Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/4f05ce-a382-49a0-9999-e52f70c06c29/1/S58PcKs9ZMkxs2S0nPzSJ0mbm40.roa
File: S58PcKs9ZMkxs2S0nPzSJ0mbm40.roa (raw, json)
Hash identifier: hEX7PeEy251xQdG22Hp58KpT0vDM6jgIV+KqLfWC4JQ=
Subject key identifier: 4B:9F:0F:70:AB:3D:64:C9:31:B3:64:B4:9C:FC:D2:27:49:9B:9B:8D
Certificate issuer: /CN=9de783e9acd56992f5835fb4882183500ca03c83
Certificate serial: 018D5ABE55FE2EFEDBA0E153B03FF72E4C30
Authority key identifier: 9D:E7:83:E9:AC:D5:69:92:F5:83:5F:B4:88:21:83:50:0C:A0:3C:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/neeD6azVaZL1g1-0iCGDUAygPIM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/4f05ce-a382-49a0-9999-e52f70c06c29/1/S58PcKs9ZMkxs2S0nPzSJ0mbm40.roa
Signing time: Tue 30 Jan 2024 14:20:39 +0000
ROA not before: Tue 30 Jan 2024 14:20:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 83.97.96.0/21 maxlen: 21
83.97.96.0/24 maxlen: 24
83.97.97.0/24 maxlen: 24
83.97.98.0/24 maxlen: 24
83.97.99.0/24 maxlen: 24
83.97.100.0/24 maxlen: 24
83.97.101.0/24 maxlen: 24
83.97.102.0/24 maxlen: 24
83.97.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Jan 2024 15:30:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5a:be:55:fe:2e:fe:db:a0:e1:53:b0:3f:f7:2e:4c:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9de783e9acd56992f5835fb4882183500ca03c83
Validity
Not Before: Jan 30 14:20:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b9f0f70ab3d64c931b364b49cfcd227499b9b8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:51:36:dc:2e:39:7d:3b:16:25:9d:c3:ae:ce:
1d:30:0d:1e:1a:d5:cb:4a:08:ee:9f:12:0f:7b:cc:
46:de:07:f8:a0:b7:a0:10:29:83:de:df:c8:8b:db:
e5:37:ad:40:a5:36:bb:a9:28:49:92:d7:f4:c7:a0:
71:7f:83:2f:97:ae:9a:88:1a:6a:fb:20:68:00:b0:
b3:dd:5c:cf:6d:0a:70:77:06:df:7c:8d:c0:b7:18:
5c:04:c3:eb:1b:b7:a9:79:55:02:7f:12:d7:ec:4d:
21:d5:91:99:46:84:19:68:fb:5c:91:be:22:a6:99:
b9:f7:73:4b:87:bf:c4:91:4e:05:d0:2d:b1:b9:bb:
90:d2:fb:2b:47:c6:90:ae:15:2a:6d:e3:ca:a0:83:
a9:e3:b9:97:e6:4c:a8:91:f0:e4:69:b7:78:c2:a0:
17:29:de:5b:1b:2b:84:73:0c:05:d8:d7:d6:c9:a2:
02:99:04:78:80:2c:bc:55:68:88:85:91:79:11:0e:
cf:04:7a:d9:89:a7:70:19:b2:2a:74:f7:f5:2f:48:
00:92:25:a1:32:0e:91:3a:74:c9:b6:bc:26:d1:b7:
6a:63:ab:e2:98:f4:6f:d5:cd:47:a9:ce:42:1b:48:
3d:1e:d2:67:7b:ac:e6:d0:7a:28:d2:9a:f8:17:3d:
8c:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:9F:0F:70:AB:3D:64:C9:31:B3:64:B4:9C:FC:D2:27:49:9B:9B:8D
X509v3 Authority Key Identifier:
keyid:9D:E7:83:E9:AC:D5:69:92:F5:83:5F:B4:88:21:83:50:0C:A0:3C:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/neeD6azVaZL1g1-0iCGDUAygPIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/4f05ce-a382-49a0-9999-e52f70c06c29/1/S58PcKs9ZMkxs2S0nPzSJ0mbm40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/4f05ce-a382-49a0-9999-e52f70c06c29/1/neeD6azVaZL1g1-0iCGDUAygPIM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.97.96.0/21
