Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/af3d81-0047-413c-91f4-0470b4bb30db/1/Itjqe7MTBE2hccSJ6bSsOeG1OFc.roa
File: Itjqe7MTBE2hccSJ6bSsOeG1OFc.roa (raw, json)
Hash identifier: EtcX9fY7RNaylzDO+aIbG9ur1D1u+UIC+bN2DRNd0Ks=
Subject key identifier: 22:D8:EA:7B:B3:13:04:4D:A1:71:C4:89:E9:B4:AC:39:E1:B5:38:57
Certificate issuer: /CN=f879988e0f49971a326f419e5cfacbfddcc993e7
Certificate serial: 01893EF9912DA17D2FEB26B7D8C5874639C1
Authority key identifier: F8:79:98:8E:0F:49:97:1A:32:6F:41:9E:5C:FA:CB:FD:DC:C9:93:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-HmYjg9Jlxoyb0GeXPrL_dzJk-c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/af3d81-0047-413c-91f4-0470b4bb30db/1/Itjqe7MTBE2hccSJ6bSsOeG1OFc.roa
Signing time: Mon 10 Jul 2023 08:44:50 +0000
ROA not before: Mon 10 Jul 2023 08:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 83.136.208.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Aug 2023 10:38:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:3e:f9:91:2d:a1:7d:2f:eb:26:b7:d8:c5:87:46:39:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f879988e0f49971a326f419e5cfacbfddcc993e7
Validity
Not Before: Jul 10 08:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22d8ea7bb313044da171c489e9b4ac39e1b53857
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:e2:0b:63:85:de:3d:54:f7:aa:9a:c1:7d:8c:
ba:f7:16:b0:a5:1f:c6:54:d4:43:d8:53:1a:2a:8a:
b9:ed:5c:c5:fc:6a:12:5d:b0:1e:73:da:5d:0a:d5:
e8:5d:7e:d7:35:fb:84:56:de:ab:00:c8:84:c6:3c:
2b:10:94:59:37:01:e4:5c:c9:aa:f3:30:f7:77:f5:
86:d8:53:67:1c:da:a6:44:ba:bf:c4:9e:9c:c0:48:
96:31:a5:2c:d7:a9:e4:80:de:6a:ba:62:78:2e:2a:
6f:4c:aa:2b:0e:64:c0:79:b1:3e:d0:1b:d5:51:b9:
5a:24:94:5e:68:8c:02:35:6d:07:5c:56:b7:9e:ac:
78:b8:f5:47:0a:8f:16:bf:35:00:a9:70:76:68:76:
a1:85:a6:21:55:d3:e7:d6:dd:7c:34:9a:bf:c4:62:
d7:97:f0:02:aa:7b:f4:4c:ec:77:cb:c7:e6:ff:d2:
c3:b1:09:30:bd:b4:14:b0:88:f5:ea:35:3b:1c:97:
f0:a4:62:61:e5:01:2d:e2:5a:3f:e4:27:67:05:a7:
80:49:c2:23:73:1a:52:e3:1e:36:19:a8:c7:4c:0e:
20:04:f5:77:1a:a0:f1:09:d4:71:c2:b1:a9:b8:32:
7e:29:3e:6a:52:8a:6c:a5:58:60:4a:1a:31:d9:30:
24:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:D8:EA:7B:B3:13:04:4D:A1:71:C4:89:E9:B4:AC:39:E1:B5:38:57
X509v3 Authority Key Identifier:
keyid:F8:79:98:8E:0F:49:97:1A:32:6F:41:9E:5C:FA:CB:FD:DC:C9:93:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-HmYjg9Jlxoyb0GeXPrL_dzJk-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/af3d81-0047-413c-91f4-0470b4bb30db/1/Itjqe7MTBE2hccSJ6bSsOeG1OFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/af3d81-0047-413c-91f4-0470b4bb30db/1/1-HmYjg9Jlxoyb0GeXPrL_dzJk-c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.208.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:d0:ce:9c:21:33:eb:4f:a1:61:e9:69:7f:20:e3:51:27:5c:
