Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/85acab7RyQsFtxQn6QB5ckGgFp4.roa
File: 85acab7RyQsFtxQn6QB5ckGgFp4.roa (raw, json)
Hash identifier: 2lYw+3IdhW8/PV5MYbXHKEFwGy7d15aU4uAgcw8YLUc=
Subject key identifier: F3:96:9C:69:BE:D1:C9:0B:05:B7:14:27:E9:00:79:72:41:A0:16:9E
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018EEDB32B872F86F9F9691877176D269F11
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/85acab7RyQsFtxQn6QB5ckGgFp4.roa
Signing time: Wed 17 Apr 2024 20:15:25 +0000
ROA not before: Wed 17 Apr 2024 20:15:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.244.0/22 maxlen: 24
91.186.204.0/22 maxlen: 24
94.241.168.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Apr 2024 14:07:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ed:b3:2b:87:2f:86:f9:f9:69:18:77:17:6d:26:9f:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Apr 17 20:15:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3969c69bed1c90b05b71427e900797241a0169e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:bc:3a:be:60:01:cc:e1:b3:a5:2b:9f:bc:50:
60:88:f7:6b:18:4b:57:07:f3:de:3a:50:8c:49:fd:
f4:1f:1d:e8:51:a3:f9:50:1c:05:95:c9:3b:05:aa:
61:27:4c:1f:b5:e3:3d:99:22:3e:2d:68:82:92:b6:
c4:e4:d5:97:4d:ad:1d:5d:7c:dc:dd:ed:49:b9:44:
d9:88:bd:1a:b6:a3:3c:ff:5b:22:71:a5:9f:3e:e5:
13:87:a5:30:25:3c:dc:12:41:63:b0:ab:48:51:4e:
fd:c8:ff:52:07:37:ca:28:d8:a9:75:71:ce:e3:25:
15:e1:cd:1b:ea:ff:28:d4:17:6f:37:00:0b:72:bb:
da:78:a6:d3:64:f1:9e:1e:5b:bf:d6:16:7a:93:c9:
cf:c0:b9:a5:da:31:85:29:6a:45:87:4e:3e:75:52:
11:f7:c2:34:1b:d7:2b:d7:72:39:6e:05:88:3d:92:
88:55:7d:21:23:16:b7:22:eb:37:12:b0:17:07:44:
3a:bf:e0:01:8a:4b:74:59:bb:70:4d:b9:32:43:da:
48:3c:a5:31:c2:a4:fc:b6:ef:d5:7f:1f:d8:4b:bb:
28:96:c8:be:87:a9:cc:ce:68:9f:f0:7e:de:29:59:
7e:c5:cb:a7:29:18:29:d7:fc:5c:67:13:fa:cc:4e:
4f:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:96:9C:69:BE:D1:C9:0B:05:B7:14:27:E9:00:79:72:41:A0:16:9E
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/85acab7RyQsFtxQn6QB5ckGgFp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.244.0/22
91.186.204.0/22
94.241.168.0/21
Signature Algorithm: sha256WithRSAEncryption
6b:8c:ae:56:f9:a7:be:6f:94:28:90:b7:3d:65:29:fd:72:c6:
9d:30:9b:8e:79:64:66:aa:73:52:2c:a4:ba:86:20:1b:06:19:
13:b8:b2:13:2a:7f:0e:56:81:ba:24:68:c7:d4:fa:97:fb:af:
02:c0:78:74:a8:b2:b9:85:48:bc:c3:6d:c1:12:d9:5e:59:db:
87:f7:01:65:cf:f2:5d:ce:fb:97:2f:a3:21:b9:48:d8:a1:f7:
ca:a6:76:ec:3a:4c:2f:ac:02:8c:61:3f:8a:33:33:9e:4f:76:
79:64:6f:bd:fa:3e:12:01:72:11:50:ae:b3:fe:33:43:d7:d0:
1f:ee:e7:01:42:2a:86:49:77:eb:8a:80:18:d2:ba:60:8e:30:
a0:31:dd:fa:10:dc:4b:ee:1a:c1:20:41:8c:8e:95:a6:6d:83:
8a:11:4b:d2:05:86:38:40:75:94:f0:d2:90:4c:1f:f1:74:35:
89:40:71:ff:b2:72:c9:79:d1:7f:a0:ae:e3:15:68:7b:cc:75:
53:f2:15:ae:7d:37:7a:a0:d2:b2:69:71:7b:44:97:cd:6f:df:
6d:a0:53:a8:29:8d:0f:b9:81:4b:3b:d7:9f:4b:76:ee:1a:d7:
ba:11:de:ad:ac:73:e1:c5:f4:37:0d:83:56:4a:60:ed:4c:37:
b6:d3:a0:e7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY7tsyuHL4b5+WkYdxdtJp8RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwNDE3MjAxNTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzk2OWM2OWJlZDFjOTBiMDViNzE0MjdlOTAwNzk3MjQxYTAxNjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7w6vmABzOGzpSufvFBgiPdrGEtX
B/PeOlCMSf30Hx3oUaP5UBwFlck7BaphJ0wfteM9mSI+LWiCkrbE5NWXTa0dXXzc
3e1JuUTZiL0atqM8/1sicaWfPuUTh6UwJTzcEkFjsKtIUU79yP9SBzfKKNipdXHO
4yUV4c0b6v8o1BdvNwALcrvaeKbTZPGeHlu/1hZ6k8nPwLml2jGFKWpFh04+dVIR
98I0G9cr13I5bgWIPZKIVX0hIxa3Ius3ErAXB0Q6v+ABikt0WbtwTbkyQ9pIPKUx
wqT8tu/Vfx/YS7solsi+h6nMzmif8H7eKVl+xcunKRgp1/xcZxP6zE5PgwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPOWnGm+0ckLBbcUJ+kAeXJBoBaeMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvODVhY2FiN1J5UXNGdHhRbjZRQjVja0dnRnA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCU5P0AwQC
W7rMAwQDXvGoMA0GCSqGSIb3DQEBCwUAA4IBAQBrjK5W+ae+b5QokLc9ZSn9csad
MJuOeWRmqnNSLKS6hiAbBhkTuLITKn8OVoG6JGjH1PqX+68CwHh0qLK5hUi8w23B
EtleWduH9wFlz/JdzvuXL6MhuUjYoffKpnbsOkwvrAKMYT+KMzOeT3Z5ZG+9+j4S
AXIRUK6z/jND19Af7ucBQiqGSXfrioAY0rpgjjCgMd36ENxL7hrBIEGMjpWmbYOK
EUvSBYY4QHWU8NKQTB/xdDWJQHH/snLJedF/oK7jFWh7zHVT8hWufTd6oNKyaXF7
RJfNb99toFOoKY0PuYFLO9efS3buGte6Ed6trHPhxfQ3DYNWSmDtTDe206Dn
-----END CERTIFICATE-----
Generated at Mon Apr 29 17:07:24 2024 by rpki-client on console-fra.rpki-client.org