Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/23vrKgbkYG_VTgT2__GetEnsuoI.roa
File: 23vrKgbkYG_VTgT2__GetEnsuoI.roa (raw, json)
Hash identifier: M9wIAa5faruH6gS23zqRB9vpLzbOE1etoXFr7tOgdRE=
Subject key identifier: DB:7B:EB:2A:06:E4:60:6F:D5:4E:04:F6:FF:F1:9E:B4:49:EC:BA:82
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 019186336C8CA7AC397E7F3C215FCC5AE183
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/23vrKgbkYG_VTgT2__GetEnsuoI.roa
Signing time: Sat 24 Aug 2024 21:03:22 +0000
ROA not before: Sat 24 Aug 2024 21:03:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.222.0/24 maxlen: 24
83.147.244.0/22 maxlen: 24
91.186.200.0/22 maxlen: 24
91.186.204.0/22 maxlen: 24
91.186.216.0/23 maxlen: 24
94.241.168.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Aug 2024 08:36:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:86:33:6c:8c:a7:ac:39:7e:7f:3c:21:5f:cc:5a:e1:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Aug 24 21:03:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db7beb2a06e4606fd54e04f6fff19eb449ecba82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:18:33:89:27:80:85:1a:69:57:2f:17:33:7a:
75:99:8a:b3:77:4c:e1:94:c3:2a:85:aa:0f:bf:a9:
b3:60:32:dd:af:62:0e:cc:35:80:aa:ad:e5:21:9e:
27:b6:95:c6:c6:29:ce:40:8f:c0:b3:b8:53:d3:c2:
be:d5:cb:d1:3e:67:37:b0:ff:05:7f:cf:e3:92:77:
43:a2:e8:04:84:c6:4a:27:84:77:de:1f:39:01:3a:
82:8e:b9:92:f1:82:73:9d:fd:58:71:76:e4:a2:93:
cc:5f:75:b5:95:5b:ab:56:5b:47:ff:78:91:bb:24:
d9:0a:8e:83:7d:ca:01:4b:20:4b:e2:73:5f:10:f2:
2c:1e:66:47:53:54:45:59:3b:3c:5e:32:ce:dd:89:
40:6d:14:e1:08:1d:01:49:43:fe:7c:fd:ba:23:33:
13:d5:7b:64:a2:c7:d7:ea:a0:a9:fd:79:da:7c:0e:
a4:46:57:03:fe:3e:2f:12:66:45:45:b8:d7:35:59:
9c:15:cd:f6:8a:c7:30:77:cc:a2:b6:7b:64:5c:5b:
59:16:e2:48:43:1d:b2:03:21:a8:59:76:a7:00:76:
2e:63:5a:62:5c:d1:ee:72:8c:8c:ef:e0:3d:30:7d:
c9:df:14:4c:4c:6b:48:54:72:43:7c:8c:81:5a:51:
c7:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:7B:EB:2A:06:E4:60:6F:D5:4E:04:F6:FF:F1:9E:B4:49:EC:BA:82
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/23vrKgbkYG_VTgT2__GetEnsuoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.222.0/24
83.147.244.0/22
91.186.200.0/21
91.186.216.0/23
94.241.168.0/21
Signature Algorithm: sha256WithRSAEncryption
4c:49:ab:40:7a:1d:0d:84:e6:89:22:d8:95:3d:3c:d1:85:e1:
3a:a5:51:ed:bb:d1:2f:ec:d7:95:e3:9b:e1:24:ea:1f:eb:2a:
2d:ba:0f:70:e7:81:52:ce:b1:79:98:aa:c9:48:07:1d:29:ce:
63:4c:2c:54:77:31:45:e9:ee:d0:f1:d5:b0:d6:83:50:f9:f6:
b2:73:74:da:28:9a:6b:c2:60:98:84:b3:d2:d4:6e:ee:69:89:
7b:e7:e3:f9:1c:78:0e:93:a3:04:96:cf:26:b2:39:02:f7:0b:
8e:d1:29:fd:50:5d:be:12:93:7a:97:58:51:c2:b9:63:9b:28:
60:a6:04:d4:a3:a7:fb:f7:cb:11:d2:46:dd:2c:21:c7:5f:7e:
4e:4b:1e:5d:d9:59:64:b6:94:c4:ed:b0:4c:ba:82:99:93:72:
3a:87:c1:39:33:3e:61:03:68:71:81:20:85:90:a2:92:98:fd:
3e:c9:1e:f0:8d:1e:12:17:df:23:d4:d1:3f:03:6f:d2:c2:43:
f6:f1:7d:a9:5d:48:b9:87:ba:89:cc:c8:27:e5:32:7a:9a:18:
ab:09:d1:90:a5:f6:bc:a1:28:3a:da:83:d1:eb:b3:a4:74:15:
95:5b:fd:7b:32:e6:ed:fb:c0:4b:57:2f:4f:5e:46:ef:50:28:
97:22:66:d1
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZGGM2yMp6w5fn88IV/MWuGDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwODI0MjEwMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjdiZWIyYTA2ZTQ2MDZmZDU0ZTA0ZjZmZmYxOWViNDQ5ZWNiYTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhgziSeAhRppVy8XM3p1mYqzd0zh
lMMqhaoPv6mzYDLdr2IOzDWAqq3lIZ4ntpXGxinOQI/As7hT08K+1cvRPmc3sP8F
f8/jkndDougEhMZKJ4R33h85ATqCjrmS8YJznf1YcXbkopPMX3W1lVurVltH/3iR
uyTZCo6DfcoBSyBL4nNfEPIsHmZHU1RFWTs8XjLO3YlAbRThCB0BSUP+fP26IzMT
1XtkosfX6qCp/XnafA6kRlcD/j4vEmZFRbjXNVmcFc32iscwd8yitntkXFtZFuJI
Qx2yAyGoWXanAHYuY1piXNHucoyM7+A9MH3J3xRMTGtIVHJDfIyBWlHHEQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNt76yoG5GBv1U4E9v/xnrRJ7LqCMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvMjN2cktnYmtZR19WVGdUMl9fR2V0RW5zdW9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAU5PeAwQC
U5P0AwQDW7rIAwQBW7rYAwQDXvGoMA0GCSqGSIb3DQEBCwUAA4IBAQBMSatAeh0N
hOaJItiVPTzRheE6pVHtu9Ev7NeV45vhJOof6yotug9w54FSzrF5mKrJSAcdKc5j
TCxUdzFF6e7Q8dWw1oNQ+fayc3TaKJprwmCYhLPS1G7uaYl75+P5HHgOk6MEls8m
sjkC9wuO0Sn9UF2+EpN6l1hRwrljmyhgpgTUo6f798sR0kbdLCHHX35OSx5d2Vlk
tpTE7bBMuoKZk3I6h8E5Mz5hA2hxgSCFkKKSmP0+yR7wjR4SF98j1NE/A2/SwkP2
8X2pXUi5h7qJzMgn5TJ6mhirCdGQpfa8oSg62oPR67OkdBWVW/17Mubt+8BLVy9P
XkbvUCiXImbR
-----END CERTIFICATE-----
Generated at Wed Aug 28 12:06:22 2024 by rpki-client on console-ams.rpki-client.org