Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/6kpDqXu1hjqFVPhl6zFPfBQwmgo.roa
File: 6kpDqXu1hjqFVPhl6zFPfBQwmgo.roa (raw, json)
Hash identifier: F9qpDndW3OExY0wJVcAJbkAM5R4Ber807AFbqWRukMs=
Subject key identifier: EA:4A:43:A9:7B:B5:86:3A:85:54:F8:65:EB:31:4F:7C:14:30:9A:0A
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018F2A2E85C8C7455B61E8559C4BD14DDA80
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/6kpDqXu1hjqFVPhl6zFPfBQwmgo.roa
Signing time: Mon 29 Apr 2024 14:07:23 +0000
ROA not before: Mon 29 Apr 2024 14:07:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.244.0/22 maxlen: 24
91.186.204.0/22 maxlen: 24
91.186.216.0/23 maxlen: 24
94.241.168.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 May 2024 07:49:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2a:2e:85:c8:c7:45:5b:61:e8:55:9c:4b:d1:4d:da:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Apr 29 14:07:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea4a43a97bb5863a8554f865eb314f7c14309a0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:46:65:42:72:4c:a2:1d:26:b3:e2:13:d4:47:
a9:7f:5f:6a:53:60:f3:75:15:a9:f3:fe:68:5a:cc:
7b:23:51:51:5f:2e:61:83:f3:fc:46:42:34:a0:c9:
5e:3c:9f:d7:83:1c:7c:78:90:11:6b:65:0c:75:f9:
42:13:43:d1:5e:94:e2:42:77:59:f9:24:68:5d:4a:
2f:0b:f2:01:4c:e8:1d:19:4e:a5:5c:00:d3:f3:57:
9b:2a:4a:dd:41:82:8b:15:35:ed:9c:ee:85:e4:e9:
6f:18:32:ee:92:fb:96:cf:e0:6e:97:82:38:97:d1:
31:66:9a:cd:cf:7a:cf:26:cb:8d:95:d2:08:6a:71:
f9:61:10:47:92:d3:4f:75:dd:44:ab:8f:17:9e:eb:
6d:b8:c3:52:b8:92:23:b2:01:13:0b:75:06:b4:0d:
a8:60:e3:b9:d6:0e:50:c3:31:e8:c3:52:cf:c2:28:
37:be:3c:5d:53:f1:25:f6:e7:23:73:f5:82:51:15:
7a:16:17:ef:78:f6:c3:2f:9a:38:65:7d:e7:b0:98:
8e:ab:d4:d4:48:b4:4e:33:b5:e5:d7:d1:27:55:b7:
fc:5b:f4:fb:75:54:a5:57:45:1f:3a:c1:a4:2c:90:
81:c9:f9:46:41:c3:b8:bf:e3:64:dd:80:84:7f:f2:
59:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:4A:43:A9:7B:B5:86:3A:85:54:F8:65:EB:31:4F:7C:14:30:9A:0A
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/6kpDqXu1hjqFVPhl6zFPfBQwmgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.244.0/22
91.186.204.0/22
91.186.216.0/23
94.241.168.0/21
Signature Algorithm: sha256WithRSAEncryption
4c:f1:a6:9d:b6:e9:e4:c6:79:9c:82:5c:89:f8:27:ec:bf:d3:
a3:92:ea:88:f6:cc:33:e5:06:8d:42:ce:31:31:9d:20:b0:b3:
55:54:cb:4a:f7:06:b3:5d:2e:c2:6e:e1:7a:97:44:e8:87:43:
1d:fd:39:cb:c4:82:d7:12:dc:a7:03:9d:a6:89:b1:82:f5:fc:
e4:9c:23:c5:3d:6d:5d:4f:84:9c:2b:6e:fc:92:34:ab:e4:5f:
03:e0:02:22:26:c7:a4:26:e7:d4:41:b2:a4:02:dd:06:ce:e7:
e2:74:11:d9:c4:1f:59:fb:99:65:fa:c3:79:dd:70:4c:04:e2:
09:36:6d:d0:7a:4d:f8:25:b5:48:12:06:08:54:59:89:16:d8:
e3:f5:0a:11:98:ca:b7:b2:a9:38:55:62:db:27:cd:b8:d6:67:
ca:2e:01:1f:cb:b3:26:9a:cf:04:73:aa:45:e2:14:0d:24:9e:
4a:b8:d8:02:a8:4e:1b:79:8b:f0:78:75:82:a1:32:6c:a3:50:
5d:e6:c9:97:c7:6e:98:a8:d2:14:ee:c9:1c:f2:39:b4:8e:8e:
91:63:68:5a:a4:01:d5:60:b7:11:00:07:6c:49:4a:01:39:9c:
9c:3d:8a:9a:76:fe:82:06:a7:f6:49:d8:82:fe:ab:9e:39:cc:
54:f2:47:1d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY8qLoXIx0VbYehVnEvRTdqAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwNDI5MTQwNzIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTRhNDNhOTdiYjU4NjNhODU1NGY4NjVlYjMxNGY3YzE0MzA5YTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzkZlQnJMoh0ms+IT1Eepf19qU2Dz
dRWp8/5oWsx7I1FRXy5hg/P8RkI0oMlePJ/Xgxx8eJARa2UMdflCE0PRXpTiQndZ
+SRoXUovC/IBTOgdGU6lXADT81ebKkrdQYKLFTXtnO6F5OlvGDLukvuWz+Bul4I4
l9ExZprNz3rPJsuNldIIanH5YRBHktNPdd1Eq48XnuttuMNSuJIjsgETC3UGtA2o
YOO51g5QwzHow1LPwig3vjxdU/El9ucjc/WCURV6FhfvePbDL5o4ZX3nsJiOq9TU
SLROM7Xl19EnVbf8W/T7dVSlV0UfOsGkLJCByflGQcO4v+Nk3YCEf/JZLwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOpKQ6l7tYY6hVT4ZesxT3wUMJoKMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvNmtwRHFYdTFoanFGVlBobDZ6RlBmQlF3bWdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCU5P0AwQC
W7rMAwQBW7rYAwQDXvGoMA0GCSqGSIb3DQEBCwUAA4IBAQBM8aadtunkxnmcglyJ
+Cfsv9OjkuqI9swz5QaNQs4xMZ0gsLNVVMtK9wazXS7CbuF6l0Toh0Md/TnLxILX
EtynA52mibGC9fzknCPFPW1dT4ScK278kjSr5F8D4AIiJsekJufUQbKkAt0Gzufi
dBHZxB9Z+5ll+sN53XBMBOIJNm3Qek34JbVIEgYIVFmJFtjj9QoRmMq3sqk4VWLb
J8241mfKLgEfy7Mmms8Ec6pF4hQNJJ5KuNgCqE4beYvweHWCoTJso1Bd5smXx26Y
qNIU7skc8jm0jo6RY2hapAHVYLcRAAdsSUoBOZycPYqadv6CBqf2SdiC/queOcxU
8kcd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:09 2024 by rpki-client on console-fra.rpki-client.org