Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/1GYCzwKJ75-6-iD9dsQrkS3PEIw.roa
File: 1GYCzwKJ75-6-iD9dsQrkS3PEIw.roa (raw, json)
Hash identifier: CWgIWsgGf8g0Ba5J0A1sYss31/hCKKar7xivnBZ+XII=
Subject key identifier: D4:66:02:CF:02:89:EF:9F:BA:FA:20:FD:76:C4:2B:91:2D:CF:10:8C
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 01917DFB8A5F3BC17C94085D92B37E4C0769
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/1GYCzwKJ75-6-iD9dsQrkS3PEIw.roa
Signing time: Fri 23 Aug 2024 06:45:22 +0000
ROA not before: Fri 23 Aug 2024 06:45:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.194.0/24 maxlen: 24
83.147.222.0/24 maxlen: 24
83.147.244.0/22 maxlen: 24
91.186.200.0/22 maxlen: 24
91.186.204.0/22 maxlen: 24
91.186.216.0/23 maxlen: 24
94.241.168.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sat 24 Aug 2024 21:03:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7d:fb:8a:5f:3b:c1:7c:94:08:5d:92:b3:7e:4c:07:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Aug 23 06:45:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d46602cf0289ef9fbafa20fd76c42b912dcf108c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f9:55:48:17:9d:45:58:66:fc:18:b4:a8:3a:
b6:cd:b6:c6:bd:3e:e1:7c:bf:35:6b:c5:92:3a:d6:
2d:ed:f1:10:3f:f2:e0:68:9f:28:78:bc:68:f8:1b:
da:19:0b:2c:84:18:6f:32:8e:af:13:fa:5a:4b:fe:
89:9f:ea:7a:38:29:e0:62:21:57:43:71:0b:63:92:
86:b9:7c:af:f9:81:20:a0:e7:74:a0:79:cd:81:5e:
db:f1:aa:ee:07:36:45:c2:75:ed:c1:da:30:f4:6b:
e5:49:6e:3e:94:56:18:3c:fc:69:ab:fd:5a:60:07:
86:db:76:59:49:bb:d0:28:18:60:d9:51:f0:f1:b7:
c4:57:3c:5b:2f:60:64:67:2d:26:e1:54:0f:4e:53:
f8:85:78:e8:69:14:e3:ee:e8:cb:c1:c5:16:d2:48:
da:b4:6e:91:1a:db:71:70:aa:aa:32:55:14:6b:20:
19:5b:39:73:94:3f:f6:56:e0:31:18:81:0c:ba:eb:
32:b6:0e:9c:81:6a:ea:e9:ff:00:9c:61:8e:93:30:
be:e1:d0:78:ea:14:88:2e:ef:ce:7c:1e:a8:9e:17:
51:34:8e:3a:3c:be:20:3a:08:fc:58:6b:80:20:8c:
28:03:18:6c:95:d7:a0:ba:b2:ce:98:cf:6e:bd:93:
df:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:66:02:CF:02:89:EF:9F:BA:FA:20:FD:76:C4:2B:91:2D:CF:10:8C
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/1GYCzwKJ75-6-iD9dsQrkS3PEIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.194.0/24
83.147.222.0/24
83.147.244.0/22
91.186.200.0/21
91.186.216.0/23
94.241.168.0/21
Signature Algorithm: sha256WithRSAEncryption
06:40:68:fb:d0:b2:99:90:58:56:14:21:a6:42:50:b5:5f:0c:
e4:b1:2d:0a:4a:2d:6b:f5:d3:be:5e:f5:d9:1f:a9:58:e2:7b:
b3:3e:33:87:fc:79:1b:34:2f:32:9c:c2:bc:19:67:91:36:f6:
3e:a5:c6:37:98:58:9c:d5:ef:91:3f:66:ed:4c:4f:81:a5:16:
6a:2c:df:d5:0f:61:4b:2a:a8:33:c3:0d:e7:0f:52:bb:1a:77:
75:57:8d:e0:2f:fb:72:34:c2:de:2a:95:84:ae:38:a2:05:50:
78:7a:26:18:0d:49:d4:8d:3a:75:ba:9b:35:de:2b:c7:8b:11:
32:09:e7:c3:d7:1c:73:34:72:80:ea:15:5e:6b:a3:98:51:e6:
d3:c9:3d:27:10:67:2d:10:9c:0d:93:cf:8f:a2:62:73:92:9d:
e3:b7:28:0a:25:66:bb:b8:a8:ca:6d:c9:4d:36:c6:a0:7a:50:
37:43:c6:2e:c2:d7:01:93:b7:01:03:a3:37:2c:e6:aa:13:43:
fc:4f:77:9c:20:a1:d7:58:ca:7b:12:fa:21:78:74:b1:2a:ea:
7c:8a:e8:a0:da:68:8f:27:d5:e7:01:98:e7:50:c2:9c:9e:20:
5f:9a:16:4e:3a:27:f8:6b:c2:3b:f5:9c:3d:87:7a:8b:c7:82:
2b:c5:b9:2c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZF9+4pfO8F8lAhdkrN+TAdpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwODIzMDY0NTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDY2MDJjZjAyODllZjlmYmFmYTIwZmQ3NmM0MmI5MTJkY2YxMDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPlVSBedRVhm/Bi0qDq2zbbGvT7h
fL81a8WSOtYt7fEQP/LgaJ8oeLxo+BvaGQsshBhvMo6vE/paS/6Jn+p6OCngYiFX
Q3ELY5KGuXyv+YEgoOd0oHnNgV7b8aruBzZFwnXtwdow9GvlSW4+lFYYPPxpq/1a
YAeG23ZZSbvQKBhg2VHw8bfEVzxbL2BkZy0m4VQPTlP4hXjoaRTj7ujLwcUW0kja
tG6RGttxcKqqMlUUayAZWzlzlD/2VuAxGIEMuusytg6cgWrq6f8AnGGOkzC+4dB4
6hSILu/OfB6onhdRNI46PL4gOgj8WGuAIIwoAxhsldegurLOmM9uvZPf5wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNRmAs8Cie+fuvog/XbEK5EtzxCMMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvMUdZQ3p3S0o3NS02LWlEOWRzUXJrUzNQRUl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAU5PCAwQA
U5PeAwQCU5P0AwQDW7rIAwQBW7rYAwQDXvGoMA0GCSqGSIb3DQEBCwUAA4IBAQAG
QGj70LKZkFhWFCGmQlC1XwzksS0KSi1r9dO+XvXZH6lY4nuzPjOH/HkbNC8ynMK8
GWeRNvY+pcY3mFic1e+RP2btTE+BpRZqLN/VD2FLKqgzww3nD1K7Gnd1V43gL/ty
NMLeKpWErjiiBVB4eiYYDUnUjTp1ups13ivHixEyCefD1xxzNHKA6hVea6OYUebT
yT0nEGctEJwNk8+PomJzkp3jtygKJWa7uKjKbclNNsagelA3Q8YuwtcBk7cBA6M3
LOaqE0P8T3ecIKHXWMp7EvoheHSxKup8iuig2miPJ9XnAZjnUMKcniBfmhZOOif4
a8I79Zw9h3qLx4Irxbks
Generated at Sat Aug 24 22:42:31 2024 by rpki-client on console-fra.rpki-client.org