Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/5kirqCHGyxiiBwSXDyJy8dp9hUc.roa
File: 5kirqCHGyxiiBwSXDyJy8dp9hUc.roa (raw, json)
Hash identifier: 9TByFy1V4pqotjm3o+/LozpnsaGxYaplO8sD894ecag=
Subject key identifier: E6:48:AB:A8:21:C6:CB:18:A2:07:04:97:0F:22:72:F1:DA:7D:85:47
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 0188C861FAEC19F9387C67C7104526B93DB9
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/5kirqCHGyxiiBwSXDyJy8dp9hUc.roa
Signing time: Sat 17 Jun 2023 08:04:04 +0000
ROA not before: Sat 17 Jun 2023 08:04:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.186.194.0/23 maxlen: 24
94.241.136.0/21 maxlen: 24
91.186.216.0/22 maxlen: 24
94.241.168.0/21 maxlen: 24
178.253.40.0/22 maxlen: 24
83.147.240.0/22 maxlen: 24
83.147.244.0/22 maxlen: 24
83.147.252.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:c8:61:fa:ec:19:f9:38:7c:67:c7:10:45:26:b9:3d:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jun 17 08:04:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e648aba821c6cb18a20704970f2272f1da7d8547
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:b2:9b:35:e4:0a:c0:90:fa:8f:64:67:4e:bf:
5e:7f:94:e0:74:b0:e8:43:b5:6f:99:a9:2b:c0:a2:
35:af:66:12:a5:a0:df:ba:e3:07:92:92:45:4c:c1:
32:71:e4:a9:5d:2f:04:5e:47:2f:2a:82:04:a9:e4:
84:e1:7b:1c:7f:58:ca:41:c5:f0:cb:a0:77:0d:0f:
3c:05:2f:24:ba:13:4d:e3:d0:6a:d5:e0:9e:66:8e:
7b:c7:0e:af:e4:fa:8c:0d:52:8f:5b:21:a0:5c:e8:
62:a2:14:5d:83:93:29:b7:b0:1e:41:27:9c:17:24:
d5:cd:9b:16:7f:e6:8d:df:9f:5e:b9:7a:d6:ac:e0:
bb:ee:97:e9:b6:b7:ae:6e:95:48:70:48:7f:8e:a1:
4f:3b:6a:73:70:b0:06:77:53:b3:7d:3b:55:fb:75:
aa:73:8f:b5:ae:37:cd:b8:b0:bd:4d:82:9a:49:55:
fb:a2:4d:3d:c4:3f:30:04:9d:e3:7d:eb:20:f8:a9:
3d:cb:cf:1c:5f:12:a8:07:92:83:9a:77:62:23:e3:
04:80:7b:90:1c:96:75:11:2a:8f:8f:e5:8a:17:6d:
55:ce:78:af:de:32:ed:e2:93:4b:a2:9a:5b:6d:06:
1b:7e:3c:ad:fc:c2:7f:aa:ae:ee:e5:43:62:08:a8:
51:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:48:AB:A8:21:C6:CB:18:A2:07:04:97:0F:22:72:F1:DA:7D:85:47
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/5kirqCHGyxiiBwSXDyJy8dp9hUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.240.0/21
83.147.252.0/22
91.186.194.0/23
91.186.216.0/22
94.241.136.0/21
94.241.168.0/21
178.253.40.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:90:26:af:19:ff:ab:a0:32:f7:c6:aa:e9:c8:ec:d6:d9:16:
be:de:cd:71:9e:e0:55:95:fe:20:0e:71:cc:36:4d:6b:e0:ab:
9c:25:d6:e1:55:87:03:23:a6:04:9f:8f:e8:ad:2f:42:51:ab:
c5:8e:fc:10:35:9d:52:99:2d:57:cc:ab:a1:a8:3c:9b:8d:4c:
e7:f7:35:25:78:32:ac:92:0c:72:10:f3:2f:4c:6a:bd:c4:ed:
7b:ad:31:69:b0:98:04:b5:36:4a:44:b6:20:ad:b8:80:06:03:
26:00:1f:0b:c8:cd:2a:58:6b:c0:92:18:e9:5b:34:8d:7e:f1:
62:cc:ae:3f:5c:d1:ff:9b:b3:07:c2:bd:d2:7c:5c:d8:be:a5:
07:f9:9e:7a:25:0a:c1:93:cb:ca:79:e7:0b:f0:c6:66:aa:7e:
0f:bd:77:7d:61:12:59:8a:37:54:69:03:e9:5b:ab:fd:eb:f9:
51:af:69:45:fc:ed:93:c3:eb:b4:fd:9b:4c:ea:18:39:58:e4:
05:f5:75:09:6e:67:fc:34:fa:34:06:d7:72:ff:ee:35:ea:8e:
1e:a2:fa:15:a2:3e:c1:cd:eb:af:e7:fa:fa:8f:8f:0b:87:4e:
e2:27:bc:fc:24:38:ed:fb:f9:19:c9:70:af:98:4b:ea:91:53:
34:70:be:d9
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYjIYfrsGfk4fGfHEEUmuT25MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwNjE3MDgwNDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjQ4YWJhODIxYzZjYjE4YTIwNzA0OTcwZjIyNzJmMWRhN2Q4NTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbKbNeQKwJD6j2RnTr9ef5TgdLDo
Q7VvmakrwKI1r2YSpaDfuuMHkpJFTMEyceSpXS8EXkcvKoIEqeSE4Xscf1jKQcXw
y6B3DQ88BS8kuhNN49Bq1eCeZo57xw6v5PqMDVKPWyGgXOhiohRdg5Mpt7AeQSec
FyTVzZsWf+aN359euXrWrOC77pfptreubpVIcEh/jqFPO2pzcLAGd1OzfTtV+3Wq
c4+1rjfNuLC9TYKaSVX7ok09xD8wBJ3jfesg+Kk9y88cXxKoB5KDmndiI+MEgHuQ
HJZ1ESqPj+WKF21Vzniv3jLt4pNLoppbbQYbfjyt/MJ/qq7u5UNiCKhR0wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFOZIq6ghxssYogcElw8icvHafYVHMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvNWtpcnFDSEd5eGlpQndTWER5Snk4ZHA5aFVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDU5PwAwQC
U5P8AwQBW7rCAwQCW7rYAwQDXvGIAwQDXvGoAwQCsv0oMA0GCSqGSIb3DQEBCwUA
A4IBAQArkCavGf+roDL3xqrpyOzW2Ra+3s1xnuBVlf4gDnHMNk1r4KucJdbhVYcD
I6YEn4/orS9CUavFjvwQNZ1SmS1XzKuhqDybjUzn9zUleDKskgxyEPMvTGq9xO17
rTFpsJgEtTZKRLYgrbiABgMmAB8LyM0qWGvAkhjpWzSNfvFizK4/XNH/m7MHwr3S
fFzYvqUH+Z56JQrBk8vKeecL8MZmqn4PvXd9YRJZijdUaQPpW6v96/lRr2lF/O2T
w+u0/ZtM6hg5WOQF9XUJbmf8NPo0Btdy/+416o4eovoVoj7Bzeuv5/r6j48Lh07i
J7z8JDjt+/kZyXCvmEvqkVM0cL7Z
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:44 2023 by rpki-client on console-fra.rpki-client.org