Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/CmzyfcMXksumIInxouGDO8uc6js.roa
File: CmzyfcMXksumIInxouGDO8uc6js.roa (raw, json)
Hash identifier: 1LeukzjXF/DzglQ8ahYYhQVq/6tmSYT8DWhxlk5/HlA=
Subject key identifier: 0A:6C:F2:7D:C3:17:92:CB:A6:20:89:F1:A2:E1:83:3B:CB:9C:EA:3B
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018D03F19656BFBE310C0F7693711E284677
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/CmzyfcMXksumIInxouGDO8uc6js.roa
Signing time: Sat 13 Jan 2024 17:49:40 +0000
ROA not before: Sat 13 Jan 2024 17:49:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 23
81.22.140.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
109.72.113.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sat 13 Jan 2024 18:23:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:03:f1:96:56:bf:be:31:0c:0f:76:93:71:1e:28:46:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 13 17:49:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a6cf27dc31792cba62089f1a2e1833bcb9cea3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:2f:52:ac:22:2a:be:46:e4:23:bf:db:bc:b6:
4c:bd:73:15:bb:a4:ae:ab:75:ff:65:e3:4c:7f:4a:
a8:0c:2a:08:7f:f4:6b:e4:f2:f0:c1:7e:c6:6e:fa:
28:ac:e7:a6:1d:b5:bf:31:4e:ee:e8:7c:5e:b5:39:
f3:e6:e1:36:16:c9:4b:b8:24:43:3e:a9:c7:8a:b4:
18:8c:db:38:c7:50:d7:83:b8:f5:9b:7d:2c:9b:f6:
c3:f5:8a:47:bf:b3:0b:88:36:bf:02:d8:75:7e:99:
70:1b:8f:66:70:ba:a1:06:54:79:b5:b3:a2:75:b1:
98:99:41:55:d8:38:f3:55:f6:da:33:6a:b2:d3:4b:
c7:fd:59:cd:1e:9d:1a:ae:14:f2:58:4a:14:6b:57:
1b:9d:1f:a3:7f:f0:48:ed:28:56:64:b0:70:78:7e:
c6:49:82:49:16:3f:36:91:ae:48:ec:01:f0:6d:c8:
2f:a4:7e:13:de:98:fc:f2:1f:95:c3:fc:f9:c9:f2:
76:c6:82:c0:e5:67:b8:2f:68:52:db:8f:4d:1f:92:
62:23:78:02:34:89:f5:47:d4:ce:b6:2f:c8:49:b2:
32:fd:8f:57:02:51:d6:96:de:18:7e:48:80:77:bd:
93:d4:0d:78:00:36:35:f1:00:ce:1c:9e:80:ff:57:
08:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:6C:F2:7D:C3:17:92:CB:A6:20:89:F1:A2:E1:83:3B:CB:9C:EA:3B
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/CmzyfcMXksumIInxouGDO8uc6js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
109.72.113.0/24
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
38:0d:ce:72:93:8a:36:dd:a6:b3:66:54:60:8b:a5:39:c0:cb:
58:b9:1b:77:be:2b:e7:a7:51:b7:ab:75:93:10:9c:fc:87:9a:
68:b4:65:f8:0e:d4:67:ad:3b:8d:a2:e6:5a:62:b2:25:08:ed:
02:1f:f7:76:b9:03:f8:28:c5:c9:5a:e9:b7:ad:6d:cb:59:b6:
b7:5a:17:d4:cb:b6:6b:8d:d6:7d:db:b1:56:56:ef:5e:d7:7d:
4a:5d:ec:72:84:b0:60:bc:ba:0a:db:b3:02:10:64:61:ff:2b:
8a:a7:8d:de:4d:e1:99:c6:d5:f8:01:d1:f5:a9:a4:21:ec:b4:
25:46:13:df:63:b2:a3:25:5a:57:d8:55:d3:36:9a:be:55:b7:
0e:c0:f6:14:6b:74:5a:7a:fb:56:92:d9:85:16:36:6d:3d:68:
ce:f2:05:9f:dc:2f:38:80:cd:e9:4c:f9:ef:6c:ee:e3:99:81:
e2:2c:65:c8:73:b7:c2:b7:2a:a2:ba:9a:03:a2:dd:54:41:77:
8c:9c:ed:ea:d0:11:19:d3:19:4d:97:9d:3f:0d:26:0e:57:eb:
5f:c4:6b:e8:f3:0f:3b:3c:01:4b:21:ee:1a:52:a7:fb:42:1c:
1e:85:4a:63:79:d3:16:b8:00:d2:3a:27:dc:fe:80:a7:a7:31:
22:0b:80:19
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY0D8ZZWv74xDA92k3EeKEZ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMTEzMTc0OTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTZjZjI3ZGMzMTc5MmNiYTYyMDg5ZjFhMmUxODMzYmNiOWNlYTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyi9SrCIqvkbkI7/bvLZMvXMVu6Su
q3X/ZeNMf0qoDCoIf/Rr5PLwwX7GbvoorOemHbW/MU7u6HxetTnz5uE2FslLuCRD
PqnHirQYjNs4x1DXg7j1m30sm/bD9YpHv7MLiDa/Ath1fplwG49mcLqhBlR5tbOi
dbGYmUFV2DjzVfbaM2qy00vH/VnNHp0arhTyWEoUa1cbnR+jf/BI7ShWZLBweH7G
SYJJFj82ka5I7AHwbcgvpH4T3pj88h+Vw/z5yfJ2xoLA5We4L2hS249NH5JiI3gC
NIn1R9TOti/ISbIy/Y9XAlHWlt4YfkiAd72T1A14ADY18QDOHJ6A/1cICwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAps8n3DF5LLpiCJ8aLhgzvLnOo7MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvQ216eWZjTVhrc3VtSUlueG91R0RPOHVjNmpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDURaIAwQC
WbkAAwQAbUhxAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQA4Dc5yk4o23aazZlRg
i6U5wMtYuRt3vivnp1G3q3WTEJz8h5potGX4DtRnrTuNouZaYrIlCO0CH/d2uQP4
KMXJWum3rW3LWba3WhfUy7ZrjdZ927FWVu9e131KXexyhLBgvLoK27MCEGRh/yuK
p43eTeGZxtX4AdH1qaQh7LQlRhPfY7KjJVpX2FXTNpq+VbcOwPYUa3RaevtWktmF
FjZtPWjO8gWf3C84gM3pTPnvbO7jmYHiLGXIc7fCtyqiupoDot1UQXeMnO3q0BEZ
0xlNl50/DSYOV+tfxGvo8w87PAFLIe4aUqf7QhwehUpjedMWuADSOifc/oCnpzEi
C4AZ
-----END CERTIFICATE-----
Generated at Mon Apr 28 09:10:49 2025 by rpki-client