:5c:77:aa:e3:90:d3:b7:b0:2f:27:
e9:f1:4d:7a:02:d8:c8:b0:91:09:79:ad:d9:b9:af:c6:33:51:
1f:60:5b:9b:5e:88:70:d9:ad:28:a0:f2:63:5f:29:eb:d3:4a:
5d:9e:98:71:34:dd:0e:22:b3:bb:e1:25:e1:05:f4:0d:c7:34:
ce:02:3f:7e:cf:2f:41:f6:45:25:56:8f:80:49:01:10:81:68:
67:a7:c3:fa:48:04:c6:f5:8c:c4:5c:d3:2a:ee:a6:18:20:76:
83:58:21:a8:36:dc:c1:df:a6:d8:47:04:7f:82:75:ee:f2:c7:
49:76:92:ac:73:a1:f8:66:81:4e:c8:b0:6f:49:10:ac:f7:a8:
4d:9c:bb:fc:7e:73:ca:23:d0:81:5e:e2:0d:74:10:6f:5f:a5:
ad:00:5c:0f:0c:7a:e0:96:63:c2:c6:80:52:95:fb:c7:61:3d:
69:ee:9f:45
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYznVXw0gCx6VkTPGUqZsZe5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMTA4MDQyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODM3NGQ0YmYzZjIzMGFkN2VlZTdmNzZiZWNlNzgyOGY3YmU0M2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHwU4z7UIgHcCRsEXQXVPBpQkgS+
ihIZIECFH9GkmF6UaVksJ9OOXPLkIOg9dRy4Q/+Ly1abMB5RkYUCqQ/NMFmaP7HS
HH3xBb/MDaEe8UlnMFsG+RcavWYBQKVXp6sUm+sLtFsHbR19tX1LYlItIQNSFSuA
SWuFuH09cn1yzLDgDpSVkdLMv6qmkk8nGulUDFi5HMrdWmohOyWLZuvAcFzxTlDd
iIMl6cTOe29ovnNMvEy3vq3esamTw9P68YEoymAX/o0ojhVb4Y+6DwpDncFwN8ZX
w6F/LpN0kWhXlEnrINV6sJ/HtJRQTcikXLj06eD4/9Ne2atc4qh7uj+4/wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMg3TUvz8jCtfu5/dr7OeCj3vkO4MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEveURkTlNfUHlNSzEtN245MnZzNTRLUGUtUTdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAURaAMAwD
BABRFokDBABRFoowDQYJKoZIhvcNAQELBQADggEBAHGGVR3xt2aN37BYpCKiYm7m
ZaDaWvrKFhEYK8nVxFY/f5yoQ0vtnYkZvFAEr6vL0BL2806fJV62FcRn2B0gdfdB
ufMcBmI2Xw6fkgRqLCs7XHeq45DTt7AvJ+nxTXoC2MiwkQl5rdm5r8YzUR9gW5te
iHDZrSig8mNfKevTSl2emHE03Q4is7vhJeEF9A3HNM4CP37PL0H2RSVWj4BJARCB
aGenw/pIBMb1jMRc0yruphggdoNYIag23MHfpthHBH+Cde7yx0l2kqxzofhmgU7I
sG9JEKz3qE2cu/x+c8oj0IFe4g10EG9fpa0AXA8MeuCWY8LGgFKV+8dhPWnun0U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org