Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/1s3GZtk0DjGOVCSBs0jmRW7kHIA.roa
File: 1s3GZtk0DjGOVCSBs0jmRW7kHIA.roa (raw, json)
Hash identifier: odid6G9WerImU6a7+pv+4cV7jfvYSt2MoK0EwrHap7I=
Subject key identifier: D6:CD:C6:66:D9:34:0E:31:8E:54:24:81:B3:48:E6:45:6E:E4:1C:80
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 0187055287DDBAA6077F65D6052FFB05DAB5
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/1s3GZtk0DjGOVCSBs0jmRW7kHIA.roa
Signing time: Tue 21 Mar 2023 17:58:27 +0000
ROA not before: Tue 21 Mar 2023 17:58:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 91.186.204.0/22 maxlen: 24
91.186.216.0/22 maxlen: 24
94.241.164.0/23 maxlen: 24
94.241.160.0/22 maxlen: 24
178.253.44.0/23 maxlen: 24
83.147.232.0/22 maxlen: 24
83.147.252.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:05:52:87:dd:ba:a6:07:7f:65:d6:05:2f:fb:05:da:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Mar 21 17:58:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6cdc666d9340e318e542481b348e6456ee41c80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:bf:8a:92:05:7b:1b:3c:f7:d6:ab:79:4b:11:
cc:eb:0d:04:dc:c5:f4:a2:dd:13:87:f3:51:e6:dc:
56:b9:33:96:a2:bd:27:8a:78:bc:73:8c:e7:1f:b4:
90:ac:2f:58:a7:0c:46:38:62:f8:80:95:c2:63:9a:
a1:15:58:a3:3b:a8:4f:d3:2f:d2:a1:c1:57:78:1b:
70:29:30:e8:fd:b9:2f:4a:ad:d6:dd:30:fa:db:af:
ad:6a:dc:28:60:50:18:16:69:2d:e9:df:5d:85:50:
31:8c:79:e5:dc:3e:08:d4:ab:88:4c:72:12:8a:83:
c8:79:20:66:fa:4f:37:3a:fa:5c:7f:66:95:0f:7e:
78:64:00:57:62:51:90:10:1e:55:70:83:81:45:ce:
33:c9:d5:45:a9:53:39:f7:c5:55:05:35:63:e5:0d:
bc:23:5b:14:30:6f:6b:85:61:83:2a:21:c7:8a:84:
09:53:63:1b:dc:24:6d:ac:d9:47:88:ae:cd:9f:32:
da:f0:73:ff:89:90:40:a4:0a:f8:fa:07:4b:63:22:
8d:4f:1f:e4:32:6d:61:a6:95:0c:7f:48:77:96:42:
01:2a:e5:a0:a4:78:b9:a7:90:8a:ff:76:01:73:d2:
2f:5d:5e:f9:0b:05:2d:36:0d:1c:12:ee:92:e2:87:
dc:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:CD:C6:66:D9:34:0E:31:8E:54:24:81:B3:48:E6:45:6E:E4:1C:80
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/1s3GZtk0DjGOVCSBs0jmRW7kHIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.232.0/22
83.147.252.0/22
91.186.204.0/22
91.186.216.0/22
94.241.160.0-94.241.165.255
178.253.44.0/23
Signature Algorithm: sha256WithRSAEncryption
48:ed:0d:47:53:3d:41:ea:e0:a0:d8:a7:65:21:cc:52:f3:8b:
92:28:3b:a2:02:ce:ac:fe:df:4e:83:ab:d4:0a:6d:9c:8c:4e:
28:77:3b:61:9c:f2:c7:2d:06:bd:d2:c7:c7:f2:7f:45:d6:00:
d6:12:31:42:98:3c:84:67:b1:69:49:e3:d6:18:66:e0:6e:1a:
8b:30:a3:69:16:c0:6d:d8:d8:90:d8:4f:16:dc:6a:95:61:0d:
7b:10:45:8b:cd:90:c8:3f:7e:c8:0a:5a:78:dc:de:25:1b:7c:
59:cb:73:79:05:c5:53:3c:7d:32:6e:5e:ad:eb:e9:a7:e8:72:
6d:84:82:0c:04:38:28:d3:a3:12:41:e6:06:30:58:42:f7:21:
da:4b:20:88:93:4d:86:ab:10:b6:ef:12:f8:d8:62:67:45:48:
f2:63:69:0e:9e:c1:1f:56:e5:f7:ab:0c:18:c9:e0:c9:c9:4f:
68:c0:19:6f:f1:af:7b:ac:87:58:45:68:ea:ee:8d:f7:09:0b:
c9:64:e1:a6:cb:7c:dc:32:2e:21:b2:4d:f2:e1:43:44:0b:23:
ac:23:2b:f9:60:a7:de:4b:eb:fd:91:a0:c6:11:af:c2:ee:c8:
d5:f2:ec:d7:30:ed:f9:c4:1b:8b:39:21:8d:e1:db:6c:86:fc:
ae:e4:e4:de
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYcFUofduqYHf2XWBS/7Bdq1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwMzIxMTc1ODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmNkYzY2NmQ5MzQwZTMxOGU1NDI0ODFiMzQ4ZTY0NTZlZTQxYzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnr+KkgV7Gzz31qt5SxHM6w0E3MX0
ot0Th/NR5txWuTOWor0nini8c4znH7SQrC9YpwxGOGL4gJXCY5qhFVijO6hP0y/S
ocFXeBtwKTDo/bkvSq3W3TD626+tatwoYFAYFmkt6d9dhVAxjHnl3D4I1KuITHIS
ioPIeSBm+k83Ovpcf2aVD354ZABXYlGQEB5VcIOBRc4zydVFqVM598VVBTVj5Q28
I1sUMG9rhWGDKiHHioQJU2Mb3CRtrNlHiK7NnzLa8HP/iZBApAr4+gdLYyKNTx/k
Mm1hppUMf0h3lkIBKuWgpHi5p5CK/3YBc9IvXV75CwUtNg0cEu6S4ofctwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFNbNxmbZNA4xjlQkgbNI5kVu5ByAMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvMXMzR1p0azBEakdPVkNTQnMwam1SVzdrSElBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCU5PoAwQC
U5P8AwQCW7rMAwQCW7rYMAwDBAVe8aADBAFe8aQDBAGy/SwwDQYJKoZIhvcNAQEL
BQADggEBAEjtDUdTPUHq4KDYp2UhzFLzi5IoO6ICzqz+306Dq9QKbZyMTih3O2Gc
8sctBr3Sx8fyf0XWANYSMUKYPIRnsWlJ49YYZuBuGoswo2kWwG3Y2JDYTxbcapVh
DXsQRYvNkMg/fsgKWnjc3iUbfFnLc3kFxVM8fTJuXq3r6afocm2EggwEOCjToxJB
5gYwWEL3IdpLIIiTTYarELbvEvjYYmdFSPJjaQ6ewR9W5ferDBjJ4MnJT2jAGW/x
r3ush1hFaOrujfcJC8lk4abLfNwyLiGyTfLhQ0QLI6wjK/lgp95L6/2RoMYRr8Lu
yNXy7Ncw7fnEG4s5IY3h22yG/K7k5N4=
-----END CERTIFICATE-----
Generated at Fri Nov 24 07:10:28 2023 by rpki-client on console-ams.rpki-client.org