Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/ypFDOWaBpZIyQHG-yJEhpPvKMxo.roa
File: ypFDOWaBpZIyQHG-yJEhpPvKMxo.roa (raw, json)
Hash identifier: 6PURsE8OE9MvpC5FvLigo/A8qodU1rm4VzbIdnsGS14=
Subject key identifier: CA:91:43:39:66:81:A5:92:32:40:71:BE:C8:91:21:A4:FB:CA:33:1A
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018A97ACAB4BFBC4CBEC4C469858F9A3F065
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/ypFDOWaBpZIyQHG-yJEhpPvKMxo.roa
Signing time: Fri 15 Sep 2023 07:09:50 +0000
ROA not before: Fri 15 Sep 2023 07:09:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.72.114.0/24 maxlen: 24
109.72.115.0/24 maxlen: 24
109.72.116.0/24 maxlen: 24
109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
81.22.129.0/24 maxlen: 24
81.22.130.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Sep 2023 11:08:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:97:ac:ab:4b:fb:c4:cb:ec:4c:46:98:58:f9:a3:f0:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Sep 15 07:09:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca9143396681a592324071bec89121a4fbca331a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:6c:44:cf:e9:52:27:40:6b:01:b3:be:0e:a0:
9b:71:1b:79:10:de:b2:35:d9:86:5a:e0:c8:4b:6a:
2b:98:0b:16:71:53:cd:d2:8a:d6:81:13:ca:d5:d6:
c6:6f:92:be:3d:aa:1a:90:fb:6c:2b:a7:b1:10:cd:
8e:1b:14:a7:49:f1:33:c8:fa:22:90:65:bb:50:e6:
c0:7b:2d:4c:b3:b0:12:a9:71:62:88:4e:58:d4:d8:
b3:97:bd:9c:7a:22:62:e4:7a:22:2e:76:99:7a:fd:
e6:83:0a:d5:aa:4d:9b:44:69:56:f9:fa:7e:5b:8a:
b2:e4:31:13:42:78:19:86:0a:18:52:73:f8:34:fe:
8b:2c:4f:83:29:44:7a:5f:9e:1a:49:56:44:ac:66:
72:6a:9d:42:9c:ca:99:26:5c:c8:bf:aa:8f:a3:2b:
bf:09:3c:76:14:72:c1:eb:cb:80:b9:a2:6a:c4:98:
30:f5:bb:aa:7a:94:09:31:fc:3d:40:31:61:b6:73:
dc:a2:eb:aa:c4:c5:39:f9:90:99:8a:45:2d:2e:16:
23:da:e9:6d:0f:15:8d:3c:64:a7:38:ea:d6:d2:f8:
6f:e4:20:3f:2f:01:df:4b:a3:1c:5b:a9:e4:44:c6:
57:b3:db:7d:90:f4:dc:0a:df:9b:53:db:49:67:a9:
21:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:91:43:39:66:81:A5:92:32:40:71:BE:C8:91:21:A4:FB:CA:33:1A
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/ypFDOWaBpZIyQHG-yJEhpPvKMxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.129.0-81.22.130.255
89.185.0.0/22
109.72.114.0-109.72.119.255
Signature Algorithm: sha256WithRSAEncryption
59:a3:16:a9:cd:9b:47:96:d4:a7:d9:5c:8d:c0:08:f2:b1:f8:
26:a4:02:ce:d1:15:67:65:e3:67:76:9b:14:c1:77:15:6e:64:
16:96:63:2b:3f:8a:2b:9c:33:7a:32:50:f5:4b:bc:0b:ee:f4:
19:86:20:ee:92:d7:0c:d2:ce:2d:3a:06:aa:77:3b:77:53:d2:
76:92:54:d5:3a:d7:6b:3e:59:51:b0:29:00:f2:cf:d2:92:c1:
d6:78:32:1f:11:05:e4:09:6e:c2:32:37:91:11:ff:5e:84:ee:
38:c3:e8:99:b8:f5:ef:7d:34:55:4c:04:74:31:ba:b0:37:25:
ae:fd:87:c4:2a:b4:5c:de:ae:ca:9d:ae:cf:0e:14:85:8c:20:
d7:93:10:9e:47:1a:d0:00:f4:79:e9:11:da:dd:0f:09:cd:d7:
12:2d:7f:20:9c:43:d4:ee:03:2c:aa:d6:d8:d4:ae:7a:29:94:
c7:04:c5:2c:02:c5:dc:8b:0d:7e:ad:6b:6f:83:78:cb:ff:e7:
20:91:3d:4f:a3:e5:63:6a:95:51:00:22:64:4b:f7:2c:99:aa:
33:8d:a6:79:14:0d:a2:ac:fc:c4:6b:bd:af:9e:77:09:4f:b2:
bd:2a:9c:f7:67:7c:2c:9a:b6:93:da:95:40:d8:f8:ce:7b:15:
c1:28:29:3c
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYqXrKtL+8TL7ExGmFj5o/BlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwOTE1MDcwOTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTkxNDMzOTY2ODFhNTkyMzI0MDcxYmVjODkxMjFhNGZiY2EzMzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2xEz+lSJ0BrAbO+DqCbcRt5EN6y
NdmGWuDIS2ormAsWcVPN0orWgRPK1dbGb5K+PaoakPtsK6exEM2OGxSnSfEzyPoi
kGW7UObAey1Ms7ASqXFiiE5Y1Nizl72ceiJi5HoiLnaZev3mgwrVqk2bRGlW+fp+
W4qy5DETQngZhgoYUnP4NP6LLE+DKUR6X54aSVZErGZyap1CnMqZJlzIv6qPoyu/
CTx2FHLB68uAuaJqxJgw9buqepQJMfw9QDFhtnPcouuqxMU5+ZCZikUtLhYj2ult
DxWNPGSnOOrW0vhv5CA/LwHfS6McW6nkRMZXs9t9kPTcCt+bU9tJZ6khvQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFMqRQzlmgaWSMkBxvsiRIaT7yjMaMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEveXBGRE9XYUJwWkl5UUhHLXlKRWhwUHZLTXhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBABRFoED
BABRFoIDBAJZuQAwDAMEAW1IcgMEA21IcDANBgkqhkiG9w0BAQsFAAOCAQEAWaMW
qc2bR5bUp9lcjcAI8rH4JqQCztEVZ2XjZ3abFMF3FW5kFpZjKz+KK5wzejJQ9Uu8
C+70GYYg7pLXDNLOLToGqnc7d1PSdpJU1TrXaz5ZUbApAPLP0pLB1ngyHxEF5Alu
wjI3kRH/XoTuOMPombj17300VUwEdDG6sDclrv2HxCq0XN6uyp2uzw4UhYwg15MQ
nkca0AD0eekR2t0PCc3XEi1/IJxD1O4DLKrW2NSueimUxwTFLALF3IsNfq1rb4N4
y//nIJE9T6PlY2qVUQAiZEv3LJmqM42meRQNoqz8xGu9r553CU+yvSqc92d8LJq2
k9qVQNj4znsVwSgpPA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org