Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/sDY1Gx_FqeEE8L7af1W3leut9lE.roa
File: sDY1Gx_FqeEE8L7af1W3leut9lE.roa (raw, json)
Hash identifier: rY4d0Wu4rWaTiEB/+9jZYzcemMLLYslC0DfiMelkP+E=
Subject key identifier: B0:36:35:1B:1F:C5:A9:E1:04:F0:BE:DA:7F:55:B7:95:EB:AD:F6:51
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 019343E4D3E56F65ED02743426041ABC0F29
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/sDY1Gx_FqeEE8L7af1W3leut9lE.roa
Signing time: Tue 19 Nov 2024 10:08:10 +0000
ROA not before: Tue 19 Nov 2024 10:08:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 23
89.185.0.0/22 maxlen: 22
109.72.116.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Dec 2024 12:28:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:43:e4:d3:e5:6f:65:ed:02:74:34:26:04:1a:bc:0f:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Nov 19 10:08:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b036351b1fc5a9e104f0beda7f55b795ebadf651
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:9b:a2:93:ea:52:1e:3c:67:94:be:a0:ce:a7:
ae:3e:db:60:d6:d1:cb:f8:1f:27:12:b2:a7:e5:c7:
c3:a6:fa:ec:b5:89:3f:5c:28:ff:0a:e4:b1:82:f0:
22:6c:bd:4c:be:6e:a0:17:b3:12:c7:1d:53:7a:46:
7c:de:70:96:44:b6:27:32:d3:31:f4:14:28:4d:fe:
9d:f5:22:34:b1:b0:ba:8f:4a:3b:a2:a1:3a:4c:00:
22:fb:81:f2:75:11:3a:34:b4:34:23:bb:fa:c2:0c:
cf:d2:07:fc:82:52:f4:34:62:0f:3e:59:e7:0c:ae:
f7:46:d9:a1:13:3c:98:d9:e2:9b:2a:7e:b9:7f:20:
d1:d9:f1:5a:4f:e3:30:11:a2:3b:ee:69:2c:e9:9a:
44:71:10:7c:e2:80:e9:bc:84:99:e8:5c:22:76:e9:
42:2d:6f:f5:22:d5:94:10:55:70:11:d7:3d:db:73:
a7:00:c2:c5:f2:33:98:a7:d6:6a:c1:96:b3:f8:76:
19:21:5a:ea:7d:55:24:f2:26:91:fd:96:6a:0b:45:
37:63:38:70:6f:d5:44:8b:d3:09:14:c0:76:fb:d5:
20:27:59:0a:14:38:e7:17:02:98:c0:0e:1f:38:29:
e7:82:29:57:78:b4:88:8f:8f:3c:49:91:5f:b3:de:
01:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:36:35:1B:1F:C5:A9:E1:04:F0:BE:DA:7F:55:B7:95:EB:AD:F6:51
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/sDY1Gx_FqeEE8L7af1W3leut9lE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/22
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
34:c2:5f:5e:43:81:53:07:e8:61:42:35:3f:4d:0d:89:d3:0c:
e7:7b:cd:0f:f8:41:a6:6e:44:1c:6d:84:e6:10:e7:11:20:d9:
58:d9:b4:0a:95:85:38:61:e5:c1:fb:84:47:3f:05:4b:7a:31:
e4:95:b0:10:22:df:c0:3e:ee:8e:09:9b:e5:b5:7f:40:81:42:
44:b0:1e:ef:27:ce:f8:94:06:08:f1:97:c1:21:2b:b8:3c:56:
12:21:55:dd:03:70:22:1f:50:b3:7a:7d:d7:eb:9c:7c:fd:79:
f5:8a:7a:2e:90:8c:7a:a0:59:1b:ce:4b:2e:b6:db:25:cc:26:
ff:09:34:24:97:c1:da:31:0a:25:48:31:c3:e1:c5:c1:73:4f:
b5:8c:14:ff:bb:34:f5:ba:fd:83:38:fa:94:e8:5a:a5:97:91:
59:f4:74:7c:a3:ba:a9:5b:b5:1f:c1:f3:f1:fb:28:ce:7a:a8:
db:bf:36:33:90:c3:96:68:ae:18:7e:06:c9:d7:17:8a:ba:9e:
5d:1a:75:fd:c5:85:b5:6e:70:45:b6:b9:d1:5d:40:a2:83:66:
6e:e1:47:09:cd:de:5e:6e:25:09:2d:4c:dc:9d:3c:63:e2:a3:
37:ff:34:05:fc:fd:55:48:5b:58:5b:c9:c6:55:3d:17:4c:c3:
9a:01:3f:ca
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZND5NPlb2XtAnQ0JgQavA8pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQxMTE5MTAwODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDM2MzUxYjFmYzVhOWUxMDRmMGJlZGE3ZjU1Yjc5NWViYWRmNjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJuik+pSHjxnlL6gzqeuPttg1tHL
+B8nErKn5cfDpvrstYk/XCj/CuSxgvAibL1Mvm6gF7MSxx1TekZ83nCWRLYnMtMx
9BQoTf6d9SI0sbC6j0o7oqE6TAAi+4HydRE6NLQ0I7v6wgzP0gf8glL0NGIPPlnn
DK73RtmhEzyY2eKbKn65fyDR2fFaT+MwEaI77mks6ZpEcRB84oDpvISZ6FwidulC
LW/1ItWUEFVwEdc923OnAMLF8jOYp9ZqwZaz+HYZIVrqfVUk8iaR/ZZqC0U3Yzhw
b9VEi9MJFMB2+9UgJ1kKFDjnFwKYwA4fOCnngilXeLSIj488SZFfs94BEQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLA2NRsfxanhBPC+2n9Vt5XrrfZRMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvc0RZMUd4X0ZxZUVFOEw3YWYxVzNsZXV0OWxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCURaIAwQC
WbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQA0wl9eQ4FTB+hhQjU/TQ2J0wzn
e80P+EGmbkQcbYTmEOcRINlY2bQKlYU4YeXB+4RHPwVLejHklbAQIt/APu6OCZvl
tX9AgUJEsB7vJ874lAYI8ZfBISu4PFYSIVXdA3AiH1Czen3X65x8/Xn1inoukIx6
oFkbzksuttslzCb/CTQkl8HaMQolSDHD4cXBc0+1jBT/uzT1uv2DOPqU6Fqll5FZ
9HR8o7qpW7UfwfPx+yjOeqjbvzYzkMOWaK4YfgbJ1xeKup5dGnX9xYW1bnBFtrnR
XUCig2Zu4UcJzd5ebiUJLUzcnTxj4qM3/zQF/P1VSFtYW8nGVT0XTMOaAT/K
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:25:47 2025 by rpki-client