Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/6ADkHG1ZLjvMvIHZ8eIZL2AzCqQ.roa
File: 6ADkHG1ZLjvMvIHZ8eIZL2AzCqQ.roa (raw, json)
Hash identifier: qEw1aBnuNxQSP6lkUpUf1ILD81QyyWZiFdLzjW9GSLs=
Subject key identifier: E8:00:E4:1C:6D:59:2E:3B:CC:BC:81:D9:F1:E2:19:2F:60:33:0A:A4
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018D422A683A3D23BA5D4609248DF781EDE1
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/6ADkHG1ZLjvMvIHZ8eIZL2AzCqQ.roa
Signing time: Thu 25 Jan 2024 19:48:11 +0000
ROA not before: Thu 25 Jan 2024 19:48:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 83.147.232.0/22 maxlen: 24
83.147.252.0/22 maxlen: 24
91.186.216.0/22 maxlen: 24
178.253.44.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jan 2024 05:48:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:42:2a:68:3a:3d:23:ba:5d:46:09:24:8d:f7:81:ed:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jan 25 19:48:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e800e41c6d592e3bccbc81d9f1e2192f60330aa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:0f:01:7a:36:b8:61:21:16:c4:1f:9c:da:35:
53:36:59:c5:d1:69:09:28:e5:21:1c:44:13:e8:c7:
f8:2b:68:63:1a:e6:a5:a9:3b:00:e3:36:d5:9e:6e:
43:15:31:49:86:7a:ab:b5:2f:17:03:81:37:0e:ba:
be:d6:98:64:83:eb:4b:89:91:2e:1e:5c:f0:e7:be:
eb:51:8e:a5:d3:ed:e7:05:8b:ae:b5:6e:71:7d:1d:
c8:40:52:d1:9b:24:51:9f:19:84:43:f9:ba:46:11:
b4:06:77:1e:d9:1e:27:e0:8c:b5:3a:63:58:ac:14:
15:12:8f:3f:6b:c6:90:41:79:6b:a3:ff:e3:18:16:
87:b9:43:be:87:57:c9:a5:15:d9:e4:02:72:17:bd:
eb:3b:ed:8c:79:0f:3e:8b:77:bd:f6:2e:20:2f:6d:
13:53:bc:80:22:e9:f0:04:77:66:af:62:cd:46:db:
f4:21:9a:5e:d3:9b:13:29:71:c6:de:96:ce:37:d1:
23:4f:33:17:3f:bd:6e:57:2c:8d:15:fb:05:2b:1a:
11:5d:84:5e:24:e7:2c:ce:ef:68:9e:f6:fd:12:56:
48:ff:ab:6e:77:3b:e5:97:1e:7f:87:b9:9c:8f:27:
09:da:cd:06:3b:69:16:d7:98:80:40:9e:69:7e:a8:
f7:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:00:E4:1C:6D:59:2E:3B:CC:BC:81:D9:F1:E2:19:2F:60:33:0A:A4
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/6ADkHG1ZLjvMvIHZ8eIZL2AzCqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.232.0/22
83.147.252.0/22
91.186.216.0/22
178.253.44.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:0d:d7:b5:3e:44:86:17:ef:f5:7b:d9:56:a6:06:df:c6:1b:
d5:de:06:fc:70:ba:34:99:b7:41:66:d7:ab:af:7f:69:4b:3a:
3a:9a:8d:7a:6b:df:79:86:c0:a9:3b:fd:df:01:42:47:4f:ae:
e1:a8:33:11:47:ef:2b:35:1c:ae:f8:64:34:32:84:c4:25:0f:
c3:ba:53:bb:c4:37:12:23:77:7b:df:10:ef:da:5c:6d:fd:5f:
07:c6:38:97:9a:a6:aa:2d:3f:a9:cd:32:3d:b7:93:6c:2f:d9:
ab:65:13:78:4a:25:ea:ca:9a:59:8e:13:df:1c:3e:f3:2a:36:
34:d9:b5:3a:52:7e:8e:b3:1b:89:fa:44:fd:e2:1b:c5:a4:bb:
36:0f:6e:7f:2f:2b:39:3f:e0:d4:9c:cd:f6:c9:f7:89:39:3a:
b8:52:b6:b0:8d:6a:70:5b:11:a8:cf:bc:10:99:fa:eb:3b:9f:
c0:b7:39:14:6e:dd:77:9d:98:21:da:41:b6:2d:0b:6f:c0:74:
6a:7d:fa:7c:f2:bb:b1:df:2c:f9:73:0b:e3:a4:df:ee:ce:99:
54:1e:42:d8:61:69:4a:06:fe:56:09:b2:83:3d:b2:de:c3:62:
c3:7e:6e:a6:86:93:79:e7:50:93:07:36:a1:5c:a9:6f:77:1d:
38:56:70:e5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY1CKmg6PSO6XUYJJI33ge3hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwMTI1MTk0ODExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODAwZTQxYzZkNTkyZTNiY2NiYzgxZDlmMWUyMTkyZjYwMzMwYWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Q8Beja4YSEWxB+c2jVTNlnF0WkJ
KOUhHEQT6Mf4K2hjGualqTsA4zbVnm5DFTFJhnqrtS8XA4E3Drq+1phkg+tLiZEu
Hlzw577rUY6l0+3nBYuutW5xfR3IQFLRmyRRnxmEQ/m6RhG0Bnce2R4n4Iy1OmNY
rBQVEo8/a8aQQXlro//jGBaHuUO+h1fJpRXZ5AJyF73rO+2MeQ8+i3e99i4gL20T
U7yAIunwBHdmr2LNRtv0IZpe05sTKXHG3pbON9EjTzMXP71uVyyNFfsFKxoRXYRe
JOcszu9onvb9ElZI/6tudzvllx5/h7mcjycJ2s0GO2kW15iAQJ5pfqj3AwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOgA5BxtWS47zLyB2fHiGS9gMwqkMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvNkFEa0hHMVpManZNdklIWjhlSVpMMkF6Q3FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCU5PoAwQC
U5P8AwQCW7rYAwQBsv0sMA0GCSqGSIb3DQEBCwUAA4IBAQBODde1PkSGF+/1e9lW
pgbfxhvV3gb8cLo0mbdBZterr39pSzo6mo16a995hsCpO/3fAUJHT67hqDMRR+8r
NRyu+GQ0MoTEJQ/DulO7xDcSI3d73xDv2lxt/V8HxjiXmqaqLT+pzTI9t5NsL9mr
ZRN4SiXqyppZjhPfHD7zKjY02bU6Un6OsxuJ+kT94hvFpLs2D25/Lys5P+DUnM32
yfeJOTq4UrawjWpwWxGoz7wQmfrrO5/AtzkUbt13nZgh2kG2LQtvwHRqffp88rux
3yz5cwvjpN/uzplUHkLYYWlKBv5WCbKDPbLew2LDfm6mhpN551CTBzahXKlvdx04
VnDl
-----END CERTIFICATE-----
Generated at Wed Jan 31 06:59:32 2024 by rpki-client on console-ams.rpki-client.org