Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/6107e4-4393-4cbe-a6c2-27c1a35976de/1/s9WQg73mRx_2rqwpwOqcB1jhsDI.roa
File: s9WQg73mRx_2rqwpwOqcB1jhsDI.roa (raw, json)
Hash identifier: w1tc91Nj0ssbqYVKfnw49+4VeSnnUoxvOAysaU4SaHU=
Subject key identifier: B3:D5:90:83:BD:E6:47:1F:F6:AE:AC:29:C0:EA:9C:07:58:E1:B0:32
Certificate issuer: /CN=2940b694bba095344e4bdb99f51e1f1023be57ce
Certificate serial: 01856F949BE2E3FF913275F2F947756C53AC
Authority key identifier: 29:40:B6:94:BB:A0:95:34:4E:4B:DB:99:F5:1E:1F:10:23:BE:57:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KUC2lLuglTROS9uZ9R4fECO-V84.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/6107e4-4393-4cbe-a6c2-27c1a35976de/1/s9WQg73mRx_2rqwpwOqcB1jhsDI.roa
Signing time: Sun 01 Jan 2023 23:04:48 +0000
ROA not before: Sun 01 Jan 2023 23:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31138
IP address blocks: 83.217.0.0/22 maxlen: 22
2a00:d8c0::/48 maxlen: 128
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:9b:e2:e3:ff:91:32:75:f2:f9:47:75:6c:53:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2940b694bba095344e4bdb99f51e1f1023be57ce
Validity
Not Before: Jan 1 23:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3d59083bde6471ff6aeac29c0ea9c0758e1b032
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:37:84:6b:a7:fb:1e:75:0a:e8:a8:1a:48:49:
a2:4f:e3:48:e5:c9:8b:da:6f:a3:06:21:81:04:8d:
2e:a5:d9:31:93:a5:1f:69:57:d5:fd:be:99:4b:9f:
eb:0a:e4:36:f7:e3:41:0e:b5:98:5d:c6:93:45:0b:
4b:09:ff:13:4f:50:61:4c:1f:92:0a:31:26:37:f5:
ac:35:0a:cc:a2:a5:04:d3:cc:61:58:bc:58:4c:3f:
62:ec:cf:a2:62:be:9f:90:94:52:c3:c6:37:a1:3a:
70:8b:f2:53:0a:32:92:e1:68:0d:5d:a0:f4:f6:e8:
29:2b:49:34:ca:8c:d6:a1:e7:93:71:0f:35:fe:88:
df:69:7d:8c:ef:0f:6a:c4:fb:80:7f:09:a7:c1:fb:
07:73:33:b9:f3:f9:57:6d:6d:1e:4e:32:28:5c:2e:
7f:4f:34:44:a4:8f:36:eb:9b:11:77:4e:23:1a:8c:
4e:47:90:63:9f:ef:36:22:1a:a1:6e:46:a4:70:28:
07:0e:5f:fc:a7:cc:b5:09:ec:f7:4b:ca:15:73:79:
c9:57:73:87:28:78:15:d2:95:6c:05:0b:15:9f:7c:
e7:2a:2f:52:77:ce:f0:94:cc:fe:7d:cf:1f:e0:41:
ae:ec:0b:35:92:f2:f9:47:89:05:ce:2e:da:c0:cc:
0d:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:D5:90:83:BD:E6:47:1F:F6:AE:AC:29:C0:EA:9C:07:58:E1:B0:32
X509v3 Authority Key Identifier:
keyid:29:40:B6:94:BB:A0:95:34:4E:4B:DB:99:F5:1E:1F:10:23:BE:57:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KUC2lLuglTROS9uZ9R4fECO-V84.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/6107e4-4393-4cbe-a6c2-27c1a35976de/1/s9WQg73mRx_2rqwpwOqcB1jhsDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/6107e4-4393-4cbe-a6c2-27c1a35976de/1/KUC2lLuglTROS9uZ9R4fECO-V84.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.217.0.0/22
