Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/4M-vM1-DqTJaHNCcuJPpDKoJ_Bs.roa
File: 4M-vM1-DqTJaHNCcuJPpDKoJ_Bs.roa (raw, json)
Hash identifier: EjpTWSMpUv7FF7jc1+cqv/KOhKToIarirJx481upztg=
Subject key identifier: E0:CF:AF:33:5F:83:A9:32:5A:1C:D0:9C:B8:93:E9:0C:AA:09:FC:1B
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 0190F2F07BC0E8EF28AD014580DAEB7E7CCF
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/4M-vM1-DqTJaHNCcuJPpDKoJ_Bs.roa
Signing time: Sat 27 Jul 2024 06:46:04 +0000
ROA not before: Sat 27 Jul 2024 06:46:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.244.0/22 maxlen: 24
91.186.200.0/22 maxlen: 24
91.186.204.0/22 maxlen: 24
94.241.168.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sun 28 Jul 2024 22:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:f2:f0:7b:c0:e8:ef:28:ad:01:45:80:da:eb:7e:7c:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jul 27 06:46:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0cfaf335f83a9325a1cd09cb893e90caa09fc1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f1:4e:e3:ac:24:ea:e5:69:01:53:89:e6:b6:
96:26:f4:43:a1:fc:aa:6d:31:50:70:d3:c0:de:13:
83:87:b2:1a:5b:4c:23:39:96:31:35:b8:f2:20:a3:
91:9d:57:22:09:79:8c:32:51:b8:44:a2:af:b1:af:
26:02:4f:4a:ce:76:de:77:93:8e:2d:7d:b3:54:11:
78:14:74:15:79:e1:bc:fc:3b:89:1e:16:48:f2:8a:
25:86:00:cc:86:d7:09:5b:26:61:bd:7a:96:b3:2a:
b3:f3:09:b2:cf:df:c8:3a:be:1f:9c:bf:46:d0:18:
38:f9:b0:08:34:e4:db:84:e8:d5:45:33:c3:5a:68:
67:e7:f3:3d:ef:1a:18:14:61:4a:12:10:fd:de:21:
54:7b:b3:f5:58:1a:78:81:a5:a3:56:41:d8:e0:aa:
08:79:41:b9:15:35:3f:ca:1c:04:0e:03:c9:cc:64:
dc:12:f7:96:89:02:79:7f:83:e5:43:81:31:02:34:
98:4d:6b:f6:ff:78:f9:24:a6:3c:ca:03:24:db:ff:
1b:fe:8b:d7:cd:b8:ed:56:ac:e3:47:90:32:53:76:
ed:70:f9:6e:3a:ce:24:97:e5:3f:96:cc:00:ae:1a:
50:6c:75:27:06:45:6e:f1:20:02:df:6c:eb:85:89:
ce:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:CF:AF:33:5F:83:A9:32:5A:1C:D0:9C:B8:93:E9:0C:AA:09:FC:1B
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/4M-vM1-DqTJaHNCcuJPpDKoJ_Bs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.244.0/22
91.186.200.0/21
94.241.168.0/21
Signature Algorithm: sha256WithRSAEncryption
33:8d:30:7d:34:dc:dd:5d:4f:e4:d7:0c:3f:38:47:93:4f:2f:
30:71:59:38:4e:bc:39:bc:bb:5b:2e:c6:08:b4:b5:30:98:46:
73:e3:83:74:9c:9d:8d:be:66:fe:87:89:ab:b4:4d:41:cd:c4:
e7:3f:87:fe:d6:b3:99:fe:ee:0a:4a:99:1d:ed:ec:38:99:bc:
9c:12:02:0d:2f:da:e7:d3:fb:1e:26:4b:24:ec:bd:7e:e3:03:
bc:93:e6:c5:63:7e:d1:2d:91:d1:b4:0c:4a:4d:ab:1f:b9:18:
35:cc:b7:d8:ae:ca:59:a5:2d:af:07:40:74:0c:d1:6e:66:8e:
f6:d9:c2:f4:ef:07:44:e2:f0:ca:ca:76:5e:84:e7:12:0d:aa:
74:89:14:62:be:20:e8:41:d4:64:ef:97:2f:69:52:26:93:22:
0c:63:65:78:2a:23:7d:03:4c:cd:d7:24:bd:2d:e9:7b:50:ad:
1c:dd:21:f2:1b:ac:63:df:f4:34:e7:92:a7:ea:d6:6f:9d:15:
8e:8a:13:c7:1a:8f:e0:bc:ae:f7:8c:8d:ec:31:79:eb:c2:9c:
0f:a4:e0:e2:c9:d8:38:b8:16:c1:70:18:fb:e5:7d:88:b9:6a:
98:c5:20:32:f8:09:61:e9:c2:9e:08:41:9a:a2:6e:52:6e:6f:
9c:75:65:1d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZDy8HvA6O8orQFFgNrrfnzPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwNzI3MDY0NjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGNmYWYzMzVmODNhOTMyNWExY2QwOWNiODkzZTkwY2FhMDlmYzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvFO46wk6uVpAVOJ5raWJvRDofyq
bTFQcNPA3hODh7IaW0wjOZYxNbjyIKORnVciCXmMMlG4RKKvsa8mAk9Kznbed5OO
LX2zVBF4FHQVeeG8/DuJHhZI8oolhgDMhtcJWyZhvXqWsyqz8wmyz9/IOr4fnL9G
0Bg4+bAINOTbhOjVRTPDWmhn5/M97xoYFGFKEhD93iFUe7P1WBp4gaWjVkHY4KoI
eUG5FTU/yhwEDgPJzGTcEveWiQJ5f4PlQ4ExAjSYTWv2/3j5JKY8ygMk2/8b/ovX
zbjtVqzjR5AyU3btcPluOs4kl+U/lswArhpQbHUnBkVu8SAC32zrhYnOHQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFODPrzNfg6kyWhzQnLiT6QyqCfwbMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvNE0tdk0xLURxVEphSE5DY3VKUHBES29KX0JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCU5P0AwQD
W7rIAwQDXvGoMA0GCSqGSIb3DQEBCwUAA4IBAQAzjTB9NNzdXU/k1ww/OEeTTy8w
cVk4Trw5vLtbLsYItLUwmEZz44N0nJ2Nvmb+h4mrtE1BzcTnP4f+1rOZ/u4KSpkd
7ew4mbycEgINL9rn0/seJksk7L1+4wO8k+bFY37RLZHRtAxKTasfuRg1zLfYrspZ
pS2vB0B0DNFuZo722cL07wdE4vDKynZehOcSDap0iRRiviDoQdRk75cvaVImkyIM
Y2V4KiN9A0zN1yS9Lel7UK0c3SHyG6xj3/Q055Kn6tZvnRWOihPHGo/gvK73jI3s
MXnrwpwPpODiydg4uBbBcBj75X2IuWqYxSAy+Alh6cKeCEGaom5Sbm+cdWUd
-----END CERTIFICATE-----
Generated at Sun Jul 28 23:46:04 2024 by rpki-client on console-fra.rpki-client.org