Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/5BE2XPO70LhQgdoZmDJX6sD7bqk.roa
File: 5BE2XPO70LhQgdoZmDJX6sD7bqk.roa (raw, json)
Hash identifier: ksQzw4ekd4ViQ23fIrN3Aqtf7WhYuG/TL45dKkCI0KU=
Subject key identifier: E4:11:36:5C:F3:BB:D0:B8:50:81:DA:19:98:32:57:EA:C0:FB:6E:A9
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018C000698C693B63FC48FCDD4075B2D779E
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/5BE2XPO70LhQgdoZmDJX6sD7bqk.roa
Signing time: Fri 24 Nov 2023 06:31:21 +0000
ROA not before: Fri 24 Nov 2023 06:31:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 91.186.204.0/22 maxlen: 24
91.186.216.0/22 maxlen: 24
94.241.164.0/23 maxlen: 24
94.241.160.0/22 maxlen: 24
178.253.26.0/23 maxlen: 24
178.253.44.0/23 maxlen: 24
83.147.232.0/22 maxlen: 24
83.147.252.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:00:06:98:c6:93:b6:3f:c4:8f:cd:d4:07:5b:2d:77:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Nov 24 06:31:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e411365cf3bbd0b85081da19983257eac0fb6ea9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:e0:37:ea:b1:32:82:1a:04:89:76:df:ab:6a:
eb:ed:31:5e:d6:9c:f6:8b:b7:a0:db:b2:94:ec:d4:
1e:9b:39:b1:1b:48:af:58:42:61:5b:50:05:e1:59:
42:a4:fc:e0:e7:3b:a1:6e:96:8f:8a:0d:72:dc:37:
59:d9:20:59:be:c6:e9:88:37:4e:14:8a:19:5d:22:
d3:02:ca:5b:2f:eb:71:37:a3:10:85:ee:8a:d9:57:
08:88:97:67:46:05:3f:81:38:72:0c:90:7a:90:da:
cc:33:3a:71:67:7f:29:34:2c:1f:25:96:a8:30:c7:
54:7e:86:7d:9d:71:fe:56:e5:e2:07:c5:43:16:30:
7b:7a:e1:be:92:2a:04:8f:fd:ad:a5:0f:8c:9b:1f:
cb:97:31:ec:2d:69:48:7a:08:38:7f:fb:bc:d2:1f:
ca:19:03:10:6a:af:e6:f1:d1:b7:ed:e7:6a:6c:e5:
0e:bf:e1:8b:34:50:72:26:d4:e7:9f:1f:6a:27:b7:
05:36:0f:54:ce:7e:b0:39:78:be:0e:ea:a2:32:bf:
36:63:e3:40:e4:0e:99:43:e2:59:07:d2:c6:6f:34:
16:3b:77:14:26:cf:9b:d3:e6:45:9e:88:72:bb:c0:
e1:0d:06:94:f8:33:62:a0:03:c4:af:3d:1b:0c:f5:
da:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:11:36:5C:F3:BB:D0:B8:50:81:DA:19:98:32:57:EA:C0:FB:6E:A9
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/5BE2XPO70LhQgdoZmDJX6sD7bqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.232.0/22
83.147.252.0/22
91.186.204.0/22
91.186.216.0/22
94.241.160.0-94.241.165.255
178.253.26.0/23
178.253.44.0/23
Signature Algorithm: sha256WithRSAEncryption
34:3a:cb:83:6a:5e:ac:94:2f:c9:e9:67:9e:78:25:18:73:b4:
5c:d2:dc:e1:fd:c0:81:f1:4c:da:cd:63:a0:a1:06:c4:c9:43:
b7:0a:b2:e1:92:ce:10:77:09:0e:85:84:26:74:cb:20:de:b0:
21:86:5f:b8:e6:f4:9c:cb:ea:a6:04:0d:5a:2f:ba:90:80:a4:
80:62:79:ac:bb:04:f6:13:b4:ee:a7:01:2b:27:f1:0d:87:0d:
e7:f3:99:ab:9d:20:60:19:d4:97:be:58:13:e9:ae:d2:28:ee:
87:f3:42:0e:e6:9e:71:99:ac:aa:40:1d:91:d3:e8:38:cf:da:
fc:00:1f:cb:3e:05:54:1e:03:19:23:6b:80:29:49:e4:c1:f5:
66:7a:57:a7:fc:3a:fd:eb:af:8e:7e:ab:b1:56:ad:f7:18:36:
68:48:fe:1e:fe:5b:41:58:9d:27:bc:5c:a0:33:c1:43:89:65:
36:d9:80:ca:9c:fa:ee:d4:8d:65:f4:f2:bc:df:ca:e6:0c:29:
eb:c6:9c:1a:95:63:b0:df:94:7e:89:63:83:97:8b:a4:ea:f4:
b1:cc:c9:e5:a3:d1:32:d9:6f:c1:f1:8d:bc:46:1f:8d:b4:de:
d8:3f:34:56:35:99:eb:af:61:15:68:47:e6:ca:8c:35:24:17:
04:34:bd:49
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYwABpjGk7Y/xI/N1AdbLXeeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMxMTI0MDYzMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDExMzY1Y2YzYmJkMGI4NTA4MWRhMTk5ODMyNTdlYWMwZmI2ZWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOA36rEyghoEiXbfq2rr7TFe1pz2
i7eg27KU7NQemzmxG0ivWEJhW1AF4VlCpPzg5zuhbpaPig1y3DdZ2SBZvsbpiDdO
FIoZXSLTAspbL+txN6MQhe6K2VcIiJdnRgU/gThyDJB6kNrMMzpxZ38pNCwfJZao
MMdUfoZ9nXH+VuXiB8VDFjB7euG+kioEj/2tpQ+Mmx/LlzHsLWlIegg4f/u80h/K
GQMQaq/m8dG37edqbOUOv+GLNFByJtTnnx9qJ7cFNg9Uzn6wOXi+DuqiMr82Y+NA
5A6ZQ+JZB9LGbzQWO3cUJs+b0+ZFnohyu8DhDQaU+DNioAPErz0bDPXaFwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFOQRNlzzu9C4UIHaGZgyV+rA+26pMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvNUJFMlhQTzcwTGhRZ2RvWm1ESlg2c0Q3YnFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCU5PoAwQC
U5P8AwQCW7rMAwQCW7rYMAwDBAVe8aADBAFe8aQDBAGy/RoDBAGy/SwwDQYJKoZI
hvcNAQELBQADggEBADQ6y4NqXqyUL8npZ554JRhztFzS3OH9wIHxTNrNY6ChBsTJ
Q7cKsuGSzhB3CQ6FhCZ0yyDesCGGX7jm9JzL6qYEDVovupCApIBieay7BPYTtO6n
ASsn8Q2HDefzmaudIGAZ1Je+WBPprtIo7ofzQg7mnnGZrKpAHZHT6DjP2vwAH8s+
BVQeAxkja4ApSeTB9WZ6V6f8Ov3rr45+q7FWrfcYNmhI/h7+W0FYnSe8XKAzwUOJ
ZTbZgMqc+u7UjWX08rzfyuYMKevGnBqVY7DflH6JY4OXi6Tq9LHMyeWj0TLZb8Hx
jbxGH4203tg/NFY1meuvYRVoR+bKjDUkFwQ0vUk=
-----END CERTIFICATE-----
Generated at Fri Nov 24 17:13:55 2023 by rpki-client on console-ams.rpki-client.org