Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/3ReWUm7j3j1XzdomH4uYSxHcGJM.roa
File: 3ReWUm7j3j1XzdomH4uYSxHcGJM.roa (raw, json)
Hash identifier: tbkUDi7vZn3aS/Dm9uBWdsh45g6aD/bgOxGNBkI6LAc=
Subject key identifier: DD:17:96:52:6E:E3:DE:3D:57:CD:DA:26:1F:8B:98:4B:11:DC:18:93
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 01892B20E79897AF3A0B287CB12E4C63A911
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/3ReWUm7j3j1XzdomH4uYSxHcGJM.roa
Signing time: Thu 06 Jul 2023 12:15:24 +0000
ROA not before: Thu 06 Jul 2023 12:15:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 81.22.136.0/22 maxlen: 24
109.72.116.0/24 maxlen: 24
109.72.118.0/24 maxlen: 24
109.72.117.0/24 maxlen: 24
109.72.115.0/24 maxlen: 24
109.72.114.0/24 maxlen: 24
89.185.2.0/24 maxlen: 24
81.22.129.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:2b:20:e7:98:97:af:3a:0b:28:7c:b1:2e:4c:63:a9:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jul 6 12:15:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd1796526ee3de3d57cdda261f8b984b11dc1893
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:66:bd:30:fc:2c:3f:1e:31:ad:25:64:4f:ba:
ae:74:f9:4d:ad:b1:9d:50:e0:20:b5:a2:13:aa:c4:
02:24:0b:5a:b8:2b:f4:c5:39:c5:59:01:6b:ee:b8:
e8:a6:13:05:df:85:a7:a3:9b:43:33:af:97:14:1b:
a8:00:82:41:92:ad:99:49:38:7d:73:5c:e6:00:8b:
bf:60:4a:c9:8e:fb:f2:91:84:c5:99:f1:7d:6f:21:
7f:2f:45:a6:ec:1b:94:b3:3b:5c:3a:2c:82:65:55:
50:83:78:98:51:4d:6a:8f:d4:ca:bb:7d:01:9a:c2:
31:b1:0d:2f:61:c9:25:c7:18:6f:51:82:41:c0:0f:
7b:86:8b:9a:cf:40:1e:b5:7c:0b:6b:d7:f6:24:25:
9a:d1:b6:2e:b2:3e:a3:9f:b0:79:fd:e4:38:2b:2e:
33:49:9a:b5:e7:c0:df:08:4f:85:c1:3b:bd:9f:82:
7f:19:cc:63:9f:06:96:12:bd:56:cb:93:71:1e:d4:
b4:a4:d4:c6:b5:ad:b0:9d:c8:34:67:ab:d2:f0:b6:
38:29:16:d8:c7:43:2b:e1:b9:66:01:18:d5:15:2f:
a6:ef:9e:2b:16:5a:84:ec:76:fb:0f:f7:3c:09:5e:
de:b8:5e:82:ae:0f:7f:36:fe:fa:0f:1d:b1:68:e1:
d2:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:17:96:52:6E:E3:DE:3D:57:CD:DA:26:1F:8B:98:4B:11:DC:18:93
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/3ReWUm7j3j1XzdomH4uYSxHcGJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.129.0/24
81.22.136.0/22
89.185.2.0/24
109.72.114.0-109.72.118.255
Signature Algorithm: sha256WithRSAEncryption
7d:65:cc:75:a6:f8:2f:db:ae:d8:ec:3f:ad:4f:2b:c8:5e:a8:
4c:43:24:5b:c2:e9:3f:45:49:fb:cd:b1:02:f9:16:4c:fd:b1:
e1:5b:fd:d4:a7:d4:06:8a:ad:18:4f:8a:57:ef:15:14:e7:ea:
07:70:69:3c:90:14:a6:45:f6:c5:ae:f6:7a:11:cb:f6:89:42:
be:a9:44:e3:2d:87:e3:7b:a5:72:6b:d0:03:9b:60:ee:f6:2c:
c5:28:b3:8b:b7:43:43:64:1a:8d:89:ce:0b:a9:07:44:36:bb:
b9:59:43:62:6a:45:7c:d6:51:8d:f6:ca:e1:7e:c8:4f:ce:2a:
0c:17:8d:b1:ff:e7:ef:85:e2:ae:bc:48:10:5c:f7:db:b1:39:
d7:3f:c7:5c:c2:1e:20:74:db:1b:74:c9:fa:05:ec:5a:c0:f0:
b4:d8:20:c0:23:8b:f4:fc:0e:1e:65:52:fa:bd:87:29:4e:94:
6e:9c:02:30:7e:d2:f0:f6:5d:71:81:18:b6:98:db:a9:27:d1:
5a:17:4f:7d:3a:ff:97:d6:1b:40:d5:45:59:7a:3c:8a:ac:1a:
39:df:41:38:eb:95:82:43:dd:f4:44:23:e0:08:10:22:07:84:
c0:3b:f3:85:01:d9:b1:bb:71:1c:25:df:9a:da:bf:a0:ce:a4:
4c:cf:9c:aa
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYkrIOeYl686Cyh8sS5MY6kRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwNzA2MTIxNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDE3OTY1MjZlZTNkZTNkNTdjZGRhMjYxZjhiOTg0YjExZGMxODkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+ma9MPwsPx4xrSVkT7qudPlNrbGd
UOAgtaITqsQCJAtauCv0xTnFWQFr7rjophMF34Wno5tDM6+XFBuoAIJBkq2ZSTh9
c1zmAIu/YErJjvvykYTFmfF9byF/L0Wm7BuUsztcOiyCZVVQg3iYUU1qj9TKu30B
msIxsQ0vYcklxxhvUYJBwA97houaz0AetXwLa9f2JCWa0bYusj6jn7B5/eQ4Ky4z
SZq158DfCE+FwTu9n4J/GcxjnwaWEr1Wy5NxHtS0pNTGta2wncg0Z6vS8LY4KRbY
x0Mr4blmARjVFS+m754rFlqE7Hb7D/c8CV7euF6Crg9/Nv76Dx2xaOHSrQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFN0XllJu4949V83aJh+LmEsR3BiTMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvM1JlV1VtN2ozajFYemRvbUg0dVlTeEhjR0pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAURaBAwQC
URaIAwQAWbkCMAwDBAFtSHIDBABtSHYwDQYJKoZIhvcNAQELBQADggEBAH1lzHWm
+C/brtjsP61PK8heqExDJFvC6T9FSfvNsQL5Fkz9seFb/dSn1AaKrRhPilfvFRTn
6gdwaTyQFKZF9sWu9noRy/aJQr6pROMth+N7pXJr0AObYO72LMUos4u3Q0NkGo2J
zgupB0Q2u7lZQ2JqRXzWUY32yuF+yE/OKgwXjbH/5++F4q68SBBc99uxOdc/x1zC
HiB02xt0yfoF7FrA8LTYIMAji/T8Dh5lUvq9hylOlG6cAjB+0vD2XXGBGLaY26kn
0VoXT306/5fWG0DVRVl6PIqsGjnfQTjrlYJD3fREI+AIECIHhMA784UB2bG7cRwl
35rav6DOpEzPnKo=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:38 2023 by rpki-client on console.sobornost.net