Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/7T9tMzNnpFVAq5wJG-JqI2T3SNM.roa
File: 7T9tMzNnpFVAq5wJG-JqI2T3SNM.roa (raw, json)
Hash identifier: w2/TUutXtPk3VTXZw3BGm3U2hDK3Juq9C2MsPQ+vYEA=
Subject key identifier: ED:3F:6D:33:33:67:A4:55:40:AB:9C:09:1B:E2:6A:23:64:F7:48:D3
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018A3DBAB052EDE069D760DA31DFF2D7B9FC
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/7T9tMzNnpFVAq5wJG-JqI2T3SNM.roa
Signing time: Mon 28 Aug 2023 19:59:19 +0000
ROA not before: Mon 28 Aug 2023 19:59:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.186.216.0/22 maxlen: 24
94.241.168.0/21 maxlen: 24
83.147.223.0/24 maxlen: 24
83.147.244.0/22 maxlen: 24
83.147.252.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3d:ba:b0:52:ed:e0:69:d7:60:da:31:df:f2:d7:b9:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Aug 28 19:59:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ed3f6d333367a45540ab9c091be26a2364f748d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:f2:4c:87:54:33:21:40:16:7d:01:d1:d6:eb:
fc:53:20:03:71:a7:45:ed:b3:11:4f:10:51:6c:00:
43:cf:d3:b9:77:53:75:e2:36:2a:65:bd:21:00:34:
73:39:b4:9a:2f:74:ca:13:2c:59:24:4a:13:b1:fc:
7d:c2:61:48:fd:9f:f7:cc:ec:d4:0f:66:fe:8d:37:
a7:d3:4f:7f:8f:cc:b1:c8:cc:25:46:e2:48:8c:72:
2d:84:09:61:1b:3f:24:a1:19:b9:3b:fb:ff:33:bf:
51:59:39:30:eb:01:68:be:72:da:21:dc:f3:38:80:
ab:95:f8:d8:93:b0:35:a6:a7:42:4a:e3:63:f4:68:
66:9d:b9:7e:ff:d9:f0:ce:bf:2a:3c:de:53:c4:60:
81:e0:81:18:ec:ae:cd:df:f4:f6:b4:99:af:3e:8c:
30:9e:d9:9f:fd:e3:e1:85:44:42:cc:04:df:ea:b5:
11:4d:3d:21:c1:f9:be:1a:c0:3c:04:bc:07:5d:17:
c6:d2:89:bb:b9:4d:fa:a0:c0:d8:0b:7f:17:86:50:
7b:80:9f:b8:13:eb:a3:b3:71:f1:e2:8b:40:6d:95:
8b:d2:6a:e3:1e:f7:f3:84:cb:24:91:11:20:8d:ef:
f2:87:8a:69:00:1e:c7:79:6a:86:e1:8d:68:46:14:
ea:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:3F:6D:33:33:67:A4:55:40:AB:9C:09:1B:E2:6A:23:64:F7:48:D3
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/7T9tMzNnpFVAq5wJG-JqI2T3SNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.223.0/24
83.147.244.0/22
83.147.252.0/22
91.186.216.0/22
94.241.168.0/21
Signature Algorithm: sha256WithRSAEncryption
13:43:4d:4e:2e:ff:ad:76:49:41:c4:da:12:98:6a:31:af:ed:
5d:98:89:bb:39:c6:17:83:49:85:59:13:a3:b7:33:07:33:1e:
bb:47:73:ef:d7:c9:ea:d3:8a:dc:40:fd:d3:99:b5:ce:c2:ac:
d0:af:99:52:f3:18:c7:37:68:ab:03:06:a9:e9:d5:93:8a:e1:
fa:de:6d:25:a0:c6:3d:1c:45:a4:32:38:bd:11:31:1a:aa:45:
32:82:15:4b:f0:7d:02:37:1e:e9:97:73:33:5b:16:0b:75:31:
f8:73:db:fc:c5:20:b2:35:33:c2:55:58:be:60:47:9a:26:c3:
54:a4:f9:ef:2f:c8:0a:d6:4b:16:de:4b:cb:f4:0e:47:c9:07:
5f:86:bb:47:73:9f:25:8d:9a:a2:05:c1:fa:b0:d7:04:38:8e:
78:9c:1b:8b:6e:e5:0e:eb:16:02:ed:34:43:8d:ca:5b:41:b8:
30:8a:cc:36:ad:09:91:4e:44:4e:34:fb:cf:3b:3c:87:aa:90:
23:46:ec:9b:d5:8a:17:6a:a6:a3:7a:7a:1f:d0:1d:df:b2:2f:
51:ba:d8:b5:4f:e5:ed:5f:5f:0f:9d:1f:e7:48:57:28:b0:42:
9e:df:9e:32:a5:db:62:28:2c:70:b6:30:c8:c5:99:02:e3:1d:
e3:23:3e:76
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYo9urBS7eBp12DaMd/y17n8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwODI4MTk1OTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDNmNmQzMzMzNjdhNDU1NDBhYjljMDkxYmUyNmEyMzY0Zjc0OGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0fJMh1QzIUAWfQHR1uv8UyADcadF
7bMRTxBRbABDz9O5d1N14jYqZb0hADRzObSaL3TKEyxZJEoTsfx9wmFI/Z/3zOzU
D2b+jTen009/j8yxyMwlRuJIjHIthAlhGz8koRm5O/v/M79RWTkw6wFovnLaIdzz
OICrlfjYk7A1pqdCSuNj9Ghmnbl+/9nwzr8qPN5TxGCB4IEY7K7N3/T2tJmvPoww
ntmf/ePhhURCzATf6rURTT0hwfm+GsA8BLwHXRfG0om7uU36oMDYC38XhlB7gJ+4
E+ujs3Hx4otAbZWL0mrjHvfzhMskkREgje/yh4ppAB7HeWqG4Y1oRhTqAQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFO0/bTMzZ6RVQKucCRviaiNk90jTMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvN1Q5dE16Tm5wRlZBcTV3SkctSnFJMlQzU05NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAU5PfAwQC
U5P0AwQCU5P8AwQCW7rYAwQDXvGoMA0GCSqGSIb3DQEBCwUAA4IBAQATQ01OLv+t
dklBxNoSmGoxr+1dmIm7OcYXg0mFWROjtzMHMx67R3Pv18nq04rcQP3TmbXOwqzQ
r5lS8xjHN2irAwap6dWTiuH63m0loMY9HEWkMji9ETEaqkUyghVL8H0CNx7pl3Mz
WxYLdTH4c9v8xSCyNTPCVVi+YEeaJsNUpPnvL8gK1ksW3kvL9A5HyQdfhrtHc58l
jZqiBcH6sNcEOI54nBuLbuUO6xYC7TRDjcpbQbgwisw2rQmRTkRONPvPOzyHqpAj
Ruyb1YoXaqajenof0B3fsi9Ruti1T+XtX18PnR/nSFcosEKe354ypdtiKCxwtjDI
xZkC4x3jIz52
-----END CERTIFICATE-----
Generated at Sun Sep 3 21:33:43 2023 by rpki-client on console-fra.rpki-client.org