Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/4udmvNSxwJi4Lc4AH-Ok8hq7bDI.roa
File: 4udmvNSxwJi4Lc4AH-Ok8hq7bDI.roa (raw, json)
Hash identifier: +my5ljVBDAKb+gvQajZAtRN+7psis9oHJFR/Q8U1LN0=
Subject key identifier: E2:E7:66:BC:D4:B1:C0:98:B8:2D:CE:00:1F:E3:A4:F2:1A:BB:6C:32
Certificate issuer: /CN=66feef09c450990af34779ce701be6cd54b3d924
Certificate serial: 018A17819EC5DE991A9F876A4C75B535FF72
Authority key identifier: 66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/4udmvNSxwJi4Lc4AH-Ok8hq7bDI.roa
Signing time: Mon 21 Aug 2023 09:51:25 +0000
ROA not before: Mon 21 Aug 2023 09:51:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31304
IP address blocks: 83.168.64.0/21 maxlen: 21
83.168.96.0/21 maxlen: 21
83.168.104.0/24 maxlen: 24
83.168.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:17:81:9e:c5:de:99:1a:9f:87:6a:4c:75:b5:35:ff:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66feef09c450990af34779ce701be6cd54b3d924
Validity
Not Before: Aug 21 09:51:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2e766bcd4b1c098b82dce001fe3a4f21abb6c32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:4f:d4:26:d6:4d:c8:f3:fa:d3:4b:cd:8c:17:
72:97:6e:01:16:2a:e0:5d:37:19:45:bf:d4:c1:70:
d5:ac:68:70:83:0f:fe:98:a7:e0:fb:5e:82:84:9d:
5f:94:86:89:7e:19:42:5c:21:3a:a1:89:42:6d:d4:
2e:0b:bb:9c:6f:4e:b5:8a:e4:ff:2c:79:e5:25:ed:
44:c2:17:fb:72:00:56:3c:c7:95:23:ce:c7:7c:50:
cc:2d:85:f9:50:ec:d5:21:3d:f3:ca:b3:9d:c1:e6:
46:98:41:20:b0:76:0b:2d:d2:52:88:76:6c:54:8a:
3e:8f:cb:f7:41:de:e4:0f:7e:3d:e3:70:98:02:19:
c1:a5:67:74:33:5a:da:3f:2c:5d:f8:8f:c0:ba:ef:
82:41:d4:fd:41:6a:c2:f1:7d:e4:e7:54:29:25:bc:
db:41:32:d4:9c:d5:3e:98:b1:59:4e:48:e5:4b:a1:
b1:ad:31:cb:02:db:75:4d:52:b4:01:ea:81:b4:bb:
78:72:64:93:fb:68:04:e7:bc:bb:f1:7c:40:d9:e9:
ef:36:bc:94:3f:36:9c:de:d5:af:eb:68:2d:dc:44:
9b:35:1c:b7:99:cb:b9:be:74:df:b1:3f:bd:4f:c5:
82:d3:d5:b3:0d:a8:e2:3e:8f:45:75:69:e9:a3:2f:
b6:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:E7:66:BC:D4:B1:C0:98:B8:2D:CE:00:1F:E3:A4:F2:1A:BB:6C:32
X509v3 Authority Key Identifier:
keyid:66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/4udmvNSxwJi4Lc4AH-Ok8hq7bDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.168.64.0/21
83.168.96.0-83.168.104.255
83.168.111.0/24
Signature Algorithm: sha256WithRSAEncryption
90:14:b4:3b:9e:c2:12:92:b9:38:4d:d9:d8:e8:3f:33:14:ea:
