Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/4f05ce-a382-49a0-9999-e52f70c06c29/1/Bf_Yxy1kbUZNkHfMWBtA_pWUFjc.roa
File: Bf_Yxy1kbUZNkHfMWBtA_pWUFjc.roa (raw, json)
Hash identifier: pO1Y8yS4lkqvUSKPXERkqt3V/qdVKNJ79qN8IGuHelg=
Subject key identifier: 05:FF:D8:C7:2D:64:6D:46:4D:90:77:CC:58:1B:40:FE:95:94:16:37
Certificate issuer: /CN=9de783e9acd56992f5835fb4882183500ca03c83
Certificate serial: 018D5AFE6CA546D1FE9D6A5A85FAFC3E975C
Authority key identifier: 9D:E7:83:E9:AC:D5:69:92:F5:83:5F:B4:88:21:83:50:0C:A0:3C:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/neeD6azVaZL1g1-0iCGDUAygPIM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/4f05ce-a382-49a0-9999-e52f70c06c29/1/Bf_Yxy1kbUZNkHfMWBtA_pWUFjc.roa
Signing time: Tue 30 Jan 2024 15:30:39 +0000
ROA not before: Tue 30 Jan 2024 15:30:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 83.97.96.0/21 maxlen: 21
83.97.96.0/24 maxlen: 24
83.97.97.0/24 maxlen: 24
83.97.98.0/24 maxlen: 24
83.97.99.0/24 maxlen: 24
83.97.100.0/24 maxlen: 24
83.97.101.0/24 maxlen: 24
83.97.102.0/24 maxlen: 24
83.97.103.0/24 maxlen: 24
89.47.52.0/24 maxlen: 24
89.47.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Feb 2024 15:38:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5a:fe:6c:a5:46:d1:fe:9d:6a:5a:85:fa:fc:3e:97:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9de783e9acd56992f5835fb4882183500ca03c83
Validity
Not Before: Jan 30 15:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05ffd8c72d646d464d9077cc581b40fe95941637
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:60:21:be:8c:b7:c6:d1:72:b9:d0:d0:ea:3a:
15:96:7b:34:1e:4a:df:95:c9:9c:8f:af:d3:07:75:
64:3f:dc:05:ea:33:ab:6c:8c:7d:25:43:4d:52:be:
5a:55:56:da:cd:bb:80:3c:ec:af:cf:67:34:c4:bd:
be:b2:2b:bd:65:60:a4:be:5d:61:66:60:38:2c:55:
98:16:ce:c1:57:77:5c:1b:9c:28:77:96:a1:ba:d0:
5d:46:27:cb:b4:ef:6f:60:69:fd:f2:dd:1b:16:bb:
9a:6a:75:7c:be:f4:6c:33:6b:aa:fb:11:ea:7f:f8:
ec:08:49:8f:c9:52:b0:32:3f:42:00:be:48:61:5a:
3b:bb:20:dd:6e:cd:e1:8e:c4:95:bb:5b:66:e6:85:
0c:0d:c5:98:78:b0:3f:6f:e2:25:92:07:8d:ae:ff:
71:db:c5:f3:66:38:a1:9d:b4:0e:e4:25:8c:9a:9a:
3c:c4:cd:56:b2:57:bb:b9:b9:54:b0:2b:31:2e:63:
52:7d:d7:9e:98:63:6c:a2:11:d5:e7:7e:55:e6:c0:
12:62:c0:93:0e:46:54:99:1d:e3:f4:d3:94:c1:cb:
25:64:fe:9b:68:25:6a:66:9d:1d:85:1c:a0:24:3e:
16:f2:7c:51:0c:d5:59:a9:04:08:b2:9a:de:1f:0b:
a4:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:FF:D8:C7:2D:64:6D:46:4D:90:77:CC:58:1B:40:FE:95:94:16:37
X509v3 Authority Key Identifier:
keyid:9D:E7:83:E9:AC:D5:69:92:F5:83:5F:B4:88:21:83:50:0C:A0:3C:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/neeD6azVaZL1g1-0iCGDUAygPIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/4f05ce-a382-49a0-9999-e52f70c06c29/1/Bf_Yxy1kbUZNkHfMWBtA_pWUFjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/4f05ce-a382-49a0-9999-e52f70c06c29/1/neeD6azVaZL1g1-0iCGDUAygPIM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.97.96.0/21
