Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/vnGXvKHW6dg4Pfz01q62ebELUPQ.roa
File: vnGXvKHW6dg4Pfz01q62ebELUPQ.roa (raw, json)
Hash identifier: 9Bf6CNr/X4jstQYeYNqBziQxYGpRSkq2NlR7wPnpXDs=
Subject key identifier: BE:71:97:BC:A1:D6:E9:D8:38:3D:FC:F4:D6:AE:B6:79:B1:0B:50:F4
Certificate issuer: /CN=66feef09c450990af34779ce701be6cd54b3d924
Certificate serial: 018D1C1E1BCAA1A61A14215307762F88D352
Authority key identifier: 66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/vnGXvKHW6dg4Pfz01q62ebELUPQ.roa
Signing time: Thu 18 Jan 2024 10:29:11 +0000
ROA not before: Thu 18 Jan 2024 10:29:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31304
IP address blocks: 83.168.64.0/22 maxlen: 24
83.168.96.0/21 maxlen: 21
83.168.104.0/24 maxlen: 24
83.168.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Feb 2024 10:15:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1c:1e:1b:ca:a1:a6:1a:14:21:53:07:76:2f:88:d3:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66feef09c450990af34779ce701be6cd54b3d924
Validity
Not Before: Jan 18 10:29:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be7197bca1d6e9d8383dfcf4d6aeb679b10b50f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b8:49:a4:0c:33:e0:d4:96:8d:0a:67:f7:fe:
9d:ea:7c:f6:af:7e:be:ee:3b:92:7b:b1:26:87:62:
bd:31:dd:2b:3e:51:57:66:1b:f9:09:ae:46:47:8e:
e4:a7:0c:5d:f1:ee:9f:15:00:f2:d2:85:b0:21:68:
9b:b3:13:6b:10:f8:5a:5d:b1:95:8a:54:d5:29:18:
7c:f2:c2:a8:11:30:03:ac:2f:ae:0b:26:df:63:fe:
ea:9c:4d:a7:33:89:01:1e:1c:08:7d:9f:db:5a:75:
22:43:7c:8e:93:5c:6c:8d:eb:3e:e7:8f:e4:1a:9f:
b6:96:d5:ab:bc:ba:6e:a0:b2:33:4f:4f:90:eb:4d:
e5:1b:69:86:69:de:43:f5:7b:5d:fd:33:73:02:fc:
fb:ca:c8:d6:b7:28:e7:16:07:67:04:97:57:58:00:
9d:78:fa:91:c2:fe:b5:82:4e:bc:1f:65:93:e5:12:
44:2e:79:82:65:76:9c:c6:9e:99:92:87:30:81:a7:
59:8b:30:23:fc:c1:ca:92:72:23:84:6a:cb:52:c0:
84:7c:fa:df:e5:c3:25:2d:aa:fd:16:e7:d3:0f:89:
b3:e8:c6:6b:5c:65:37:5f:8e:91:20:27:f2:53:68:
90:36:d2:c8:b9:f1:f6:1d:2b:23:0e:63:da:1b:55:
d6:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:71:97:BC:A1:D6:E9:D8:38:3D:FC:F4:D6:AE:B6:79:B1:0B:50:F4
X509v3 Authority Key Identifier:
keyid:66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/vnGXvKHW6dg4Pfz01q62ebELUPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.168.64.0/22
83.168.96.0-83.168.104.255
83.168.111.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:29:a2:23:df:57:4b:d5:0b:05:aa:40:36:f9:74:f1:e8:82:
