Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/2A9fWT1qj9dnmdMvZoBr8ZGwweQ.roa
File: 2A9fWT1qj9dnmdMvZoBr8ZGwweQ.roa (raw, json)
Hash identifier: 9YsT6Ol2c/8m1A1sY3+7r5LLkEmOUxN1XYR2C5yiRy8=
Subject key identifier: D8:0F:5F:59:3D:6A:8F:D7:67:99:D3:2F:66:80:6B:F1:91:B0:C1:E4
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 01881ED13E6D6C3C30511D50542B48911B2A
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/2A9fWT1qj9dnmdMvZoBr8ZGwweQ.roa
Signing time: Mon 15 May 2023 09:50:09 +0000
ROA not before: Mon 15 May 2023 09:50:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 94.241.136.0/21 maxlen: 24
91.186.216.0/22 maxlen: 24
83.147.244.0/22 maxlen: 24
83.147.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 May 2023 18:50:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1e:d1:3e:6d:6c:3c:30:51:1d:50:54:2b:48:91:1b:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: May 15 09:50:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d80f5f593d6a8fd76799d32f66806bf191b0c1e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:28:bf:75:70:d2:e8:e0:b6:98:72:a3:84:46:
0c:e1:6f:52:5f:77:df:23:8f:d7:10:90:ea:ce:d8:
ae:1b:32:fa:85:c7:fc:cd:e5:98:40:2b:f2:69:f2:
13:99:e6:77:ec:86:d6:4b:e6:78:da:a8:5e:57:24:
36:a2:40:30:a9:a7:aa:5d:f4:b0:c7:c6:81:75:ac:
4b:bf:4b:ff:b6:36:15:8f:01:5f:ea:10:e3:ef:a6:
79:04:3e:ef:ff:f2:75:02:87:f2:55:74:0c:ae:d0:
a2:90:5d:b9:3f:4c:fd:1f:98:d1:58:de:fc:d2:6e:
6f:66:37:07:f5:0a:63:72:78:a6:0d:38:8d:87:2a:
f5:1f:1e:c7:f0:12:d9:90:8d:96:29:a4:ba:15:5e:
f2:b0:f6:4d:ea:63:27:62:d8:02:c0:62:bf:f4:4e:
c6:c0:81:30:d7:ed:fb:8d:01:b9:8c:36:41:ec:6a:
14:62:d2:cd:32:e0:dd:c0:8b:06:5e:9a:ea:fa:4c:
2d:af:99:79:05:b1:25:46:b0:51:33:0c:f8:86:84:
ad:a3:6c:5f:20:45:e9:3e:29:bb:fa:5d:70:5a:1e:
fa:99:21:37:c5:e9:6d:37:88:5e:fb:59:73:5d:2b:
ae:5a:bb:85:e6:73:77:f1:5e:bf:f4:ee:80:c8:b0:
23:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:0F:5F:59:3D:6A:8F:D7:67:99:D3:2F:66:80:6B:F1:91:B0:C1:E4
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/2A9fWT1qj9dnmdMvZoBr8ZGwweQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.244.0/22
83.147.252.0/22
91.186.216.0/22
94.241.136.0/21
Signature Algorithm: sha256WithRSAEncryption
84:85:82:49:8c:6e:ab:01:6e:dd:bc:ea:37:d2:e1:38:24:4c:
cb:94:36:00:20:91:ef:f5:9a:1a:14:09:ad:99:74:83:07:05:
e4:ff:09:82:c8:fa:29:ed:fa:3f:75:a2:11:94:36:34:39:53:
35:9b:76:1c:eb:c6:bb:95:f1:ef:27:98:c7:88:db:60:0a:99:
b5:47:56:46:1d:b1:24:63:d8:00:83:19:b5:a6:ec:40:26:77:
ef:10:f8:30:43:21:38:b6:c7:0f:f3:d0:3a:12:a7:bb:73:52:
cb:56:93:1f:8c:09:01:0b:a4:3d:ca:12:72:74:92:78:9b:ca:
ba:2d:d1:b6:91:8e:4f:c9:df:e1:d5:f0:a5:94:91:26:74:e5:
80:3e:eb:0e:99:ae:c9:c1:e9:bc:5e:0e:db:ba:29:65:47:17:
a7:f4:c3:78:13:85:f8:1e:a2:0a:ea:4f:8d:b5:0c:ff:c3:10:
42:69:10:64:b8:d4:c4:39:31:38:20:5d:e3:f8:25:67:fc:2e:
5b:d6:6d:db:5b:a3:3a:7f:cf:e3:3b:71:1c:6b:cb:90:f2:98:
dc:9a:4a:13:e8:6f:8b:c5:34:9f:88:43:a5:43:13:85:27:22:
a8:8b:8a:49:0f:f9:e0:f8:66:b8:8b:47:49:00:ec:c3:bc:a0:
c7:f9:8e:c5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYge0T5tbDwwUR1QVCtIkRsqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwNTE1MDk1MDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODBmNWY1OTNkNmE4ZmQ3Njc5OWQzMmY2NjgwNmJmMTkxYjBjMWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSi/dXDS6OC2mHKjhEYM4W9SX3ff
I4/XEJDqztiuGzL6hcf8zeWYQCvyafITmeZ37IbWS+Z42qheVyQ2okAwqaeqXfSw
x8aBdaxLv0v/tjYVjwFf6hDj76Z5BD7v//J1AofyVXQMrtCikF25P0z9H5jRWN78
0m5vZjcH9QpjcnimDTiNhyr1Hx7H8BLZkI2WKaS6FV7ysPZN6mMnYtgCwGK/9E7G
wIEw1+37jQG5jDZB7GoUYtLNMuDdwIsGXprq+kwtr5l5BbElRrBRMwz4hoSto2xf
IEXpPim7+l1wWh76mSE3xeltN4he+1lzXSuuWruF5nN38V6/9O6AyLAjMQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNgPX1k9ao/XZ5nTL2aAa/GRsMHkMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvMkE5ZldUMXFqOWRubWRNdlpvQnI4Wkd3d2VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCU5P0AwQC
U5P8AwQCW7rYAwQDXvGIMA0GCSqGSIb3DQEBCwUAA4IBAQCEhYJJjG6rAW7dvOo3
0uE4JEzLlDYAIJHv9ZoaFAmtmXSDBwXk/wmCyPop7fo/daIRlDY0OVM1m3Yc68a7
lfHvJ5jHiNtgCpm1R1ZGHbEkY9gAgxm1puxAJnfvEPgwQyE4tscP89A6Eqe7c1LL
VpMfjAkBC6Q9yhJydJJ4m8q6LdG2kY5Pyd/h1fCllJEmdOWAPusOma7Jwem8Xg7b
uillRxen9MN4E4X4HqIK6k+NtQz/wxBCaRBkuNTEOTE4IF3j+CVn/C5b1m3bW6M6
f8/jO3Eca8uQ8pjcmkoT6G+LxTSfiEOlQxOFJyKoi4pJD/ng+Ga4i0dJAOzDvKDH
+Y7F
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:18 2024 by rpki-client on console-ams.rpki-client.org