89.47.52.0/24
89.47.252.0/24
Signature Algorithm: sha256WithRSAEncryption
10:e8:ff:65:92:11:29:d9:78:11:dc:30:be:f8:20:39:58:30:
e8:22:51:10:68:1a:82:51:c1:ce:25:c5:d4:03:d4:b6:ff:54:
24:47:dd:03:8c:ed:41:76:13:99:e1:41:47:b2:a0:82:30:c2:
62:36:48:a9:5b:5a:c8:ff:f0:c5:96:45:2b:e8:b7:5d:fa:b8:
c1:32:a4:16:d8:ca:2e:38:a1:f4:83:84:74:02:60:a1:87:ff:
38:e3:e3:fd:4d:90:c2:1b:ff:fc:a6:a8:68:fb:64:bf:dd:ba:
46:05:dc:18:ec:33:7a:89:a2:86:f7:d0:98:1f:2d:83:ea:84:
d0:23:5c:9a:c8:2f:36:a0:4d:10:99:52:bb:7d:77:86:27:3b:
fe:d7:0a:37:3c:42:79:03:cb:c2:aa:10:8f:bb:f1:6c:af:46:
83:2a:2d:21:fc:95:3f:54:1c:39:29:fd:3b:0e:58:d5:1d:8b:
91:5f:47:80:88:b6:61:26:cc:88:63:04:fa:83:3a:c6:9e:2f:
10:09:41:e4:f1:49:70:a5:a8:c1:2c:60:e6:e4:af:ba:9f:9a:
0f:39:6a:b0:18:ad:b1:9a:73:fa:8d:d6:03:52:41:0a:fa:3b:
d7:c7:6d:66:22:86:3b:83:f6:fb:5a:b9:04:32:c3:23:71:dd:
12:1e:04:f0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1a/mylRtH+nWpahfr8PpdcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkZTc4M2U5YWNkNTY5OTJmNTgzNWZiNDg4MjE4MzUwMGNh
MDNjODMwHhcNMjQwMTMwMTUzMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWZmZDhjNzJkNjQ2ZDQ2NGQ5MDc3Y2M1ODFiNDBmZTk1OTQxNjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWAhvoy3xtFyudDQ6joVlns0Hkrf
lcmcj6/TB3VkP9wF6jOrbIx9JUNNUr5aVVbazbuAPOyvz2c0xL2+siu9ZWCkvl1h
ZmA4LFWYFs7BV3dcG5wod5ahutBdRifLtO9vYGn98t0bFruaanV8vvRsM2uq+xHq
f/jsCEmPyVKwMj9CAL5IYVo7uyDdbs3hjsSVu1tm5oUMDcWYeLA/b+IlkgeNrv9x
28XzZjihnbQO5CWMmpo8xM1Wsle7ublUsCsxLmNSfdeemGNsohHV535V5sASYsCT
DkZUmR3j9NOUwcslZP6baCVqZp0dhRygJD4W8nxRDNVZqQQIspreHwukQQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAX/2MctZG1GTZB3zFgbQP6VlBY3MB8GA1UdIwQY
MBaAFJ3ng+ms1WmS9YNftIghg1AMoDyDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmVlRDZhelZhWkwxZzEtMGlDR0RVQXlnUElNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi80ZjA1Y2UtYTM4Mi00OWEwLTk5OTkt
ZTUyZjcwYzA2YzI5LzEvQmZfWXh5MWtiVVpOa0hmTVdCdEFfcFdVRmpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi80ZjA1Y2UtYTM4Mi00OWEwLTk5OTktZTUyZjcwYzA2YzI5
LzEvbmVlRDZhelZhWkwxZzEtMGlDR0RVQXlnUElNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDU2FgAwQA
WS80AwQAWS/8MA0GCSqGSIb3DQEBCwUAA4IBAQAQ6P9lkhEp2XgR3DC++CA5WDDo
IlEQaBqCUcHOJcXUA9S2/1QkR90DjO1BdhOZ4UFHsqCCMMJiNkipW1rI//DFlkUr
6Ldd+rjBMqQW2MouOKH0g4R0AmChh/844+P9TZDCG//8pqho+2S/3bpGBdwY7DN6
iaKG99CYHy2D6oTQI1yayC82oE0QmVK7fXeGJzv+1wo3PEJ5A8vCqhCPu/Fsr0aD
Ki0h/JU/VBw5Kf07DljVHYuRX0eAiLZhJsyIYwT6gzrGni8QCUHk8UlwpajBLGDm
5K+6n5oPOWqwGK2xmnP6jdYDUkEK+jvXx21mIoY7g/b7WrkEMsMjcd0SHgTw
-----END CERTIFICATE-----
Generated at Thu Feb 1 19:21:03 2024 by rpki-client on console-ams.rpki-client.org