Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/A6HKHMuZFDxf6ETRWgP5yjB8r1I.roa
File: A6HKHMuZFDxf6ETRWgP5yjB8r1I.roa (raw, json)
Hash identifier: YSttIywDToyychQjhDj6PPBVtsCZ4x/9b+anm/5IEnk=
Subject key identifier: 03:A1:CA:1C:CB:99:14:3C:5F:E8:44:D1:5A:03:F9:CA:30:7C:AF:52
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 0185F50957FDEECB888FD8FADA091DADC0DB
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/A6HKHMuZFDxf6ETRWgP5yjB8r1I.roa
Signing time: Fri 27 Jan 2023 21:01:48 +0000
ROA not before: Fri 27 Jan 2023 21:01:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 91.186.200.0/22 maxlen: 24
91.186.214.0/23 maxlen: 24
94.241.168.0/21 maxlen: 24
83.147.216.0/23 maxlen: 24
178.253.31.0/24 maxlen: 24
83.147.217.0/24 maxlen: 24
83.147.222.0/23 maxlen: 24
83.147.232.0/22 maxlen: 24
178.253.52.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f5:09:57:fd:ee:cb:88:8f:d8:fa:da:09:1d:ad:c0:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jan 27 21:01:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03a1ca1ccb99143c5fe844d15a03f9ca307caf52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f8:a8:52:7b:87:04:5c:5a:69:7c:fc:4d:fc:
12:f4:bb:2c:1c:cb:87:47:da:1d:8f:9f:18:be:ac:
92:be:14:c4:89:8c:ee:12:3d:96:19:59:d7:80:b1:
8f:6b:bd:5d:ad:7e:5c:78:82:7e:c9:54:e3:b6:85:
b8:74:09:e2:2c:ed:3c:2f:41:96:8a:47:b6:ed:80:
77:77:2f:f3:67:5e:85:60:3a:69:86:45:02:31:cc:
1c:5c:6b:d4:26:60:e1:ed:e1:ce:77:83:33:6a:6f:
c2:6f:b4:05:36:da:2c:c9:f3:4e:5c:7a:33:b9:4f:
79:f5:fe:39:5b:bc:5c:20:33:a9:2a:83:a8:d8:9b:
5f:c9:73:43:1b:84:5f:1f:1a:b5:4f:f1:8b:06:5d:
0f:d6:db:62:7e:55:1a:40:73:6a:04:8f:4d:2f:3d:
a8:91:f5:ab:90:c2:b2:b6:6a:f8:a9:32:6b:cf:0d:
95:11:14:e7:52:c8:df:68:b8:59:26:63:c6:3b:98:
fb:33:81:9d:8c:6a:b1:bb:e4:f3:59:3e:44:5a:8c:
e8:2a:da:02:3f:fb:b3:24:62:bb:ed:3e:74:eb:60:
f3:c9:e9:f6:7a:6d:2a:16:85:53:a8:6d:de:4a:ef:
8a:05:00:ad:1f:ec:be:6a:ad:3b:2b:6e:75:9a:1f:
23:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:A1:CA:1C:CB:99:14:3C:5F:E8:44:D1:5A:03:F9:CA:30:7C:AF:52
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/A6HKHMuZFDxf6ETRWgP5yjB8r1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.216.0/23
83.147.222.0/23
83.147.232.0/22
91.186.200.0/22
91.186.214.0/23
94.241.168.0/21
178.253.31.0/24
178.253.52.0/23
Signature Algorithm: sha256WithRSAEncryption
28:e5:51:d6:11:05:63:0c:de:e3:15:45:38:3d:97:5e:6d:01:
e1:ca:d7:03:d3:26:45:a2:81:95:ec:38:3e:c5:92:10:df:9d:
a0:68:97:60:38:44:5f:e7:df:30:fd:ef:cf:58:67:c5:9d:d0:
50:a5:fd:e8:2e:3d:40:29:b0:04:49:96:1d:a0:73:cb:05:7d:
23:2e:78:9e:ab:6c:05:77:eb:a1:b5:4e:fa:c1:e4:27:50:35:
ea:92:71:bf:3b:3f:47:84:88:f3:da:71:bf:02:d5:5e:29:e0:
65:b6:15:11:ff:b9:45:c2:3a:1c:e5:9d:f1:33:3a:fa:89:31:
40:f2:ae:69:1e:ec:ee:1b:b7:08:95:25:45:05:06:08:d5:7d:
0b:0b:6c:e6:ff:8c:8e:8a:1b:42:ad:52:f5:df:6f:f2:eb:8c:
7a:97:00:6e:d0:f0:63:5b:be:a2:7a:d4:90:2d:20:3b:02:53:
f5:0c:03:b7:6a:85:62:cc:ec:49:2a:b2:51:fc:82:80:d3:be:
e3:ff:d0:b9:5d:8d:b1:f7:07:e2:06:d4:db:d2:b2:95:1d:40:
92:b3:91:a6:e8:35:aa:ab:a3:4e:81:d7:a7:13:4f:68:ff:87:
21:84:fa:c1:f3:55:c8:04:c8:f1:a8:e1:58:7c:07:52:63:9e:
9c:23:8f:11
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYX1CVf97suIj9j62gkdrcDbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwMTI3MjEwMTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2ExY2ExY2NiOTkxNDNjNWZlODQ0ZDE1YTAzZjljYTMwN2NhZjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPioUnuHBFxaaXz8TfwS9LssHMuH
R9odj58YvqySvhTEiYzuEj2WGVnXgLGPa71drX5ceIJ+yVTjtoW4dAniLO08L0GW
ike27YB3dy/zZ16FYDpphkUCMcwcXGvUJmDh7eHOd4Mzam/Cb7QFNtosyfNOXHoz
uU959f45W7xcIDOpKoOo2JtfyXNDG4RfHxq1T/GLBl0P1ttiflUaQHNqBI9NLz2o
kfWrkMKytmr4qTJrzw2VERTnUsjfaLhZJmPGO5j7M4GdjGqxu+TzWT5EWozoKtoC
P/uzJGK77T5062Dzyen2em0qFoVTqG3eSu+KBQCtH+y+aq07K251mh8j5QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFAOhyhzLmRQ8X+hE0VoD+cowfK9SMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvQTZIS0hNdVpGRHhmNkVUUldnUDV5akI4cjFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBU5PYAwQB
U5PeAwQCU5PoAwQCW7rIAwQBW7rWAwQDXvGoAwQAsv0fAwQBsv00MA0GCSqGSIb3
DQEBCwUAA4IBAQAo5VHWEQVjDN7jFUU4PZdebQHhytcD0yZFooGV7Dg+xZIQ352g
aJdgOERf598w/e/PWGfFndBQpf3oLj1AKbAESZYdoHPLBX0jLnieq2wFd+uhtU76
weQnUDXqknG/Oz9HhIjz2nG/AtVeKeBlthUR/7lFwjoc5Z3xMzr6iTFA8q5pHuzu
G7cIlSVFBQYI1X0LC2zm/4yOihtCrVL132/y64x6lwBu0PBjW76ietSQLSA7AlP1
DAO3aoVizOxJKrJR/IKA077j/9C5XY2x9wfiBtTb0rKVHUCSs5Gm6DWqq6NOgden
E09o/4chhPrB81XIBMjxqOFYfAdSY56cI48R
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:44 2023 by rpki-client on console-fra.rpki-client.org