Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/0FkE21ldZhfBJwrCym3MMyzi7jY.roa
File: 0FkE21ldZhfBJwrCym3MMyzi7jY.roa (raw, json)
Hash identifier: 21PR8dPyHkeH6A2PzYyfAJILh1bNz2V0okffNsBzH7Q=
Subject key identifier: D0:59:04:DB:59:5D:66:17:C1:27:0A:C2:CA:6D:CC:33:2C:E2:EE:36
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018BC8E0CE74790CC0BC7724C18475789633
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/0FkE21ldZhfBJwrCym3MMyzi7jY.roa
Signing time: Mon 13 Nov 2023 13:30:57 +0000
ROA not before: Mon 13 Nov 2023 13:30:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.186.216.0/22 maxlen: 24
94.241.168.0/21 maxlen: 24
83.147.216.0/24 maxlen: 24
178.253.26.0/23 maxlen: 24
178.253.32.0/24 maxlen: 24
83.147.222.0/24 maxlen: 24
83.147.244.0/22 maxlen: 24
83.147.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Nov 2023 21:13:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c8:e0:ce:74:79:0c:c0:bc:77:24:c1:84:75:78:96:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Nov 13 13:30:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d05904db595d6617c1270ac2ca6dcc332ce2ee36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:a0:ec:fb:13:b3:70:91:bd:3b:63:f4:2c:3e:
f4:0e:12:55:11:cb:b8:f7:c2:f2:0d:0c:01:3f:23:
9f:ab:23:f2:8c:8a:ce:02:3e:25:66:0c:80:fd:3d:
1e:ed:8a:e3:ea:d8:c9:39:f6:4d:66:6a:86:2e:37:
d9:46:14:1b:e6:cf:80:8b:c8:25:b0:25:02:57:15:
53:f9:88:dd:3f:0a:3d:02:32:e6:6e:2a:90:51:01:
eb:b2:12:f5:b8:00:61:b0:d4:1c:3d:6f:ae:60:f6:
ab:f5:91:01:02:3f:32:28:c0:cb:41:48:4f:e4:ae:
f7:f8:db:31:5f:8e:11:54:61:8e:27:25:eb:92:61:
da:86:47:eb:80:52:cb:62:62:90:31:e5:b2:93:61:
73:e3:28:b4:79:e0:79:e1:d4:34:4a:7c:ea:3b:38:
9f:cd:53:b5:0f:c3:22:75:ae:af:09:b8:58:16:98:
f2:80:64:8f:53:71:15:72:9c:a7:8d:b9:ca:58:50:
43:d7:4e:89:50:3b:6b:04:ff:e7:5f:ad:9d:da:b9:
3c:98:86:a2:94:1a:25:f6:d5:9e:d9:b7:d1:35:70:
72:4a:6e:f7:a8:d0:9b:09:f8:b6:e7:e6:57:a2:83:
40:89:2d:bc:25:0e:fc:a6:9c:a6:2e:62:70:e8:16:
0d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:59:04:DB:59:5D:66:17:C1:27:0A:C2:CA:6D:CC:33:2C:E2:EE:36
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/0FkE21ldZhfBJwrCym3MMyzi7jY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.216.0/24
83.147.222.0/24
83.147.244.0/22
83.147.252.0/22
91.186.216.0/22
94.241.168.0/21
178.253.26.0/23
178.253.32.0/24
Signature Algorithm: sha256WithRSAEncryption
59:73:97:5f:71:0e:74:11:8c:ae:c3:76:d2:6b:ee:4f:6e:60:
45:5f:63:12:71:41:1a:6d:be:b5:07:11:3a:ba:a5:1a:de:31:
c7:a0:8f:f0:2c:f0:76:63:e7:33:3e:93:de:86:ae:ca:97:7c:
75:61:28:4d:14:aa:b2:1d:52:02:b5:82:19:88:56:4d:3a:6e:
30:58:7b:08:15:8c:3a:0e:70:a4:9c:0d:c7:26:09:3e:ad:d4:
08:e7:a1:b8:b4:84:a9:0c:10:25:90:2f:e7:d6:5e:81:8d:35:
2d:83:e6:51:fd:e4:dc:08:16:a6:1a:30:15:7b:49:d5:15:5c:
29:b5:90:75:e7:9a:ed:da:cc:d8:3f:b6:17:91:9e:19:21:34:
e0:1c:d1:ad:81:61:82:5b:84:a0:50:b7:ca:2d:63:a6:ab:ac:
58:e1:83:a6:9c:77:9a:92:a9:4e:3f:86:15:32:38:b1:8b:32:
e5:fc:a6:f3:2b:b3:43:c1:f3:cf:0b:6f:86:27:ab:ed:a3:69:
49:cd:aa:50:00:71:08:da:3c:b9:bb:2b:57:2b:fc:c0:ff:55:
30:b0:7f:14:87:9e:ef:a7:82:c6:7b:ac:cd:c8:97:10:db:44:
2f:03:f7:8d:97:0c:8f:c9:66:89:f3:d0:c0:6c:30:a7:75:96:
36:b0:fc:03
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYvI4M50eQzAvHckwYR1eJYzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMxMTEzMTMzMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDU5MDRkYjU5NWQ2NjE3YzEyNzBhYzJjYTZkY2MzMzJjZTJlZTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqDs+xOzcJG9O2P0LD70DhJVEcu4
98LyDQwBPyOfqyPyjIrOAj4lZgyA/T0e7Yrj6tjJOfZNZmqGLjfZRhQb5s+Ai8gl
sCUCVxVT+YjdPwo9AjLmbiqQUQHrshL1uABhsNQcPW+uYPar9ZEBAj8yKMDLQUhP
5K73+NsxX44RVGGOJyXrkmHahkfrgFLLYmKQMeWyk2Fz4yi0eeB54dQ0SnzqOzif
zVO1D8Mida6vCbhYFpjygGSPU3EVcpynjbnKWFBD106JUDtrBP/nX62d2rk8mIai
lBol9tWe2bfRNXBySm73qNCbCfi25+ZXooNAiS28JQ78ppymLmJw6BYNMQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFNBZBNtZXWYXwScKwsptzDMs4u42MB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvMEZrRTIxbGRaaGZCSndyQ3ltM01NeXppN2pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAU5PYAwQA
U5PeAwQCU5P0AwQCU5P8AwQCW7rYAwQDXvGoAwQBsv0aAwQAsv0gMA0GCSqGSIb3
DQEBCwUAA4IBAQBZc5dfcQ50EYyuw3bSa+5PbmBFX2MScUEabb61BxE6uqUa3jHH
oI/wLPB2Y+czPpPehq7Kl3x1YShNFKqyHVICtYIZiFZNOm4wWHsIFYw6DnCknA3H
Jgk+rdQI56G4tISpDBAlkC/n1l6BjTUtg+ZR/eTcCBamGjAVe0nVFVwptZB155rt
2szYP7YXkZ4ZITTgHNGtgWGCW4SgULfKLWOmq6xY4YOmnHeakqlOP4YVMjixizLl
/KbzK7NDwfPPC2+GJ6vto2lJzapQAHEI2jy5uytXK/zA/1UwsH8Uh57vp4LGe6zN
yJcQ20QvA/eNlwyPyWaJ89DAbDCndZY2sPwD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:09 2024 by rpki-client on console-fra.rpki-client.org