Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/0aDVgH3Y9gdMUV9fW7qVYohpmtY.roa
File: 0aDVgH3Y9gdMUV9fW7qVYohpmtY.roa (raw, json)
Hash identifier: DNjvflgj4XdVS7XQa5r71hnPYemvHnfLl3TvHvmwGz4=
Subject key identifier: D1:A0:D5:80:7D:D8:F6:07:4C:51:5F:5F:5B:BA:95:62:88:69:9A:D6
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 0189BD21D4BE95A7BB845C4622B4FC008D60
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/0aDVgH3Y9gdMUV9fW7qVYohpmtY.roa
Signing time: Thu 03 Aug 2023 20:40:58 +0000
ROA not before: Thu 03 Aug 2023 20:40:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200088
IP address blocks: 83.147.245.0/24 maxlen: 24
83.147.244.0/24 maxlen: 24
83.147.246.0/24 maxlen: 24
83.147.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 27 Aug 2023 20:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bd:21:d4:be:95:a7:bb:84:5c:46:22:b4:fc:00:8d:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Aug 3 20:40:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1a0d5807dd8f6074c515f5f5bba956288699ad6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:1a:c9:ea:a2:24:91:6a:40:1a:59:fe:4e:9c:
aa:07:27:f0:df:ab:71:14:90:b2:c6:04:e9:8f:0f:
ef:f2:28:55:92:21:65:50:7c:78:c5:79:e5:2e:35:
19:f8:3e:c4:5f:94:a4:e0:4a:02:ed:20:ea:09:b2:
c5:2f:de:11:d2:d5:e4:ec:1f:4c:e2:9d:92:a6:ba:
06:72:55:fb:a6:ff:58:a1:d1:e8:f5:67:7a:62:2c:
d5:6a:42:04:a0:f1:a3:b7:be:80:c3:26:14:11:26:
c9:fb:0b:89:2b:79:59:9f:78:52:98:13:d8:a1:91:
5e:41:dc:2d:c6:a3:a2:28:62:0e:56:62:57:49:5d:
c1:99:84:bb:49:3f:cc:b2:48:e1:19:30:1a:4d:2f:
64:a2:c1:75:44:87:62:b5:83:67:5d:aa:c0:64:42:
7b:98:54:1b:f6:c2:ab:f3:92:40:ac:ae:31:8b:29:
e1:07:d7:87:bb:84:1d:4a:83:56:63:2a:ea:45:c1:
b2:c5:a5:52:73:9f:15:a4:fa:67:53:29:56:d5:ff:
9e:fa:93:fa:90:e3:49:66:01:a5:c8:ea:a2:f0:ce:
02:f0:9a:3d:e5:c0:26:3c:0b:bc:f9:f6:2f:db:bb:
21:5d:c4:e7:39:cb:ff:26:99:0a:e7:c4:0a:57:08:
2e:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:A0:D5:80:7D:D8:F6:07:4C:51:5F:5F:5B:BA:95:62:88:69:9A:D6
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/0aDVgH3Y9gdMUV9fW7qVYohpmtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.244.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:4c:dc:ba:9e:2d:02:ed:9a:7a:ed:34:a5:00:f3:af:79:01:
0d:d6:21:21:8e:b2:9c:08:9f:b8:e2:e2:0d:91:48:65:fa:69:
32:16:71:ab:46:f9:78:ea:4a:07:11:3d:0f:55:aa:ad:23:f6:
82:0a:80:66:8a:28:4a:9a:59:df:37:5b:c8:27:05:36:31:29:
33:e5:8b:5b:97:06:c3:5f:7e:25:1a:56:c6:b6:16:dc:01:0b:
c2:c2:24:3d:83:30:07:8b:f5:da:b3:f8:a7:82:1b:74:ca:1f:
94:c8:2d:e3:a6:71:4f:f8:b6:d8:a6:be:91:77:09:5c:9d:59:
70:0f:2b:73:87:c6:65:18:1c:6b:79:c2:0f:c8:4c:06:80:d1:
1b:e9:0d:83:da:10:a1:42:a7:da:30:9f:6a:c4:ad:58:e8:01:
cb:e6:5e:75:e4:e8:13:a7:92:9c:07:d5:7f:71:7c:a0:1d:ef:
13:ec:82:1a:b1:c9:ee:2f:65:cc:99:67:13:d2:cf:07:11:dd:
65:88:f4:64:60:a3:81:17:c9:1c:26:c6:12:cd:08:25:89:3d:
d2:36:28:00:7f:d7:e1:e6:30:65:ef:8f:17:f3:a2:cb:a0:cf:
d7:43:79:0c:71:04:66:3e:c6:9a:98:9c:45:4a:3e:32:85:be:
36:86:2e:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYm9IdS+lae7hFxGIrT8AI1gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwODAzMjA0MDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWEwZDU4MDdkZDhmNjA3NGM1MTVmNWY1YmJhOTU2Mjg4Njk5YWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBrJ6qIkkWpAGln+TpyqByfw36tx
FJCyxgTpjw/v8ihVkiFlUHx4xXnlLjUZ+D7EX5Sk4EoC7SDqCbLFL94R0tXk7B9M
4p2SproGclX7pv9YodHo9Wd6YizVakIEoPGjt76AwyYUESbJ+wuJK3lZn3hSmBPY
oZFeQdwtxqOiKGIOVmJXSV3BmYS7ST/MskjhGTAaTS9kosF1RIditYNnXarAZEJ7
mFQb9sKr85JArK4xiynhB9eHu4QdSoNWYyrqRcGyxaVSc58VpPpnUylW1f+e+pP6
kONJZgGlyOqi8M4C8Jo95cAmPAu8+fYv27shXcTnOcv/JpkK58QKVwguaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNGg1YB92PYHTFFfX1u6lWKIaZrWMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvMGFEVmdIM1k5Z2RNVVY5Zlc3cVZZb2hwbXRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCU5P0MA0G
CSqGSIb3DQEBCwUAA4IBAQCKTNy6ni0C7Zp67TSlAPOveQEN1iEhjrKcCJ+44uIN
kUhl+mkyFnGrRvl46koHET0PVaqtI/aCCoBmiihKmlnfN1vIJwU2MSkz5YtblwbD
X34lGlbGthbcAQvCwiQ9gzAHi/Xas/inght0yh+UyC3jpnFP+LbYpr6RdwlcnVlw
Dytzh8ZlGBxrecIPyEwGgNEb6Q2D2hChQqfaMJ9qxK1Y6AHL5l515OgTp5KcB9V/
cXygHe8T7IIascnuL2XMmWcT0s8HEd1liPRkYKOBF8kcJsYSzQgliT3SNigAf9fh
5jBl748X86LLoM/XQ3kMcQRmPsaamJxFSj4yhb42hi66
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:09 2024 by rpki-client on console-fra.rpki-client.org