Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/MtAvQ3z7TVD3NNN96IA-Ml7X4uk.roa
File: MtAvQ3z7TVD3NNN96IA-Ml7X4uk.roa (raw, json)
Hash identifier: sQ6iS27NqVv/m8dterdjHZUVz4J3Xb872xxjdUq74wE=
Subject key identifier: 32:D0:2F:43:7C:FB:4D:50:F7:34:D3:7D:E8:80:3E:32:5E:D7:E2:E9
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018DC6BA4970E3E680DC6747DAAEEA876258
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/MtAvQ3z7TVD3NNN96IA-Ml7X4uk.roa
Signing time: Tue 20 Feb 2024 13:35:13 +0000
ROA not before: Tue 20 Feb 2024 13:35:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 81.22.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c6:ba:49:70:e3:e6:80:dc:67:47:da:ae:ea:87:62:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Feb 20 13:35:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32d02f437cfb4d50f734d37de8803e325ed7e2e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:2b:5b:e4:95:e3:15:27:ef:33:9f:27:97:4d:
bb:bb:8e:aa:be:05:84:e9:95:ec:22:e0:e6:66:75:
7f:73:fd:b7:a0:60:a8:4b:94:6f:d2:92:33:00:e2:
24:7a:33:30:d9:bc:d9:f9:c3:67:29:37:b4:72:e9:
fc:44:75:cf:17:0b:05:90:2f:f1:75:d7:26:d4:5f:
b7:41:ba:85:a9:3f:8d:3d:1f:82:dc:a2:09:b6:76:
f7:ae:5f:41:9f:02:d5:65:c0:a0:26:5d:70:a7:08:
fb:74:e9:26:7c:32:9c:73:68:94:f1:84:1b:cb:a0:
48:01:93:70:d0:bf:99:27:61:38:d2:d5:b3:6f:be:
1b:0c:fa:25:40:97:8f:dc:7d:40:93:f5:d7:22:78:
b7:fd:74:42:d5:49:a3:9d:ba:6d:41:ac:34:d8:5d:
05:13:37:88:71:b5:7c:d3:aa:4c:91:93:0d:d5:5f:
88:99:0a:75:9f:9a:51:e5:a4:e1:47:d0:69:ce:fe:
41:3b:d8:f2:74:46:29:4a:3b:ff:d2:52:cb:8d:07:
ce:d2:a2:2f:ea:43:80:d1:0f:0c:c9:ea:3e:c9:88:
d1:db:f4:7c:b8:13:46:1d:c9:21:40:60:d7:c6:8f:
f6:9b:d5:bc:8a:81:58:1c:62:1a:94:1e:e0:10:6d:
15:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:D0:2F:43:7C:FB:4D:50:F7:34:D3:7D:E8:80:3E:32:5E:D7:E2:E9
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/MtAvQ3z7TVD3NNN96IA-Ml7X4uk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.139.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:98:6b:ac:c0:d3:8b:12:b7:c7:1a:c2:27:c3:45:6b:fb:f6:
6c:4d:dd:68:b1:16:75:da:9e:17:5f:77:ac:4d:87:0b:4e:ec:
cb:f2:ce:2e:8e:54:ff:52:f4:25:88:97:80:6d:9f:8b:a2:42:
30:61:bb:91:fe:42:cb:24:f3:46:75:49:29:58:46:bf:14:e1:
53:c7:8f:79:3d:cc:34:5e:1f:c6:f1:b5:b2:e3:5a:f9:2c:b8:
9c:0e:32:54:6a:01:01:52:e2:dd:b5:ba:45:ff:2e:64:07:71:
08:ad:79:ac:8d:ef:df:06:9c:17:4e:57:24:37:25:c7:27:f5:
dc:73:ac:bb:8f:f1:ef:fa:6c:81:df:42:ea:8e:db:11:0d:2e:
73:f3:5c:49:6b:10:35:ae:d5:10:69:a6:55:38:6f:bc:39:b7:
34:a2:f7:72:8f:32:34:17:51:3e:c9:d1:d9:0a:c9:a1:6a:cf:
74:2b:f4:92:77:24:6d:77:ee:5c:9d:95:b8:60:5b:70:fd:67:
25:e0:6d:60:0b:37:ba:fa:cc:0e:ad:75:6a:23:5c:cb:6b:6b:
5a:cb:fa:42:79:13:e9:01:91:77:c2:1d:be:89:a5:ed:fc:46:
6a:9d:0a:08:4a:ef:54:cd:93:51:58:5f:51:bf:68:c5:2e:a6:
95:f8:42:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3Guklw4+aA3GdH2q7qh2JYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMjIwMTMzNTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmQwMmY0MzdjZmI0ZDUwZjczNGQzN2RlODgwM2UzMjVlZDdlMmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCtb5JXjFSfvM58nl027u46qvgWE
6ZXsIuDmZnV/c/23oGCoS5Rv0pIzAOIkejMw2bzZ+cNnKTe0cun8RHXPFwsFkC/x
ddcm1F+3QbqFqT+NPR+C3KIJtnb3rl9BnwLVZcCgJl1wpwj7dOkmfDKcc2iU8YQb
y6BIAZNw0L+ZJ2E40tWzb74bDPolQJeP3H1Ak/XXIni3/XRC1UmjnbptQaw02F0F
EzeIcbV806pMkZMN1V+ImQp1n5pR5aThR9Bpzv5BO9jydEYpSjv/0lLLjQfO0qIv
6kOA0Q8Myeo+yYjR2/R8uBNGHckhQGDXxo/2m9W8ioFYHGIalB7gEG0VTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDLQL0N8+01Q9zTTfeiAPjJe1+LpMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvTXRBdlEzejdUVkQzTk5OOTZJQS1NbDdYNHVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAURaLMA0G
CSqGSIb3DQEBCwUAA4IBAQBdmGuswNOLErfHGsInw0Vr+/ZsTd1osRZ12p4XX3es
TYcLTuzL8s4ujlT/UvQliJeAbZ+LokIwYbuR/kLLJPNGdUkpWEa/FOFTx495Pcw0
Xh/G8bWy41r5LLicDjJUagEBUuLdtbpF/y5kB3EIrXmsje/fBpwXTlckNyXHJ/Xc
c6y7j/Hv+myB30LqjtsRDS5z81xJaxA1rtUQaaZVOG+8Obc0ovdyjzI0F1E+ydHZ
Csmhas90K/SSdyRtd+5cnZW4YFtw/Wcl4G1gCze6+swOrXVqI1zLa2tay/pCeRPp
AZF3wh2+iaXt/EZqnQoISu9UzZNRWF9Rv2jFLqaV+EJX
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:51:42 2025 by rpki-client