15:80:36:9f:13:a7:b2:14:94:28:47:9c:b5:89:68:c7:20:b9:
a3:58:ac:29:92:27:25:01:c4:35:08:3c:ed:dd:62:65:da:0e:
81:7e:09:40:f0:3c:87:fe:64:17:9a:8b:1f:b9:43:6a:88:64:
22:30:b1:fe:17:e1:b1:9d:39:3b:56:f6:da:b0:ec:40:4d:7a:
0d:ef:3e:0d:26:29:81:c5:2a:87:96:c4:87:5d:10:79:db:9e:
8a:9c:44:79:55:0c:9a:c1:ae:53:39:dd:4e:99:53:e5:75:10:
fd:96:41:98:d3:56:dc:c0:a6:de:be:8b:56:ab:a2:de:67:2f:
95:db:d6:43:a5:4e:5f:25:76:3e:71:51:5e:70:ab:f9:6e:cb:
05:ab:71:ec:a3:3d:22:8a:e8:2c:1f:c4:17:0b:de:60:76:13:
ba:c2:6f:4a:37:5d:34:6c:30:4b:48:e4:df:c6:05:f7:cc:00:
bf:02:34:ac:04:ab:5a:6c:26:5f:94:08:43:7c:57:cb:1f:88:
96:87:c3:63:91:77:c9:e3:b4:66:77:b5:69:35:ae:38:d2:d9:
ad:1c:bb:07:72:e0:57:9f:34:86:a3:c8:ef:8d:17:a7:b9:5d:
9b:8b:bf:76
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYoXgZ7F3pkan4dqTHW1Nf9yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZmVlZjA5YzQ1MDk5MGFmMzQ3NzljZTcwMWJlNmNkNTRi
M2Q5MjQwHhcNMjMwODIxMDk1MTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmU3NjZiY2Q0YjFjMDk4YjgyZGNlMDAxZmUzYTRmMjFhYmI2YzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0/UJtZNyPP600vNjBdyl24BFirg
XTcZRb/UwXDVrGhwgw/+mKfg+16ChJ1flIaJfhlCXCE6oYlCbdQuC7ucb061iuT/
LHnlJe1Ewhf7cgBWPMeVI87HfFDMLYX5UOzVIT3zyrOdweZGmEEgsHYLLdJSiHZs
VIo+j8v3Qd7kD34943CYAhnBpWd0M1raPyxd+I/Auu+CQdT9QWrC8X3k51QpJbzb
QTLUnNU+mLFZTkjlS6GxrTHLAtt1TVK0AeqBtLt4cmST+2gE57y78XxA2envNryU
Pzac3tWv62gt3ESbNRy3mcu5vnTfsT+9T8WC09WzDajiPo9FdWnpoy+2IQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOLnZrzUscCYuC3OAB/jpPIau2wyMB8GA1UdIwQY
MBaAFGb+7wnEUJkK80d5znAb5s1Us9kkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYt
ODI0NTFmMzNmNGNhLzEvNHVkbXZOU3h3Smk0TGM0QUgtT2s4aHE3YkRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYtODI0NTFmMzNmNGNh
LzEvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQDU6hAMAwD
BAVTqGADBABTqGgDBABTqG8wDQYJKoZIhvcNAQELBQADggEBAJAUtDuewhKSuThN
2djoPzMU6hWANp8Tp7IUlChHnLWJaMcguaNYrCmSJyUBxDUIPO3dYmXaDoF+CUDw
PIf+ZBeaix+5Q2qIZCIwsf4X4bGdOTtW9tqw7EBNeg3vPg0mKYHFKoeWxIddEHnb
noqcRHlVDJrBrlM53U6ZU+V1EP2WQZjTVtzApt6+i1arot5nL5Xb1kOlTl8ldj5x
UV5wq/luywWrceyjPSKK6CwfxBcL3mB2E7rCb0o3XTRsMEtI5N/GBffMAL8CNKwE
q1psJl+UCEN8V8sfiJaHw2ORd8njtGZ3tWk1rjjS2a0cuwdy4FefNIajyO+NF6e5
XZuLv3Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:01 2024 by rpki-client on console-ams.rpki-client.org