Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/41gyL0-iU8QVdDxV5Yx_IUrjLmE.roa
File: 41gyL0-iU8QVdDxV5Yx_IUrjLmE.roa (raw, json)
Hash identifier: VnbqzdN2jFvFImHDeiRvJbW7tyPtsqHLS+MoZutcKqI=
Subject key identifier: E3:58:32:2F:4F:A2:53:C4:15:74:3C:55:E5:8C:7F:21:4A:E3:2E:61
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018682EC61A600A6C72DDCBCB6E5C456D5F0
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/41gyL0-iU8QVdDxV5Yx_IUrjLmE.roa
Signing time: Fri 24 Feb 2023 10:16:14 +0000
ROA not before: Fri 24 Feb 2023 10:16:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.186.204.0/22 maxlen: 24
91.186.216.0/22 maxlen: 24
178.253.22.0/23 maxlen: 24
83.147.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Feb 2023 13:24:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:82:ec:61:a6:00:a6:c7:2d:dc:bc:b6:e5:c4:56:d5:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Feb 24 10:16:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e358322f4fa253c415743c55e58c7f214ae32e61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:06:f2:4f:17:e4:f8:01:57:fd:c9:9c:33:b7:
81:c3:56:89:f2:15:2d:d5:23:e9:8a:bb:be:d6:0e:
43:d1:f6:1a:83:19:40:8e:67:4a:8e:42:4f:b9:a0:
b8:23:6d:1e:cc:5d:ad:a7:f4:bb:e9:d7:39:13:e5:
02:9a:75:76:e5:b1:cf:54:3e:8e:0f:14:26:2a:05:
c8:92:91:ec:b4:d8:bc:83:bf:1c:2a:e7:1e:f2:a6:
1f:ac:38:f7:df:c8:fc:6e:75:db:91:e9:96:eb:62:
36:86:d8:23:e1:2d:cf:b5:7a:b4:68:c2:9a:0d:3a:
d8:bb:cf:15:9c:c7:d9:35:8a:fb:c1:d6:73:5b:90:
be:32:bf:dc:bd:f9:1a:f5:53:25:b2:35:11:be:27:
ed:d8:8f:84:e2:6b:fd:2b:68:90:27:22:04:6e:96:
01:4c:a8:b0:b7:3c:c4:b4:83:b9:97:1c:cd:db:82:
31:39:09:a6:94:9e:80:13:da:b8:72:c1:a7:72:08:
69:2e:9f:c3:0c:7e:4c:d7:a8:25:33:8a:c1:d9:a1:
62:da:9a:95:78:5e:d0:6f:27:d0:ca:b2:01:4b:cc:
15:d7:3c:54:fe:f7:4f:23:72:3b:73:24:28:04:20:
58:11:89:97:da:ed:3a:d6:46:93:82:8a:b9:0f:dd:
d2:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:58:32:2F:4F:A2:53:C4:15:74:3C:55:E5:8C:7F:21:4A:E3:2E:61
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/41gyL0-iU8QVdDxV5Yx_IUrjLmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.252.0/22
91.186.204.0/22
91.186.216.0/22
178.253.22.0/23
Signature Algorithm: sha256WithRSAEncryption
30:ca:ad:50:67:dc:da:20:79:45:ff:6e:9a:51:ed:10:b0:f5:
ab:74:c2:f8:ce:be:2c:5e:7a:e4:38:a8:88:84:55:9a:08:59:
7d:2f:03:01:02:af:c5:95:eb:99:e4:47:54:18:89:2c:de:e8:
ec:b4:8f:39:fb:97:22:5d:1b:6f:da:9f:0e:a9:81:09:92:7b:
03:42:6a:63:83:91:80:51:29:be:8f:25:d0:82:c7:b9:5f:b9:
6a:c2:0f:2b:a2:da:ed:6a:90:21:1a:ef:d8:0c:0c:b0:ec:c0:
70:bc:36:85:21:c2:af:6b:b1:29:25:fe:27:fd:de:6a:af:d5:
b6:7e:98:7b:9d:0c:96:5a:70:38:b2:4c:d8:c0:dd:bb:7b:91:
92:5d:93:86:21:e1:33:b4:b4:4d:b0:4b:31:39:c5:f2:6d:22:
f7:b0:71:d5:20:25:c1:81:37:fd:e1:ab:2b:db:d0:11:25:76:
19:1a:3b:94:ff:2e:5e:2a:ee:45:7e:7d:8d:54:19:40:c0:5a:
fc:c5:0b:7f:f9:59:d0:3f:35:7a:3a:e7:a6:dd:42:18:5c:df:
af:24:53:c3:49:17:a8:ee:d6:96:59:7b:5c:88:aa:fd:f9:2f:
5e:4c:25:6e:4d:12:5a:28:84:29:e3:67:56:a2:84:63:75:e1:
74:87:06:14
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYaC7GGmAKbHLdy8tuXEVtXwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwMjI0MTAxNjE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzU4MzIyZjRmYTI1M2M0MTU3NDNjNTVlNThjN2YyMTRhZTMyZTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngbyTxfk+AFX/cmcM7eBw1aJ8hUt
1SPpiru+1g5D0fYagxlAjmdKjkJPuaC4I20ezF2tp/S76dc5E+UCmnV25bHPVD6O
DxQmKgXIkpHstNi8g78cKuce8qYfrDj338j8bnXbkemW62I2htgj4S3PtXq0aMKa
DTrYu88VnMfZNYr7wdZzW5C+Mr/cvfka9VMlsjURvift2I+E4mv9K2iQJyIEbpYB
TKiwtzzEtIO5lxzN24IxOQmmlJ6AE9q4csGncghpLp/DDH5M16glM4rB2aFi2pqV
eF7QbyfQyrIBS8wV1zxU/vdPI3I7cyQoBCBYEYmX2u061kaTgoq5D93SrwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFONYMi9PolPEFXQ8VeWMfyFK4y5hMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvNDFneUwwLWlVOFFWZER4VjVZeF9JVXJqTG1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCU5P8AwQC
W7rMAwQCW7rYAwQBsv0WMA0GCSqGSIb3DQEBCwUAA4IBAQAwyq1QZ9zaIHlF/26a
Ue0QsPWrdML4zr4sXnrkOKiIhFWaCFl9LwMBAq/FleuZ5EdUGIks3ujstI85+5ci
XRtv2p8OqYEJknsDQmpjg5GAUSm+jyXQgse5X7lqwg8rotrtapAhGu/YDAyw7MBw
vDaFIcKva7EpJf4n/d5qr9W2fph7nQyWWnA4skzYwN27e5GSXZOGIeEztLRNsEsx
OcXybSL3sHHVICXBgTf94asr29ARJXYZGjuU/y5eKu5Ffn2NVBlAwFr8xQt/+VnQ
PzV6Ouem3UIYXN+vJFPDSReo7taWWXtciKr9+S9eTCVuTRJaKIQp42dWooRjdeF0
hwYU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:18 2024 by rpki-client on console-ams.rpki-client.org