Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/8dRsuv5QAWvWnG1FJ4n78Vv1cFA.roa
File: 8dRsuv5QAWvWnG1FJ4n78Vv1cFA.roa (raw, json)
Hash identifier: +fWEoEHSro70D/z23QGFY/LylLzrto8DRVA90xARn5M=
Subject key identifier: F1:D4:6C:BA:FE:50:01:6B:D6:9C:6D:45:27:89:FB:F1:5B:F5:70:50
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 0185F504C271743E795242ED02E72A2E724D
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/8dRsuv5QAWvWnG1FJ4n78Vv1cFA.roa
Signing time: Fri 27 Jan 2023 20:56:47 +0000
ROA not before: Fri 27 Jan 2023 20:56:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.186.204.0/22 maxlen: 24
91.186.216.0/22 maxlen: 24
178.253.22.0/23 maxlen: 24
83.147.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Feb 2023 10:41:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f5:04:c2:71:74:3e:79:52:42:ed:02:e7:2a:2e:72:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jan 27 20:56:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1d46cbafe50016bd69c6d452789fbf15bf57050
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d1:02:87:92:d5:2f:52:48:72:7d:1c:ba:30:
8a:ca:52:ef:1d:91:b9:53:06:5a:58:95:15:19:6b:
74:5c:02:30:0b:f9:86:19:c6:9c:5e:0a:e7:91:48:
9e:4e:ef:3d:ca:8e:c3:1b:fd:f6:d9:cd:8f:54:fa:
1a:bb:10:d8:9e:38:94:c1:b4:c1:b0:b8:ff:68:07:
9d:fa:f1:09:32:ac:66:b6:41:38:ae:a3:7f:34:5c:
09:da:05:e3:52:82:ab:ee:f7:4f:8a:14:a5:76:e5:
23:2c:bf:13:02:7d:89:59:d3:5a:8f:04:e3:87:7b:
78:fa:40:0e:f4:e3:db:94:9d:51:fb:0f:9c:4c:fb:
98:fd:8d:d3:46:d8:03:ed:e4:8f:03:db:d4:97:4a:
a9:23:4e:66:0f:83:8e:66:fb:9e:f6:5c:2e:d6:d9:
ab:c2:48:2c:cc:02:0b:ff:46:6f:7e:5f:b1:b1:09:
25:3e:dc:69:8e:79:50:e3:f0:4b:50:42:f8:59:4c:
1b:0f:0c:f3:d8:f1:57:e5:ea:90:df:89:d5:ba:f7:
b2:fb:ff:d5:4e:c9:63:b0:c7:b0:67:54:63:1e:f2:
8a:a0:64:52:60:91:05:57:bd:21:ef:91:70:56:1a:
52:a6:9e:fb:c4:b8:9d:ee:68:56:98:48:2c:f4:ca:
7a:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:D4:6C:BA:FE:50:01:6B:D6:9C:6D:45:27:89:FB:F1:5B:F5:70:50
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/8dRsuv5QAWvWnG1FJ4n78Vv1cFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.252.0/22
91.186.204.0/22
91.186.216.0/22
178.253.22.0/23
Signature Algorithm: sha256WithRSAEncryption
96:34:f4:56:e1:99:1d:13:1e:66:bc:21:e7:91:7d:42:d4:c4:
0a:0f:ec:ac:99:fe:01:98:ee:72:ce:55:28:93:9f:32:07:dd:
d2:85:f7:d4:57:96:e3:4b:75:73:ec:dd:92:c9:47:47:74:fa:
d1:f4:6b:91:73:c0:0f:4f:01:e6:ea:39:73:af:6b:d7:5b:ec:
92:a5:53:49:8b:7b:92:9a:b6:0f:12:e8:13:7a:96:39:02:ec:
bf:6b:b9:c8:18:ff:a0:3e:cd:e2:5a:6b:34:da:0a:61:f4:95:
32:8b:58:6b:6e:81:d4:b0:72:5d:e9:82:cb:e0:50:2e:f8:66:
d7:11:01:df:cc:76:bc:c6:b6:21:e5:14:d8:51:32:af:05:14:
30:49:0d:5f:18:e9:45:f7:cb:ce:dc:16:64:05:a5:30:b7:12:
d5:ce:55:9b:6d:26:20:b4:a2:fc:7b:5d:51:b7:a5:7d:fd:97:
87:05:9f:38:2e:05:ff:57:c0:1c:c4:28:30:eb:c1:ae:e4:bf:
0a:3d:ec:1b:2e:3b:52:9b:b3:7f:79:0a:be:8a:ff:91:10:71:
25:e4:e7:3c:25:67:84:1a:78:44:85:b4:9c:41:dd:5d:71:a1:
97:ed:29:9a:56:56:49:67:0d:7c:c1:af:b2:e1:ef:69:7b:e4:
ac:3a:b3:5f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYX1BMJxdD55UkLtAucqLnJNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwMTI3MjA1NjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWQ0NmNiYWZlNTAwMTZiZDY5YzZkNDUyNzg5ZmJmMTViZjU3MDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotECh5LVL1JIcn0cujCKylLvHZG5
UwZaWJUVGWt0XAIwC/mGGcacXgrnkUieTu89yo7DG/322c2PVPoauxDYnjiUwbTB
sLj/aAed+vEJMqxmtkE4rqN/NFwJ2gXjUoKr7vdPihSlduUjLL8TAn2JWdNajwTj
h3t4+kAO9OPblJ1R+w+cTPuY/Y3TRtgD7eSPA9vUl0qpI05mD4OOZvue9lwu1tmr
wkgszAIL/0Zvfl+xsQklPtxpjnlQ4/BLUEL4WUwbDwzz2PFX5eqQ34nVuvey+//V
TsljsMewZ1RjHvKKoGRSYJEFV70h75FwVhpSpp77xLid7mhWmEgs9Mp6kwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPHUbLr+UAFr1pxtRSeJ+/Fb9XBQMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvOGRSc3V2NVFBV3ZXbkcxRko0bjc4VnYxY0ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCU5P8AwQC
W7rMAwQCW7rYAwQBsv0WMA0GCSqGSIb3DQEBCwUAA4IBAQCWNPRW4ZkdEx5mvCHn
kX1C1MQKD+ysmf4BmO5yzlUok58yB93ShffUV5bjS3Vz7N2SyUdHdPrR9GuRc8AP
TwHm6jlzr2vXW+ySpVNJi3uSmrYPEugTepY5Auy/a7nIGP+gPs3iWms02gph9JUy
i1hrboHUsHJd6YLL4FAu+GbXEQHfzHa8xrYh5RTYUTKvBRQwSQ1fGOlF98vO3BZk
BaUwtxLVzlWbbSYgtKL8e11Rt6V9/ZeHBZ84LgX/V8AcxCgw68Gu5L8KPewbLjtS
m7N/eQq+iv+REHEl5Oc8JWeEGnhEhbScQd1dcaGX7SmaVlZJZw18wa+y4e9pe+Ss
OrNf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:09 2024 by rpki-client on console-fra.rpki-client.org