Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/htdTfdC7lRLjZBsxjrHA7IhEI8Q.roa
File: htdTfdC7lRLjZBsxjrHA7IhEI8Q.roa (raw, json)
Hash identifier: ybe8lDXvI9hN8TBs1LkYpaMukMDjYVdwbETH/DZ5tuE=
Subject key identifier: 86:D7:53:7D:D0:BB:95:12:E3:64:1B:31:8E:B1:C0:EC:88:44:23:C4
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0193CF70E4BEB7C8BF1B20C76D19505B9B1E
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/htdTfdC7lRLjZBsxjrHA7IhEI8Q.roa
Signing time: Mon 16 Dec 2024 12:28:22 +0000
ROA not before: Mon 16 Dec 2024 12:28:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 23
89.185.0.0/22 maxlen: 22
109.72.116.0/22 maxlen: 24
109.72.124.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Dec 2024 21:16:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:cf:70:e4:be:b7:c8:bf:1b:20:c7:6d:19:50:5b:9b:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Dec 16 12:28:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86d7537dd0bb9512e3641b318eb1c0ec884423c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:fb:61:de:4a:41:73:9e:30:ca:99:a8:e1:a9:
f6:28:84:d4:88:9f:ac:83:25:3b:41:5b:67:69:38:
20:0e:60:36:b7:c2:cc:38:6b:0a:9e:a7:3a:e7:c6:
f1:a1:a9:f4:93:d8:ee:9c:df:97:d0:aa:61:bb:64:
ff:cc:bb:8f:94:68:48:1a:3b:a5:15:58:96:dd:0d:
23:58:c1:88:69:e9:d1:39:16:75:83:13:9d:4e:29:
c9:ea:f8:bb:6f:29:0f:71:3c:52:17:40:38:68:35:
c4:a3:8a:bc:79:35:4c:cc:c5:21:73:da:37:58:2c:
73:08:fa:65:94:02:cf:9d:0e:d2:10:58:5f:04:14:
17:fa:fd:df:39:f2:f8:22:dd:8c:e9:f6:92:04:7a:
cd:f5:27:5e:95:3a:41:95:1b:f6:2e:15:0c:e7:d0:
81:b1:99:be:11:65:04:88:32:8c:a2:f0:fc:08:bf:
f1:f9:9f:da:8d:39:88:31:88:61:49:a9:56:fd:0d:
79:9a:ea:0a:cd:87:8a:f8:3a:20:d7:bd:39:9e:a8:
bc:50:bb:9a:d7:c9:27:fd:44:cf:0e:2a:92:d7:70:
04:4b:6c:19:8f:61:a0:3a:98:cd:d1:34:b0:55:29:
e6:41:6c:6b:a7:fb:2f:9d:0e:dd:59:a4:f8:2c:6b:
5c:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:D7:53:7D:D0:BB:95:12:E3:64:1B:31:8E:B1:C0:EC:88:44:23:C4
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/htdTfdC7lRLjZBsxjrHA7IhEI8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/22
89.185.0.0/22
109.72.116.0/22
109.72.124.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:95:e4:96:89:b2:a1:3a:b8:9a:c7:bf:44:46:1a:68:67:ef:
d6:64:4f:77:e7:6a:25:c9:23:54:f3:fe:1c:23:57:40:59:78:
fd:e7:7a:89:bb:00:f6:74:32:a1:56:16:8f:ba:e8:d3:fc:52:
32:2b:ad:a2:46:43:e1:f3:05:57:66:cb:d8:f9:30:1b:5e:8d:
e9:93:21:4c:0f:6c:10:0f:dc:f1:6b:3b:f4:4b:3d:0b:a9:0f:
09:d4:63:67:3f:4c:16:b0:ea:71:1b:b5:8f:5f:b5:2b:14:2b:
53:3d:23:77:57:cc:11:ae:10:bd:b2:7a:c1:f1:6b:35:ac:c3:
97:4d:38:09:c4:59:ba:db:db:ec:3f:28:34:50:49:c1:fb:3c:
be:01:cd:2f:04:47:14:e0:c5:0f:13:cb:b9:eb:1f:95:4a:6c:
3b:c8:07:f4:f9:24:62:d3:24:d3:09:64:76:2d:ca:45:f0:45:
61:ae:4d:4a:d8:a7:bd:2d:40:46:19:ee:d0:af:aa:87:f1:13:
a5:1a:ac:b5:fb:b0:fc:00:3a:21:a4:51:b9:3d:66:02:dd:c8:
36:2b:11:92:0b:7f:bd:7e:21:e1:ab:a6:55:72:41:9c:0a:10:
9a:1c:6c:eb:89:75:26:a4:80:d4:bd:13:f2:9b:bc:e4:53:a0:
f3:3d:98:d0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZPPcOS+t8i/GyDHbRlQW5seMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQxMjE2MTIyODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmQ3NTM3ZGQwYmI5NTEyZTM2NDFiMzE4ZWIxYzBlYzg4NDQyM2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Pth3kpBc54wypmo4an2KITUiJ+s
gyU7QVtnaTggDmA2t8LMOGsKnqc658bxoan0k9junN+X0Kphu2T/zLuPlGhIGjul
FViW3Q0jWMGIaenRORZ1gxOdTinJ6vi7bykPcTxSF0A4aDXEo4q8eTVMzMUhc9o3
WCxzCPpllALPnQ7SEFhfBBQX+v3fOfL4It2M6faSBHrN9SdelTpBlRv2LhUM59CB
sZm+EWUEiDKMovD8CL/x+Z/ajTmIMYhhSalW/Q15muoKzYeK+Dog1705nqi8ULua
18kn/UTPDiqS13AES2wZj2GgOpjN0TSwVSnmQWxrp/svnQ7dWaT4LGtcLQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIbXU33Qu5US42QbMY6xwOyIRCPEMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvaHRkVGZkQzdsUkxqWkJzeGpySEE3SWhFSThRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCURaIAwQC
WbkAAwQCbUh0AwQAbUh8MA0GCSqGSIb3DQEBCwUAA4IBAQCbleSWibKhOriax79E
RhpoZ+/WZE9352olySNU8/4cI1dAWXj953qJuwD2dDKhVhaPuujT/FIyK62iRkPh
8wVXZsvY+TAbXo3pkyFMD2wQD9zxazv0Sz0LqQ8J1GNnP0wWsOpxG7WPX7UrFCtT
PSN3V8wRrhC9snrB8Ws1rMOXTTgJxFm629vsPyg0UEnB+zy+Ac0vBEcU4MUPE8u5
6x+VSmw7yAf0+SRi0yTTCWR2LcpF8EVhrk1K2Ke9LUBGGe7Qr6qH8ROlGqy1+7D8
ADohpFG5PWYC3cg2KxGSC3+9fiHhq6ZVckGcChCaHGzriXUmpIDUvRPym7zkU6Dz
PZjQ
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:55:47 2025 by rpki-client