Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/1-LeS2BwQvh37De8CyuO7wvl4cH8.roa
File: 1-LeS2BwQvh37De8CyuO7wvl4cH8.roa (raw, json)
Hash identifier: nD1VMU0nRfVDmQXDQRMRJNgzbiEbUmakOrI2pHfAaH0=
Subject key identifier: F8:B7:92:D8:1C:10:BE:1D:FB:0D:EF:02:CA:E3:BB:C2:F9:78:70:7F
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 01931F86D51FB169AE9770D5103105AEB74B
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/1-LeS2BwQvh37De8CyuO7wvl4cH8.roa
Signing time: Tue 12 Nov 2024 08:39:10 +0000
ROA not before: Tue 12 Nov 2024 08:39:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.217.0/24 maxlen: 24
83.147.244.0/22 maxlen: 24
83.147.248.0/22 maxlen: 24
91.186.200.0/22 maxlen: 24
91.186.204.0/22 maxlen: 24
91.186.216.0/23 maxlen: 24
94.241.168.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Nov 2024 15:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1f:86:d5:1f:b1:69:ae:97:70:d5:10:31:05:ae:b7:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Nov 12 08:39:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8b792d81c10be1dfb0def02cae3bbc2f978707f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:91:41:03:f7:e8:bf:89:7a:bc:0b:df:47:92:
38:31:a1:b2:57:ac:e5:c4:d6:fb:6e:bb:0c:96:3b:
c5:59:e5:6a:2d:02:2c:4a:c0:3a:61:09:6f:83:f5:
c4:88:e7:06:b0:9e:3d:ea:13:46:10:94:4d:c5:1d:
af:31:da:97:e1:b2:46:98:11:c1:a3:ce:bf:fc:ec:
35:3e:e7:59:79:64:7f:36:84:84:68:91:40:75:63:
e1:44:94:aa:89:62:8d:d7:50:89:fb:df:2f:f1:51:
94:a5:ce:37:e3:d5:99:4a:81:9d:e1:d1:12:48:06:
90:a8:01:93:a7:51:dd:47:39:de:0c:a0:1c:20:3a:
9f:a8:ff:68:62:3a:f8:02:ed:62:8b:c0:16:4f:62:
55:1d:27:34:3f:d3:9b:31:09:22:d4:de:f0:8f:f8:
2d:0b:d9:2f:17:e7:19:77:cc:fb:ed:3e:29:d6:bc:
7e:7e:da:a0:2e:b5:4d:c4:b7:06:4a:7d:d4:1c:3a:
4a:87:8d:6a:09:70:28:6d:6b:ef:73:fd:d2:37:20:
d9:20:98:4b:53:0c:fa:4e:94:54:46:69:5b:ba:2c:
fb:21:8b:74:62:0e:38:e4:22:bb:8b:ae:a1:5e:4a:
70:38:e7:4b:0e:89:c6:26:f5:3e:36:61:6b:fc:93:
2a:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:B7:92:D8:1C:10:BE:1D:FB:0D:EF:02:CA:E3:BB:C2:F9:78:70:7F
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/1-LeS2BwQvh37De8CyuO7wvl4cH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.217.0/24
83.147.244.0-83.147.251.255
91.186.200.0/21
91.186.216.0/23
94.241.168.0/21
Signature Algorithm: sha256WithRSAEncryption
6c:89:f7:c9:44:67:ec:c3:29:8f:66:03:65:ab:db:d7:d5:d1:
