Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/ibvqYh9aIHs-7Dshlzm8VD_Axsc.roa
File: ibvqYh9aIHs-7Dshlzm8VD_Axsc.roa (raw, json)
Hash identifier: FRhn5f1psY5jlXWebkGfInx4kX2Tx9xu8yD4vRWgrCg=
Subject key identifier: 89:BB:EA:62:1F:5A:20:7B:3E:EC:3B:21:97:39:BC:54:3F:C0:C6:C7
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 01871A9DE0F9F5CFF289428C69E1A97763D7
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/ibvqYh9aIHs-7Dshlzm8VD_Axsc.roa
Signing time: Sat 25 Mar 2023 21:12:46 +0000
ROA not before: Sat 25 Mar 2023 21:12:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 83.97.119.0/24 maxlen: 24
178.20.28.0/22 maxlen: 24
193.31.126.0/24 maxlen: 24
88.218.47.0/24 maxlen: 24
88.218.45.0/24 maxlen: 24
194.99.24.0/24 maxlen: 24
77.83.24.0/22 maxlen: 24
194.99.26.0/24 maxlen: 24
193.151.190.0/23 maxlen: 24
193.151.189.0/24 maxlen: 24
83.97.117.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Mar 2023 08:58:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:1a:9d:e0:f9:f5:cf:f2:89:42:8c:69:e1:a9:77:63:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Mar 25 21:12:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89bbea621f5a207b3eec3b219739bc543fc0c6c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:88:ae:a8:b2:62:0c:3a:85:20:62:00:28:a1:
11:b1:4c:6b:48:04:42:f7:c0:1a:13:68:ed:76:27:
80:84:1f:fe:ef:57:da:b3:4d:cc:f9:96:4a:5f:9a:
8f:74:24:e2:9e:b4:4a:65:ed:1e:b3:3d:0b:67:6a:
f6:54:89:c2:17:9c:3c:07:12:17:9c:30:b1:bd:a8:
63:0d:90:54:bd:06:b3:25:3e:52:ac:5d:40:c3:48:
fd:ab:2d:27:cf:1c:ae:10:03:d2:a5:f4:4a:57:45:
17:88:89:6f:a8:21:9b:26:d9:7c:a2:14:00:b3:9b:
63:a8:99:c4:bb:3e:ff:9f:c0:a7:76:c3:7f:0f:c9:
b3:4b:9e:ae:50:38:37:06:2e:6b:be:99:86:43:b8:
d1:69:31:32:c7:e9:7b:59:6c:5a:7e:50:88:af:34:
fa:c9:b3:0c:f6:64:66:ce:73:64:08:5a:21:67:73:
b2:a8:b9:26:e5:08:0e:ca:ca:54:01:2f:78:ff:2d:
65:db:93:f0:31:cd:72:22:92:a1:b5:a0:b2:05:d6:
45:f5:da:6a:31:ef:79:8a:82:46:54:df:34:48:51:
a1:75:79:2b:07:9f:e0:8b:7b:5e:76:ac:af:85:d5:
4e:87:2d:19:3f:ae:f2:f5:44:1a:28:44:1a:05:51:
08:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:BB:EA:62:1F:5A:20:7B:3E:EC:3B:21:97:39:BC:54:3F:C0:C6:C7
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/ibvqYh9aIHs-7Dshlzm8VD_Axsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.24.0/22
83.97.117.0/24
83.97.119.0/24
88.218.45.0/24
88.218.47.0/24
178.20.28.0/22
193.31.126.0/24
193.151.189.0-193.151.191.255
194.99.24.0/24
194.99.26.0/24
Signature Algorithm: sha256WithRSAEncryption
89:01:08:c8:09:96:b1:00:43:c7:e8:4b:27:0a:fd:88:30:cd:
9e:cf:f5:8d:31:12:c7:77:5b:e8:ef:74:aa:68:ee:90:19:c7:
7a:65:ef:9d:74:eb:96:85:c6:42:65:69:56:ec:d7:aa:02:4d:
79:1d:f7:13:78:20:4c:02:69:08:f2:ac:45:5b:cf:c2:9d:c2:
2c:af:a6:5e:e3:2d:d1:03:cb:58:b1:8d:43:a0:6e:d3:79:53:
6a:01:fc:69:1d:24:94:c6:98:61:5a:9d:08:02:be:d8:c1:70:
d0:7c:00:31:65:d1:6a:0f:9f:7d:98:9e:a1:cc:cb:bc:fc:40:
d9:7a:57:71:ec:4c:f6:c8:a9:e6:9f:f1:de:f9:44:55:57:3c:
48:e0:8a:2e:c4:e5:81:84:8b:18:f7:0d:eb:07:d2:58:98:05:
c4:ee:d1:52:ff:99:d5:4a:54:1e:6c:dd:35:a0:25:74:4f:86:
fb:ec:17:04:38:d8:dd:74:d5:db:38:0f:8e:4a:15:6a:8d:c5:
e0:63:30:7f:63:7c:fb:32:6a:b4:fc:90:b9:65:3a:67:4d:21:
7d:43:79:23:20:e5:10:03:87:78:b8:ac:08:6a:f0:8d:fd:7d:
f2:05:1d:ef:23:b1:e1:23:6b:73:ef:1e:23:8a:de:62:1c:f4:
30:28:99:0e
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYcaneD59c/yiUKMaeGpd2PXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwMzI1MjExMjQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWJiZWE2MjFmNWEyMDdiM2VlYzNiMjE5NzM5YmM1NDNmYzBjNmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYiuqLJiDDqFIGIAKKERsUxrSARC
98AaE2jtdieAhB/+71fas03M+ZZKX5qPdCTinrRKZe0esz0LZ2r2VInCF5w8BxIX
nDCxvahjDZBUvQazJT5SrF1Aw0j9qy0nzxyuEAPSpfRKV0UXiIlvqCGbJtl8ohQA
s5tjqJnEuz7/n8CndsN/D8mzS56uUDg3Bi5rvpmGQ7jRaTEyx+l7WWxaflCIrzT6
ybMM9mRmznNkCFohZ3OyqLkm5QgOyspUAS94/y1l25PwMc1yIpKhtaCyBdZF9dpq
Me95ioJGVN80SFGhdXkrB5/gi3tedqyvhdVOhy0ZP67y9UQaKEQaBVEIGQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFIm76mIfWiB7Puw7IZc5vFQ/wMbHMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvaWJ2cVloOWFJSHMtN0RzaGx6bThWRF9BeHNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQCTVMYAwQA
U2F1AwQAU2F3AwQAWNotAwQAWNovAwQCshQcAwQAwR9+MAwDBADBl70DBAbBl4AD
BADCYxgDBADCYxowDQYJKoZIhvcNAQELBQADggEBAIkBCMgJlrEAQ8foSycK/Ygw
zZ7P9Y0xEsd3W+jvdKpo7pAZx3pl751065aFxkJlaVbs16oCTXkd9xN4IEwCaQjy
rEVbz8Kdwiyvpl7jLdEDy1ixjUOgbtN5U2oB/GkdJJTGmGFanQgCvtjBcNB8ADFl
0WoPn32YnqHMy7z8QNl6V3HsTPbIqeaf8d75RFVXPEjgii7E5YGEixj3DesH0liY
BcTu0VL/mdVKVB5s3TWgJXRPhvvsFwQ42N101ds4D45KFWqNxeBjMH9jfPsyarT8
kLllOmdNIX1DeSMg5RADh3i4rAhq8I39ffIFHe8jseEja3PvHiOK3mIc9DAomQ4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:20 2024 by rpki-client on console-ams.rpki-client.org