Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/gv18JjN9Gbu3lIDoJsUOtqGXsWE.roa
File: gv18JjN9Gbu3lIDoJsUOtqGXsWE.roa (raw, json)
Hash identifier: uU+MkOI8d7XtnzWKgI8B6uNvl2TUBTSusk9JZONNWKQ=
Subject key identifier: 82:FD:7C:26:33:7D:19:BB:B7:94:80:E8:26:C5:0E:B6:A1:97:B1:61
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018920769874994EB99C0D913C345C928CBD
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/gv18JjN9Gbu3lIDoJsUOtqGXsWE.roa
Signing time: Tue 04 Jul 2023 10:33:10 +0000
ROA not before: Tue 04 Jul 2023 10:33:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.185.24.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
89.185.2.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:20:76:98:74:99:4e:b9:9c:0d:91:3c:34:5c:92:8c:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jul 4 10:33:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=82fd7c26337d19bbb79480e826c50eb6a197b161
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:0e:aa:c0:8d:c5:e8:7d:3b:eb:a3:9a:6f:97:
a3:fc:36:c6:09:5a:f3:80:77:ca:eb:e1:ac:d7:8c:
4f:f8:da:d8:9e:5b:8b:60:ea:c5:aa:5e:89:be:53:
dd:da:0d:44:58:b9:6f:d8:64:b3:9b:a8:4d:e6:15:
b6:bf:13:6b:b3:36:d0:74:63:67:2e:c5:1a:30:c1:
ac:d1:e3:bf:9e:79:5c:11:9e:76:33:74:7d:d2:3a:
d2:ce:a5:a8:48:8a:86:bb:15:48:7c:c2:c6:96:44:
0e:9f:b1:77:e1:34:12:ea:9a:0c:f9:f0:9d:9d:67:
4a:ed:ed:9b:d0:3c:4d:17:17:3a:bc:df:f5:db:b5:
4f:6b:b5:68:ee:33:62:2b:be:af:6b:c8:28:c2:f9:
7d:e8:76:57:38:b5:6a:ed:f8:d8:bf:b9:9c:5e:8b:
20:f2:7b:24:c3:be:e4:38:7c:d3:fd:fe:0d:27:df:
b4:93:08:52:27:49:96:40:38:3e:40:3e:13:a2:0e:
18:18:7e:1e:14:cb:09:ca:5c:ae:d0:fb:2a:d0:48:
a1:1e:23:44:09:cb:22:8e:be:80:da:6a:b7:9c:85:
e2:a2:f9:29:93:f7:61:5a:66:3e:f2:7e:63:76:af:
a1:97:4f:39:e2:03:72:38:69:d6:4b:17:f5:04:60:
50:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:FD:7C:26:33:7D:19:BB:B7:94:80:E8:26:C5:0E:B6:A1:97:B1:61
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/gv18JjN9Gbu3lIDoJsUOtqGXsWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.0.0/22
89.185.24.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
29:e3:71:52:d6:73:40:f6:a3:4f:64:df:75:1f:df:cb:65:21:
4a:40:02:ea:92:f6:91:a4:56:5d:e9:98:08:aa:26:10:c0:e1:
18:f0:12:d6:8e:c5:9d:d6:5c:d9:db:68:81:89:aa:ec:04:b4:
9b:56:00:50:ef:02:bd:77:b2:33:d6:5e:be:4c:75:9f:e9:75:
45:fb:54:df:ae:49:f5:02:52:4b:72:21:97:29:45:79:7e:c4:
b1:37:4d:1f:9d:7d:63:ec:00:fb:1f:aa:42:ad:be:72:79:9e:
be:a6:56:1b:c5:2a:c1:de:fe:f9:99:63:07:8b:96:03:ae:22:
2e:8b:ec:0c:f1:ae:63:2b:85:b1:d1:b3:17:ad:c8:05:f4:82:
68:24:92:8f:22:fa:a9:54:e9:57:76:52:f6:3b:b3:15:21:f3:
61:fc:61:0e:d9:8f:b8:4e:00:06:15:88:96:37:82:1d:77:7c:
e9:be:a4:0b:0e:b3:6f:d4:3c:b4:bb:eb:cc:77:63:96:a4:22:
89:c2:dd:37:ce:6d:32:58:95:f4:90:31:ec:29:f9:2c:d6:38:
0e:7b:5e:09:2b:3c:cf:54:07:f9:ea:f2:1a:4f:bb:a4:ca:68:
ac:7f:b5:4f:e6:93:a9:be:d9:5f:12:de:e0:24:44:af:4f:32:
57:71:af:8b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYkgdph0mU65nA2RPDRckoy9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwNzA0MTAzMzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmZkN2MyNjMzN2QxOWJiYjc5NDgwZTgyNmM1MGViNmExOTdiMTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjA6qwI3F6H0766Oab5ej/DbGCVrz
gHfK6+Gs14xP+NrYnluLYOrFql6JvlPd2g1EWLlv2GSzm6hN5hW2vxNrszbQdGNn
LsUaMMGs0eO/nnlcEZ52M3R90jrSzqWoSIqGuxVIfMLGlkQOn7F34TQS6poM+fCd
nWdK7e2b0DxNFxc6vN/127VPa7Vo7jNiK76va8gowvl96HZXOLVq7fjYv7mcXosg
8nskw77kOHzT/f4NJ9+0kwhSJ0mWQDg+QD4Tog4YGH4eFMsJylyu0Psq0EihHiNE
Ccsijr6A2mq3nIXiovkpk/dhWmY+8n5jdq+hl0854gNyOGnWSxf1BGBQ/wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIL9fCYzfRm7t5SA6CbFDrahl7FhMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvZ3YxOEpqTjlHYnUzbElEb0pzVU90cUdYc1dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCWbkAAwQC
WbkYAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQAp43FS1nNA9qNPZN91H9/LZSFK
QALqkvaRpFZd6ZgIqiYQwOEY8BLWjsWd1lzZ22iBiarsBLSbVgBQ7wK9d7Iz1l6+
THWf6XVF+1Tfrkn1AlJLciGXKUV5fsSxN00fnX1j7AD7H6pCrb5yeZ6+plYbxSrB
3v75mWMHi5YDriIui+wM8a5jK4Wx0bMXrcgF9IJoJJKPIvqpVOlXdlL2O7MVIfNh
/GEO2Y+4TgAGFYiWN4Idd3zpvqQLDrNv1Dy0u+vMd2OWpCKJwt03zm0yWJX0kDHs
Kfks1jgOe14JKzzPVAf56vIaT7ukymisf7VP5pOpvtlfEt7gJESvTzJXca+L
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:39 2023 by rpki-client on console.sobornost.net