e0:8d:6f:84:3e:27:93:5c:24:21:47:ff:66:85:91:ae:eb:19:
17:0f:ed:ff:c8:10:a1:eb:cf:17:35:b6:17:f3:06:15:f6:a8:
c5:8d:e3:b4:da:92:62:d8:59:bc:8e:6d:6c:8e:a2:74:46:b0:
37:2f:a1:e8:6e:d9:c9:29:f4:92:5a:ed:e8:0e:d1:3d:6a:34:
9e:a0:8b:2e:f2:85:f7:6a:0c:6e:91:df:d0:3b:18:aa:b3:75:
07:91:fc:e4:c6:a7:c0:6e:b0:2c:46:ed:0e:16:83:8b:5e:68:
a7:8d:f3:d0:0f:54:b1:45:e0:77:6a:3e:dc:aa:f8:ea:11:5f:
39:db:93:22:ad:58:95:ad:56:2f:54:ff:b2:8c:db:22:70:53:
f9:d4:ca:a1:0a:12:bd:cf:06:4b:b9:1c:7c:f9:f3:f6:ad:67:
41:38:cf:a0:13:22:95:98:d1:01:e7:e6:ce:8e:37:b7:3a:ed:
57:3d:0d:3c:bc:e3:50:f5:77:ee:36:1a:fb:dc:d0:2d:0f:89:
ab:70:d5:14:d9:cc:09:7c:97:9c:6d:10:79:e3:d3:ce:28:05:
ae:5d:4c:f6:95:3d:dc:57:aa:87:4e:4b:8d:fb:a4:12:48:8b:
4d:90:04:60
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZMfhtUfsWmul3DVEDEFrrdLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQxMTEyMDgzOTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGI3OTJkODFjMTBiZTFkZmIwZGVmMDJjYWUzYmJjMmY5Nzg3MDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1pFBA/fov4l6vAvfR5I4MaGyV6zl
xNb7brsMljvFWeVqLQIsSsA6YQlvg/XEiOcGsJ496hNGEJRNxR2vMdqX4bJGmBHB
o86//Ow1PudZeWR/NoSEaJFAdWPhRJSqiWKN11CJ+98v8VGUpc4349WZSoGd4dES
SAaQqAGTp1HdRzneDKAcIDqfqP9oYjr4Au1ii8AWT2JVHSc0P9ObMQki1N7wj/gt
C9kvF+cZd8z77T4p1rx+ftqgLrVNxLcGSn3UHDpKh41qCXAobWvvc/3SNyDZIJhL
Uwz6TpRURmlbuiz7IYt0Yg445CK7i66hXkpwOOdLDonGJvU+NmFr/JMqkwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPi3ktgcEL4d+w3vAsrju8L5eHB/MB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvMS1MZVMyQndRdmgzN0RlOEN5dU83d3ZsNGNIOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjgvNDEwOTMwLTlkNjUtNGJlOC05ZWJhLWY5OGRhNTRhZjQz
NC8xL3duZU40cW0tbUFJU0E0TG5VTkZaNlZoeXdxNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA/BggrBgEFBQcBBwEB/wQwMC4wLAQCAAEwJgMEAFOT2TAM
AwQCU5P0AwQCU5P4AwQDW7rIAwQBW7rYAwQDXvGoMA0GCSqGSIb3DQEBCwUAA4IB
AQBsiffJRGfswymPZgNlq9vX1dHgjW+EPieTXCQhR/9mhZGu6xkXD+3/yBCh688X
NbYX8wYV9qjFjeO02pJi2Fm8jm1sjqJ0RrA3L6HobtnJKfSSWu3oDtE9ajSeoIsu
8oX3agxukd/QOxiqs3UHkfzkxqfAbrAsRu0OFoOLXminjfPQD1SxReB3aj7cqvjq
EV8525MirViVrVYvVP+yjNsicFP51MqhChK9zwZLuRx8+fP2rWdBOM+gEyKVmNEB
5+bOjje3Ou1XPQ08vONQ9XfuNhr73NAtD4mrcNUU2cwJfJecbRB549POKAWuXUz2
lT3cV6qHTkuN+6QSSItNkARg
-----END CERTIFICATE-----
Generated at Wed Nov 13 19:27:06 2024 by rpki-client on console-ams.rpki-client.org