Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/yFSmQymEN9zSyuw65M-NrDL84tQ.roa
File: yFSmQymEN9zSyuw65M-NrDL84tQ.roa (raw, json)
Hash identifier: ZLdNhRGJCjn0Gj4gUBP1BagCXMpA4RaOeToPJbFyQTY=
Subject key identifier: C8:54:A6:43:29:84:37:DC:D2:CA:EC:3A:E4:CF:8D:AC:32:FC:E2:D4
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0188C377225628745ACB34A49E45B84C4E1A
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/yFSmQymEN9zSyuw65M-NrDL84tQ.roa
Signing time: Fri 16 Jun 2023 09:09:04 +0000
ROA not before: Fri 16 Jun 2023 09:09:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 81.22.140.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 20 Jun 2023 08:28:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:c3:77:22:56:28:74:5a:cb:34:a4:9e:45:b8:4c:4e:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jun 16 09:09:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c854a643298437dcd2caec3ae4cf8dac32fce2d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:31:8e:94:23:ac:42:7b:af:d4:19:6e:17:04:
39:e9:d8:91:14:a2:dc:ae:ad:6b:cc:2a:12:d6:e9:
bf:74:f1:35:e7:90:f1:e5:37:3a:27:84:59:47:ba:
26:0e:62:dd:a2:b7:7c:bd:7f:89:e5:3e:c2:87:2e:
79:4b:7c:03:8d:c1:79:d7:94:36:dd:97:7b:68:1f:
17:17:4f:9c:c8:8f:2a:5c:60:94:0f:18:46:e2:7e:
c4:42:7e:06:d4:1c:65:de:92:eb:c7:bf:78:81:ca:
54:b0:5c:8a:e6:28:43:36:a5:77:d8:5b:43:2a:70:
44:39:c0:91:df:19:2e:08:25:ee:19:ea:d1:ae:6e:
ce:a5:c7:ed:18:4a:50:c2:a8:98:c2:9a:a4:37:4d:
35:30:ae:33:ad:9c:25:ba:b4:b8:ba:d4:3e:dd:86:
f0:67:ba:13:02:06:06:90:b7:ee:bb:6c:ac:9f:09:
57:2c:33:91:7e:b9:18:04:dc:88:77:e5:1d:94:80:
b2:1e:91:26:bf:33:23:de:a1:ee:4b:25:26:b2:f8:
f6:07:ec:2c:17:11:55:e4:13:f6:8e:d7:5d:2d:51:
1a:71:b6:09:b8:39:fc:41:82:ee:93:a2:2b:ec:40:
ea:b7:50:bf:cd:d7:e4:60:0a:23:4a:1c:d3:1c:7c:
09:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:54:A6:43:29:84:37:DC:D2:CA:EC:3A:E4:CF:8D:AC:32:FC:E2:D4
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/yFSmQymEN9zSyuw65M-NrDL84tQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.140.0/22
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
86:d9:ce:df:7a:df:68:53:3b:03:a6:4c:4c:11:ad:45:b1:5a:
44:e1:6a:ee:17:07:9c:19:59:56:1b:b2:59:82:d0:7b:91:38:
84:9e:0d:4d:51:4d:7a:fb:62:23:c2:b8:10:93:77:7c:96:a6:
07:7d:ca:23:1d:0f:f9:cd:34:5f:1a:f1:8b:a4:05:18:29:ff:
ab:fc:a1:41:ad:86:3d:92:2b:0a:a0:d2:9e:f4:b0:ab:87:64:
94:c6:59:ac:82:d4:dc:bc:c6:e7:1f:5e:6e:5b:e1:2c:f0:79:
ce:0f:27:7e:82:68:12:77:9b:5b:8b:f4:6d:40:87:94:6a:18:
ea:2a:b3:b1:15:cf:98:4a:c9:c9:71:4f:00:16:8a:e3:8d:24:
89:e3:35:2b:f9:ae:01:e9:bc:62:e4:3e:29:ed:2d:c3:fc:87:
48:41:14:5d:5c:f3:96:3f:a4:3c:68:22:cb:b5:b0:f6:0c:74:
1b:ed:45:10:e4:63:af:a2:f0:f5:a7:d6:ef:c0:d8:89:54:1c:
e5:b9:6d:a9:0f:82:7e:dd:62:24:32:11:cf:fa:4a:e7:d8:ca:
ed:00:aa:c8:5c:15:91:73:57:22:0b:36:ac:ba:27:ec:94:4d:
b0:2a:df:0f:2f:9a:78:10:43:3d:f7:31:f3:74:8f:c4:a1:45:
f4:9f:f3:4f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYjDdyJWKHRayzSknkW4TE4aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwNjE2MDkwOTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODU0YTY0MzI5ODQzN2RjZDJjYWVjM2FlNGNmOGRhYzMyZmNlMmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzjGOlCOsQnuv1BluFwQ56diRFKLc
rq1rzCoS1um/dPE155Dx5Tc6J4RZR7omDmLdord8vX+J5T7Chy55S3wDjcF515Q2
3Zd7aB8XF0+cyI8qXGCUDxhG4n7EQn4G1Bxl3pLrx794gcpUsFyK5ihDNqV32FtD
KnBEOcCR3xkuCCXuGerRrm7OpcftGEpQwqiYwpqkN001MK4zrZwlurS4utQ+3Ybw
Z7oTAgYGkLfuu2ysnwlXLDORfrkYBNyId+UdlICyHpEmvzMj3qHuSyUmsvj2B+ws
FxFV5BP2jtddLVEacbYJuDn8QYLuk6Ir7EDqt1C/zdfkYAojShzTHHwJxQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMhUpkMphDfc0srsOuTPjawy/OLUMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEveUZTbVF5bUVOOXpTeXV3NjVNLU5yREw4NHRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCURaMAwQC
WbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQCG2c7fet9oUzsDpkxMEa1FsVpE
4WruFwecGVlWG7JZgtB7kTiEng1NUU16+2IjwrgQk3d8lqYHfcojHQ/5zTRfGvGL
pAUYKf+r/KFBrYY9kisKoNKe9LCrh2SUxlmsgtTcvMbnH15uW+Es8HnODyd+gmgS
d5tbi/RtQIeUahjqKrOxFc+YSsnJcU8AForjjSSJ4zUr+a4B6bxi5D4p7S3D/IdI
QRRdXPOWP6Q8aCLLtbD2DHQb7UUQ5GOvovD1p9bvwNiJVBzluW2pD4J+3WIkMhHP
+krn2MrtAKrIXBWRc1ciCzasuifslE2wKt8PL5p4EEM99zHzdI/EoUX0n/NP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org