Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/AgofkFyMXwESNNHLIzmDfuLBxkQ.roa
File: AgofkFyMXwESNNHLIzmDfuLBxkQ.roa (raw, json)
Hash identifier: MrvUnlmdEr5m0hKEAM0XrkWsOBfIHgfjXkBzrr8+zIw=
Subject key identifier: 02:0A:1F:90:5C:8C:5F:01:12:34:D1:CB:23:39:83:7E:E2:C1:C6:44
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 01860EA35BAA7DB05C63F9CEFF44C62672B2
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/AgofkFyMXwESNNHLIzmDfuLBxkQ.roa
Signing time: Wed 01 Feb 2023 20:20:32 +0000
ROA not before: Wed 01 Feb 2023 20:20:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 91.186.216.0/22 maxlen: 24
94.241.164.0/23 maxlen: 24
94.241.160.0/22 maxlen: 24
178.253.26.0/23 maxlen: 24
178.253.44.0/23 maxlen: 24
83.147.232.0/22 maxlen: 24
83.147.252.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0e:a3:5b:aa:7d:b0:5c:63:f9:ce:ff:44:c6:26:72:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Feb 1 20:20:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=020a1f905c8c5f011234d1cb2339837ee2c1c644
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:2d:f6:16:9f:6a:74:4c:99:28:f5:08:a0:4c:
ee:bb:e6:a8:ff:ca:f3:8a:02:6f:48:fd:51:db:e5:
e8:87:5a:ff:82:4a:71:99:85:b3:96:8d:5b:c5:e9:
1c:e9:6e:a4:2a:bb:5e:ad:47:14:10:8c:11:94:3b:
1b:5e:f8:2a:09:36:a2:bd:d9:08:1f:b2:bc:88:31:
6d:6b:d6:0e:c4:47:2f:7d:63:33:b7:12:9d:c8:64:
1b:14:b7:71:21:2f:c6:44:db:0f:0a:50:ad:a2:50:
c2:93:9f:01:15:94:4b:72:5c:3c:7b:06:c3:f5:39:
52:b0:a9:b6:7c:31:ad:37:21:c0:a3:95:ec:4a:d3:
2c:b8:af:85:07:66:b4:a7:99:95:6c:00:23:85:12:
ae:33:e1:62:8b:c0:f3:73:8c:68:7e:65:4a:5b:91:
43:a0:a0:25:d8:d6:5f:a5:a1:f4:a0:6b:0e:d4:99:
a0:b6:de:66:4b:d2:dd:87:0c:92:da:55:5d:54:b2:
c5:44:b7:0a:94:32:52:1d:74:2d:61:61:a6:c5:da:
78:c0:21:12:ac:13:76:ef:d2:59:1d:57:5a:85:6e:
67:65:51:9d:85:ca:91:35:4e:92:55:71:39:bd:b1:
ba:32:ea:bd:e5:b1:03:d1:77:80:35:cf:31:53:49:
df:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:0A:1F:90:5C:8C:5F:01:12:34:D1:CB:23:39:83:7E:E2:C1:C6:44
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/AgofkFyMXwESNNHLIzmDfuLBxkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.232.0/22
83.147.252.0/22
91.186.216.0/22
94.241.160.0-94.241.165.255
178.253.26.0/23
178.253.44.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:97:44:38:31:26:27:5f:a7:ac:5b:96:04:33:d3:5b:a2:63:
22:4a:02:e0:94:6b:01:be:29:d6:22:a6:54:9c:02:8c:1c:b1:
76:ec:d4:22:4c:b7:04:c2:70:84:4d:b6:bf:be:26:41:c2:c8:
a7:e8:28:d7:1a:84:bd:ad:50:14:63:da:05:36:72:36:93:a5:
8b:4e:37:5e:d7:65:79:49:ad:c3:a6:73:b6:3f:15:f0:14:49:
00:03:28:16:0f:fe:b4:c0:4f:26:8b:72:00:79:c7:e2:70:22:
ff:8f:45:9f:a5:ec:6f:e3:f5:b6:df:88:79:ee:e0:9a:e0:b5:
f0:46:7f:08:0d:cc:26:58:16:e2:f7:ca:df:ad:00:38:08:88:
3d:83:85:b1:d5:f8:e7:55:c9:be:0a:01:5b:55:f6:0a:55:04:
50:aa:93:e3:4d:90:37:af:90:02:b3:0f:72:0d:5b:dc:67:37:
32:21:42:5f:68:fc:0f:4b:db:a3:3e:83:d1:56:42:b3:59:52:
a6:26:da:3e:cf:4b:f9:d8:00:91:d0:bc:1e:f5:03:59:7d:3e:
4f:f1:1d:00:35:39:f4:4c:28:fb:5a:aa:13:b0:5f:e6:23:33:
1d:26:0c:cc:40:a3:cd:31:eb:99:9a:26:18:10:dc:b2:c8:a6:
60:c9:38:9f
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYYOo1uqfbBcY/nO/0TGJnKyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwMjAxMjAyMDMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjBhMWY5MDVjOGM1ZjAxMTIzNGQxY2IyMzM5ODM3ZWUyYzFjNjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAly32Fp9qdEyZKPUIoEzuu+ao/8rz
igJvSP1R2+Xoh1r/gkpxmYWzlo1bxekc6W6kKrterUcUEIwRlDsbXvgqCTaivdkI
H7K8iDFta9YOxEcvfWMztxKdyGQbFLdxIS/GRNsPClCtolDCk58BFZRLclw8ewbD
9TlSsKm2fDGtNyHAo5XsStMsuK+FB2a0p5mVbAAjhRKuM+Fii8Dzc4xofmVKW5FD
oKAl2NZfpaH0oGsO1Jmgtt5mS9LdhwyS2lVdVLLFRLcKlDJSHXQtYWGmxdp4wCES
rBN279JZHVdahW5nZVGdhcqRNU6SVXE5vbG6Muq95bED0XeANc8xU0nfKwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFAIKH5BcjF8BEjTRyyM5g37iwcZEMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvQWdvZmtGeU1Yd0VTTk5ITEl6bURmdUxCeGtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCU5PoAwQC
U5P8AwQCW7rYMAwDBAVe8aADBAFe8aQDBAGy/RoDBAGy/SwwDQYJKoZIhvcNAQEL
BQADggEBAD2XRDgxJidfp6xblgQz01uiYyJKAuCUawG+KdYiplScAowcsXbs1CJM
twTCcIRNtr++JkHCyKfoKNcahL2tUBRj2gU2cjaTpYtON17XZXlJrcOmc7Y/FfAU
SQADKBYP/rTATyaLcgB5x+JwIv+PRZ+l7G/j9bbfiHnu4JrgtfBGfwgNzCZYFuL3
yt+tADgIiD2DhbHV+OdVyb4KAVtV9gpVBFCqk+NNkDevkAKzD3INW9xnNzIhQl9o
/A9L26M+g9FWQrNZUqYm2j7PS/nYAJHQvB71A1l9Pk/xHQA1OfRMKPtaqhOwX+Yj
Mx0mDMxAo80x65maJhgQ3LLIpmDJOJ8=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:38 2023 by rpki-client on console-ams.rpki-client.org