cd:ab:02:01:b8:71:0e:cf:c4:df:4f:d5:a0:c5:b7:71:09:3a:
05:38:23:f7:f0:1a:59:c7:29:2f:93:f1:0e:a9:75:09:55:a9:
05:40:0d:52:66:2c:f7:fe:ae:1d:8e:e5:4a:dd:44:ec:40:f9:
c4:7e:87:66:0a:73:f9:92:e8:e8:8f:5a:ac:45:d0:20:c3:f3:
37:11:20:f4:1f:ed:4f:28:db:1f:e4:ef:7c:e8:cd:ee:77:21:
4b:ee:b2:dd:ec:52:f0:fd:aa:59:83:56:10:0d:d6:de:26:77:
be:4c:d6:30:34:56:bb:c1:cb:e9:1f:99:87:e2:d8:7f:70:9c:
44:f2:45:79:53:16:34:d2:f3:ee:a1:97:0e:63:22:f0:60:9d:
cf:9f:f0:44:97:09:14:64:ba:f4:30:89:ad:3a:99:82:36:e1:
3f:1e:08:b3:d8:7d:80:7a:65:bf:65:e6:3c:cc:84:34:2d:df:
04:4f:48:25:91:20:2c:35:1b:dc:4e:1f:f1:51:f0:34:02:b1:
15:0f:e4:2e:37:bf:94:24:f0:07:24:be:94:3f:5f:fc:35:cf:
b2:cf:cc:b3:b1:41:5f:36:33:9c:af:9b:a0:04:df:63:1d:9b:
a3:ca:0f:36
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYk++ZEtoX0v6ya32MWHRjnBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4Nzk5ODhlMGY0OTk3MWEzMjZmNDE5ZTVjZmFjYmZkZGNj
OTkzZTcwHhcNMjMwNzEwMDg0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmQ4ZWE3YmIzMTMwNDRkYTE3MWM0ODllOWI0YWMzOWUxYjUzODU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5+ILY4XePVT3qprBfYy69xawpR/G
VNRD2FMaKoq57VzF/GoSXbAec9pdCtXoXX7XNfuEVt6rAMiExjwrEJRZNwHkXMmq
8zD3d/WG2FNnHNqmRLq/xJ6cwEiWMaUs16nkgN5qumJ4LipvTKorDmTAebE+0BvV
UblaJJReaIwCNW0HXFa3nqx4uPVHCo8WvzUAqXB2aHahhaYhVdPn1t18NJq/xGLX
l/ACqnv0TOx3y8fm/9LDsQkwvbQUsIj16jU7HJfwpGJh5QEt4lo/5CdnBaeAScIj
cxpS4x42GajHTA4gBPV3GqDxCdRxwrGpuDJ+KT5qUopspVhgShox2TAkswIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFCLY6nuzEwRNoXHEiem0rDnhtThXMB8GA1UdIwQY
MBaAFPh5mI4PSZcaMm9Bnlz6y/3cyZPnMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1IbVlqZzlKbHhveWIwR2VYUHJMX2R6SmstYy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDUvYWYzZDgxLTAwNDctNDEzYy05MWY0
LTA0NzBiNGJiMzBkYi8xL0l0anFlN01UQkUyaGNjU0o2YlNzT2VHMU9GYy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDUvYWYzZDgxLTAwNDctNDEzYy05MWY0LTA0NzBiNGJiMzBk
Yi8xLzEtSG1Zamc5Smx4b3liMEdlWFByTF9kekprLWMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJTiNAw
DQYJKoZIhvcNAQELBQADggEBAE3QzpwhM+tPoWHpaX8g41EnXM2rAgG4cQ7PxN9P
1aDFt3EJOgU4I/fwGlnHKS+T8Q6pdQlVqQVADVJmLPf+rh2O5UrdROxA+cR+h2YK
c/mS6OiPWqxF0CDD8zcRIPQf7U8o2x/k73zoze53IUvust3sUvD9qlmDVhAN1t4m
d75M1jA0VrvBy+kfmYfi2H9wnETyRXlTFjTS8+6hlw5jIvBgnc+f8ESXCRRkuvQw
ia06mYI24T8eCLPYfYB6Zb9l5jzMhDQt3wRPSCWRICw1G9xOH/FR8DQCsRUP5C43
v5Qk8AckvpQ/X/w1z7LPzLOxQV82M5yvm6AE32Mdm6PKDzY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:38 2024 by rpki-client on console-fra.rpki-client.org