IPv6:
2a00:d8c0::/48
Signature Algorithm: sha256WithRSAEncryption
82:71:d9:79:79:bf:57:38:21:da:b4:9a:4d:70:87:2e:99:98:
a7:c1:c7:78:82:a4:e4:63:67:60:dc:c2:ab:da:85:98:4a:07:
ee:4d:c7:2a:79:a7:c9:d7:bc:f6:55:5c:4d:f4:bc:1a:a8:2e:
71:9f:df:41:7d:22:65:a0:81:ed:f2:12:24:9c:06:5b:d9:14:
07:17:b9:7c:3b:eb:65:ea:36:85:fb:6f:76:3f:4c:1c:e3:09:
95:f8:f4:ae:aa:d6:30:9b:1a:15:d8:6d:e7:68:93:61:6d:2b:
2c:cb:d3:60:54:7d:0e:08:53:d0:36:a0:f4:a7:66:b3:29:3d:
51:5f:9a:5d:15:b5:a4:c1:c4:e8:fc:a1:95:d7:2e:58:fe:7d:
e2:3a:47:8a:a7:b2:e5:15:6c:fe:e2:2a:db:c6:44:f7:11:32:
b5:a0:25:9d:09:53:8c:d9:12:3d:25:aa:cc:38:50:e1:f3:ad:
fb:86:6a:bc:bc:01:e8:73:c7:d1:86:c7:d9:5d:13:20:f4:a8:
75:39:a0:08:54:ac:01:8c:ab:a1:b1:36:a4:e8:9f:9d:12:b8:
96:7e:9e:26:c5:f1:2f:37:86:7e:49:fc:5b:3a:94:cd:e2:c9:
b4:3d:2d:d9:0b:eb:df:03:ff:eb:24:5a:44:e2:42:64:16:c4:
0f:90:f9:6a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvlJvi4/+RMnXy+Ud1bFOsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NDBiNjk0YmJhMDk1MzQ0ZTRiZGI5OWY1MWUxZjEwMjNi
ZTU3Y2UwHhcNMjMwMTAxMjMwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2Q1OTA4M2JkZTY0NzFmZjZhZWFjMjljMGVhOWMwNzU4ZTFiMDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDeEa6f7HnUK6KgaSEmiT+NI5cmL
2m+jBiGBBI0updkxk6UfaVfV/b6ZS5/rCuQ29+NBDrWYXcaTRQtLCf8TT1BhTB+S
CjEmN/WsNQrMoqUE08xhWLxYTD9i7M+iYr6fkJRSw8Y3oTpwi/JTCjKS4WgNXaD0
9ugpK0k0yozWoeeTcQ81/ojfaX2M7w9qxPuAfwmnwfsHczO58/lXbW0eTjIoXC5/
TzREpI8265sRd04jGoxOR5Bjn+82IhqhbkakcCgHDl/8p8y1Cez3S8oVc3nJV3OH
KHgV0pVsBQsVn3znKi9Sd87wlMz+fc8f4EGu7As1kvL5R4kFzi7awMwNKQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLPVkIO95kcf9q6sKcDqnAdY4bAyMB8GA1UdIwQY
MBaAFClAtpS7oJU0TkvbmfUeHxAjvlfOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1VDMmxMdWdsVFJPUzl1WjlSNGZFQ08tVjg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi82MTA3ZTQtNDM5My00Y2JlLWE2YzIt
MjdjMWEzNTk3NmRlLzEvczlXUWc3M21SeF8ycnF3cHdPcWNCMWpoc0RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi82MTA3ZTQtNDM5My00Y2JlLWE2YzItMjdjMWEzNTk3NmRl
LzEvS1VDMmxMdWdsVFJPUzl1WjlSNGZFQ08tVjg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCU9kAMA8E
AgACMAkDBwAqANjAAAAwDQYJKoZIhvcNAQELBQADggEBAIJx2Xl5v1c4Idq0mk1w
hy6ZmKfBx3iCpORjZ2DcwqvahZhKB+5Nxyp5p8nXvPZVXE30vBqoLnGf30F9ImWg
ge3yEiScBlvZFAcXuXw762XqNoX7b3Y/TBzjCZX49K6q1jCbGhXYbedok2FtKyzL
02BUfQ4IU9A2oPSnZrMpPVFfml0VtaTBxOj8oZXXLlj+feI6R4qnsuUVbP7iKtvG
RPcRMrWgJZ0JU4zZEj0lqsw4UOHzrfuGary8Aehzx9GGx9ldEyD0qHU5oAhUrAGM
q6GxNqTon50SuJZ+nibF8S83hn5J/Fs6lM3iybQ9LdkL698D/+skWkTiQmQWxA+Q
+Wo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:58 2024 by rpki-client on console-fra.rpki-client.org