Signature Algorithm: sha256WithRSAEncryption
bf:90:21:c2:8d:92:4d:e6:f4:2b:06:39:b0:c2:c2:eb:68:7e:
5b:e7:95:a9:b2:51:55:07:cf:fc:06:04:5c:5f:65:7f:bc:c2:
b3:7d:9c:48:11:c8:43:a6:2d:84:da:c6:bb:8d:8f:eb:c7:53:
e5:07:d3:b4:c0:7b:7a:21:bd:54:e2:0b:ce:56:5c:d5:62:26:
5e:ec:93:77:6c:2f:fc:e0:4c:0c:da:c4:86:5a:20:93:20:37:
15:03:7f:2d:a1:5e:df:df:ff:ad:1c:ed:e8:64:d2:6e:44:95:
63:9f:19:7a:2d:e4:43:e8:c8:36:ae:a9:0b:84:1c:b1:51:7e:
46:77:e7:c5:c7:46:3c:45:7f:2c:d5:4b:0b:48:77:79:b0:af:
1c:b5:22:b7:f7:bf:8b:3b:29:bb:c5:37:3b:04:28:b1:1e:d3:
4b:c0:85:94:4e:de:9e:53:67:1f:ac:f7:28:fe:9b:20:85:9b:
bb:24:03:f5:2e:91:cb:d4:c9:70:c9:7e:88:be:75:0b:6b:60:
02:7c:5c:08:cd:ca:aa:ef:8e:07:82:c3:f9:6d:fa:34:d6:38:
79:e4:6d:92:e3:d2:87:e9:32:0c:a6:50:66:6f:cc:20:72:73:
de:2c:b3:d4:0e:5b:c2:35:1a:6d:56:b3:7c:ee:48:61:ca:e5:
f3:65:b6:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1avlX+Lv7boOFTsD/3LkwwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkZTc4M2U5YWNkNTY5OTJmNTgzNWZiNDg4MjE4MzUwMGNh
MDNjODMwHhcNMjQwMTMwMTQyMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjlmMGY3MGFiM2Q2NGM5MzFiMzY0YjQ5Y2ZjZDIyNzQ5OWI5YjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplE23C45fTsWJZ3Drs4dMA0eGtXL
SgjunxIPe8xG3gf4oLegECmD3t/Ii9vlN61ApTa7qShJktf0x6Bxf4Mvl66aiBpq
+yBoALCz3VzPbQpwdwbffI3AtxhcBMPrG7epeVUCfxLX7E0h1ZGZRoQZaPtckb4i
ppm593NLh7/EkU4F0C2xubuQ0vsrR8aQrhUqbePKoIOp47mX5kyokfDkabd4wqAX
Kd5bGyuEcwwF2NfWyaICmQR4gCy8VWiIhZF5EQ7PBHrZiadwGbIqdPf1L0gAkiWh
Mg6ROnTJtrwm0bdqY6vimPRv1c1Hqc5CG0g9HtJne6zm0Hoo0pr4Fz2M+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEufD3CrPWTJMbNktJz80idJm5uNMB8GA1UdIwQY
MBaAFJ3ng+ms1WmS9YNftIghg1AMoDyDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmVlRDZhelZhWkwxZzEtMGlDR0RVQXlnUElNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi80ZjA1Y2UtYTM4Mi00OWEwLTk5OTkt
ZTUyZjcwYzA2YzI5LzEvUzU4UGNLczlaTWt4czJTMG5QelNKMG1ibTQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi80ZjA1Y2UtYTM4Mi00OWEwLTk5OTktZTUyZjcwYzA2YzI5
LzEvbmVlRDZhelZhWkwxZzEtMGlDR0RVQXlnUElNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDU2FgMA0G
CSqGSIb3DQEBCwUAA4IBAQC/kCHCjZJN5vQrBjmwwsLraH5b55WpslFVB8/8BgRc
X2V/vMKzfZxIEchDpi2E2sa7jY/rx1PlB9O0wHt6Ib1U4gvOVlzVYiZe7JN3bC/8
4EwM2sSGWiCTIDcVA38toV7f3/+tHO3oZNJuRJVjnxl6LeRD6Mg2rqkLhByxUX5G
d+fFx0Y8RX8s1UsLSHd5sK8ctSK397+LOym7xTc7BCixHtNLwIWUTt6eU2cfrPco
/psghZu7JAP1LpHL1MlwyX6IvnULa2ACfFwIzcqq744HgsP5bfo01jh55G2S49KH
6TIMplBmb8wgcnPeLLPUDlvCNRptVrN87khhyuXzZbaN
-----END CERTIFICATE-----
Generated at Tue Jan 30 20:09:06 2024 by rpki-client on console-ams.rpki-client.org