Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/OpcTo8IHg3QBAQXzKDVxDsT1dRw.roa
File: OpcTo8IHg3QBAQXzKDVxDsT1dRw.roa (raw, json)
Hash identifier: qmwI0GPgbjEe0J5GmcYKfBCEshT8tpCHZwmpmkh6voM=
Subject key identifier: 3A:97:13:A3:C2:07:83:74:01:01:05:F3:28:35:71:0E:C4:F5:75:1C
Certificate issuer: /CN=66feef09c450990af34779ce701be6cd54b3d924
Certificate serial: 0189D0BA0078F7961FCC18F1135FDCCB4F25
Authority key identifier: 66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/OpcTo8IHg3QBAQXzKDVxDsT1dRw.roa
Signing time: Mon 07 Aug 2023 15:59:58 +0000
ROA not before: Mon 07 Aug 2023 15:59:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31304
IP address blocks: 83.168.64.0/21 maxlen: 21
83.168.80.0/20 maxlen: 20
83.168.96.0/21 maxlen: 21
83.168.104.0/24 maxlen: 24
83.168.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Aug 2023 09:51:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d0:ba:00:78:f7:96:1f:cc:18:f1:13:5f:dc:cb:4f:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66feef09c450990af34779ce701be6cd54b3d924
Validity
Not Before: Aug 7 15:59:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a9713a3c2078374010105f32835710ec4f5751c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d3:18:ba:cf:31:92:73:b8:b5:4c:23:2c:0b:
1d:c2:19:b9:94:4a:3a:4f:b6:38:aa:82:d9:12:62:
26:04:78:f4:10:fe:1a:8b:a4:28:56:4f:fe:3c:32:
55:11:42:6c:b0:9d:65:e6:0f:3e:7b:ed:89:4e:7f:
25:e6:99:e5:8f:41:31:cc:08:b1:3d:6e:b3:9c:10:
50:a2:84:9a:99:ac:aa:6a:86:29:75:e9:db:11:15:
63:82:ec:0f:df:54:3d:8a:61:6c:42:3a:eb:e7:66:
ca:25:e5:7c:7f:b7:4f:67:07:cc:14:0f:01:e6:44:
de:40:21:d2:e3:fa:2e:11:1d:f3:46:5b:27:e7:dc:
17:d9:78:69:06:3d:10:d1:33:db:43:ad:ec:bf:a3:
38:e5:a8:6c:f4:4c:44:6e:fc:12:9d:4c:f2:17:b4:
0c:58:7b:ee:cd:cd:f9:47:a5:51:21:61:c5:c4:29:
1e:d4:58:21:2f:cb:82:4a:34:34:7e:e6:c7:01:33:
cb:42:20:1a:96:4d:85:41:8f:b2:4b:df:2a:e3:dc:
b6:52:82:ea:5b:34:09:af:b3:de:3e:cd:58:78:05:
e4:88:3b:3a:8a:d5:59:ab:e1:e8:07:ba:b2:72:b2:
56:a9:43:07:2a:5f:7c:a8:4b:26:8b:76:4d:cf:c5:
16:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:97:13:A3:C2:07:83:74:01:01:05:F3:28:35:71:0E:C4:F5:75:1C
X509v3 Authority Key Identifier:
keyid:66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/OpcTo8IHg3QBAQXzKDVxDsT1dRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.168.64.0/21
83.168.80.0-83.168.104.255
83.168.111.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:84:b8:55:ab:f6:a4:05:51:1e:e1:bb:cc:05:3e:7d:0e:f0:
3c:0a:ec:54:91:6a:50:9a:76:63:82:76:ef:6d:57:73:85:60:
96:41:fa:f2:c4:bc:23:45:9c:e8:e1:4a:68:2c:a8:c0:a2:fc:
19:fb:7c:4b:d5:e1:b2:d6:a1:be:39:33:6d:c5:29:f8:ae:ce:
7d:08:99:9d:aa:73:a9:3b:56:d4:77:ac:ea:75:08:3b:a8:f4:
69:1a:88:23:59:30:6c:89:a7:d0:23:64:4b:1b:85:46:d8:51:
9a:c9:45:b1:07:e9:ec:7c:ac:f8:e7:5f:0d:6d:1b:08:25:fc:
83:4b:56:92:4c:80:6c:df:10:ee:99:b6:11:21:7d:75:bb:de:
35:02:5c:9e:32:77:7c:59:c6:9f:da:96:3f:1c:f5:5a:32:5d:
50:40:fa:26:c4:8e:99:5a:23:e9:7b:f4:c9:a3:4c:86:5a:c4:
3d:25:bc:55:ac:24:19:3d:20:4f:e8:30:00:e1:13:5f:e9:8b:
23:cd:67:ca:21:61:e5:42:d7:17:8c:49:96:b0:57:f5:01:f7:
8f:58:63:06:d4:b6:f8:bf:45:ed:7a:0e:ff:b1:d0:84:91:b0:
36:1a:06:6c:0d:8c:16:87:fe:b9:d8:fb:58:92:84:d8:98:36:
fd:95:77:01
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYnQugB495YfzBjxE1/cy08lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZmVlZjA5YzQ1MDk5MGFmMzQ3NzljZTcwMWJlNmNkNTRi
M2Q5MjQwHhcNMjMwODA3MTU1OTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTk3MTNhM2MyMDc4Mzc0MDEwMTA1ZjMyODM1NzEwZWM0ZjU3NTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtMYus8xknO4tUwjLAsdwhm5lEo6
T7Y4qoLZEmImBHj0EP4ai6QoVk/+PDJVEUJssJ1l5g8+e+2JTn8l5pnlj0ExzAix
PW6znBBQooSamayqaoYpdenbERVjguwP31Q9imFsQjrr52bKJeV8f7dPZwfMFA8B
5kTeQCHS4/ouER3zRlsn59wX2XhpBj0Q0TPbQ63sv6M45ahs9ExEbvwSnUzyF7QM
WHvuzc35R6VRIWHFxCke1FghL8uCSjQ0fubHATPLQiAalk2FQY+yS98q49y2UoLq
WzQJr7PePs1YeAXkiDs6itVZq+HoB7qycrJWqUMHKl98qEsmi3ZNz8UWQQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDqXE6PCB4N0AQEF8yg1cQ7E9XUcMB8GA1UdIwQY
MBaAFGb+7wnEUJkK80d5znAb5s1Us9kkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYt
ODI0NTFmMzNmNGNhLzEvT3BjVG84SUhnM1FCQVFYektEVnhEc1QxZFJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYtODI0NTFmMzNmNGNh
LzEvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQDU6hAMAwD
BARTqFADBABTqGgDBABTqG8wDQYJKoZIhvcNAQELBQADggEBAG2EuFWr9qQFUR7h
u8wFPn0O8DwK7FSRalCadmOCdu9tV3OFYJZB+vLEvCNFnOjhSmgsqMCi/Bn7fEvV
4bLWob45M23FKfiuzn0ImZ2qc6k7VtR3rOp1CDuo9GkaiCNZMGyJp9AjZEsbhUbY
UZrJRbEH6ex8rPjnXw1tGwgl/INLVpJMgGzfEO6ZthEhfXW73jUCXJ4yd3xZxp/a
lj8c9VoyXVBA+ibEjplaI+l79MmjTIZaxD0lvFWsJBk9IE/oMADhE1/piyPNZ8oh
YeVC1xeMSZawV/UB949YYwbUtvi/Re16Dv+x0ISRsDYaBmwNjBaH/rnY+1iShNiY
Nv2VdwE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:38 2024 by rpki-client on console-fra.rpki-client.org