61:a3:91:63:e8:37:08:5f:c8:d0:fb:33:9c:37:98:a4:a2:7a:
37:4e:63:6d:88:da:b9:fd:dd:1e:68:ec:25:9e:99:18:e1:69:
46:f2:fb:c4:1b:12:e3:d3:d0:10:34:b6:7e:c0:6b:3b:35:1a:
2c:46:04:2a:5b:06:dd:f5:b3:3b:fb:10:d9:16:8a:27:71:ae:
63:02:3d:5a:a8:84:50:85:c2:13:82:d0:8d:89:3d:9f:2f:36:
af:75:29:30:a6:70:6c:25:f6:83:47:87:fc:9a:6f:46:00:44:
b6:03:f7:65:bf:3b:c0:e9:e5:4f:8e:3b:1d:63:f5:5f:ec:ec:
37:1d:62:bd:43:c5:cd:bb:39:56:45:dc:79:bc:ad:cd:58:c3:
96:28:98:3f:0a:10:40:7e:b9:5d:0a:8f:d4:91:1e:fb:df:8f:
c9:9a:97:96:f6:67:c9:77:79:de:34:a3:47:90:35:25:ad:1d:
cd:1f:fe:d4:30:f0:d5:38:55:69:bb:d3:9f:ff:a9:44:cf:36:
52:5b:5e:0f:3e:4c:f6:02:0d:23:4b:2b:ce:a1:a9:f6:7e:64:
60:b2:7c:14:37:32:64:32:29:ca:a4:ff:4f:3c:79:f0:e3:0c:
f9:e7:16:00
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY0cHhvKoaYaFCFTB3YviNNSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZmVlZjA5YzQ1MDk5MGFmMzQ3NzljZTcwMWJlNmNkNTRi
M2Q5MjQwHhcNMjQwMTE4MTAyOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTcxOTdiY2ExZDZlOWQ4MzgzZGZjZjRkNmFlYjY3OWIxMGI1MGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbhJpAwz4NSWjQpn9/6d6nz2r36+
7juSe7Emh2K9Md0rPlFXZhv5Ca5GR47kpwxd8e6fFQDy0oWwIWibsxNrEPhaXbGV
ilTVKRh88sKoETADrC+uCybfY/7qnE2nM4kBHhwIfZ/bWnUiQ3yOk1xsjes+54/k
Gp+2ltWrvLpuoLIzT0+Q603lG2mGad5D9Xtd/TNzAvz7ysjWtyjnFgdnBJdXWACd
ePqRwv61gk68H2WT5RJELnmCZXacxp6ZkocwgadZizAj/MHKknIjhGrLUsCEfPrf
5cMlLar9FufTD4mz6MZrXGU3X46RICfyU2iQNtLIufH2HSsjDmPaG1XWKwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFL5xl7yh1unYOD389NautnmxC1D0MB8GA1UdIwQY
MBaAFGb+7wnEUJkK80d5znAb5s1Us9kkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYt
ODI0NTFmMzNmNGNhLzEvdm5HWHZLSFc2ZGc0UGZ6MDFxNjJlYkVMVVBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYtODI0NTFmMzNmNGNh
LzEvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCU6hAMAwD
BAVTqGADBABTqGgDBABTqG8wDQYJKoZIhvcNAQELBQADggEBACspoiPfV0vVCwWq
QDb5dPHogmGjkWPoNwhfyND7M5w3mKSiejdOY22I2rn93R5o7CWemRjhaUby+8Qb
EuPT0BA0tn7Aazs1GixGBCpbBt31szv7ENkWiidxrmMCPVqohFCFwhOC0I2JPZ8v
Nq91KTCmcGwl9oNHh/yab0YARLYD92W/O8Dp5U+OOx1j9V/s7DcdYr1Dxc27OVZF
3Hm8rc1Yw5YomD8KEEB+uV0Kj9SRHvvfj8mal5b2Z8l3ed40o0eQNSWtHc0f/tQw
8NU4VWm705//qUTPNlJbXg8+TPYCDSNLK86hqfZ+ZGCyfBQ3MmQyKcqk/088efDj
DPnnFgA=
-----END CERTIFICATE-----
Generated at Mon Feb 5 14:22:08 2024 by rpki-client on console-ams.rpki-client.org