Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/AqOlOR2EBmGWm0YZrihJ3wZi8XE.roa
File: AqOlOR2EBmGWm0YZrihJ3wZi8XE.roa (raw, json)
Hash identifier: jiN64CbywX2s49+SJ9sa74nWyuvo5nRJjCSLGwVEiZg=
Subject key identifier: 02:A3:A5:39:1D:84:06:61:96:9B:46:19:AE:28:49:DF:06:62:F1:71
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018B3C31EBF20B0DAEB9EB651C0431562C04
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/AqOlOR2EBmGWm0YZrihJ3wZi8XE.roa
Signing time: Tue 17 Oct 2023 05:53:06 +0000
ROA not before: Tue 17 Oct 2023 05:53:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.186.216.0/22 maxlen: 24
94.241.168.0/21 maxlen: 24
178.253.32.0/24 maxlen: 24
83.147.244.0/22 maxlen: 24
83.147.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 31 Oct 2023 08:23:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3c:31:eb:f2:0b:0d:ae:b9:eb:65:1c:04:31:56:2c:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Oct 17 05:53:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02a3a5391d840661969b4619ae2849df0662f171
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:59:d2:ba:c0:c2:26:26:0f:5f:7a:d1:51:79:
69:59:a2:02:81:07:36:20:dd:77:9a:1e:f9:94:3e:
93:a4:56:c4:3c:8c:37:14:e6:28:dc:58:24:96:f5:
c4:29:1e:74:ee:5d:cc:a0:63:80:ca:1a:55:da:33:
dc:1d:90:64:bb:98:49:a4:19:08:78:f5:04:10:02:
3c:72:d7:06:8d:bc:42:d1:49:f8:ef:72:31:b0:2e:
99:82:57:3e:ad:ac:fe:ff:27:ed:46:ac:02:00:f3:
b2:26:6c:66:e1:19:19:b8:90:e2:74:26:a8:6b:13:
ad:62:6c:71:b8:f8:67:d7:df:08:be:80:a0:6a:b5:
40:91:84:eb:6d:6f:3f:63:5a:b1:b5:12:f1:5e:e9:
5c:02:ba:7e:15:80:4f:f1:d5:6b:e9:5b:94:85:36:
e6:7a:f0:50:2f:45:8b:f8:22:b4:8a:d6:b5:9c:73:
2a:9d:7e:1d:7f:17:a8:7e:97:3b:42:20:50:61:f6:
c5:39:92:ac:0b:cb:62:81:2e:89:d7:9a:25:ab:e4:
5d:ad:4d:c2:f8:83:2e:f2:0a:9f:04:54:e2:ff:cf:
a4:ea:72:ca:ba:ae:8d:1b:09:c9:70:a1:80:ab:d9:
2f:f3:43:55:0c:d7:f0:89:6b:c6:f4:1f:3b:9c:ab:
03:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:A3:A5:39:1D:84:06:61:96:9B:46:19:AE:28:49:DF:06:62:F1:71
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/AqOlOR2EBmGWm0YZrihJ3wZi8XE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.244.0/22
83.147.252.0/22
91.186.216.0/22
94.241.168.0/21
178.253.32.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:15:d1:ed:95:f5:19:77:7d:1f:9e:55:bd:e3:de:96:64:c7:
52:7e:42:d2:0f:e7:e9:8b:ac:7e:70:86:00:aa:fc:22:46:af:
bb:84:b5:48:5f:f6:4d:e2:7b:e4:fc:83:b5:9a:98:49:19:8e:
e9:f5:1c:19:53:8c:cd:a4:c4:ce:54:ce:7a:20:2d:89:ba:73:
18:ef:07:86:11:5f:c9:13:eb:06:5f:d1:5b:10:bd:c8:3c:44:
33:98:a6:dc:84:9b:eb:ae:77:a2:3a:2d:c3:cb:d3:2d:4c:16:
54:37:b9:5c:61:07:4e:ed:fd:7d:67:3e:df:f3:ba:7d:14:3a:
41:da:c2:d9:32:67:eb:ce:97:18:1f:93:f4:ac:9e:84:2a:b7:
d8:5e:b9:31:36:72:79:6c:40:c7:a6:fe:55:bd:e1:e1:db:64:
b8:cb:1c:63:6e:54:6e:a5:3a:86:11:29:5a:61:18:0d:39:43:
5d:72:c9:9b:c5:85:4c:3d:62:09:8e:94:3d:54:ea:60:07:44:
43:08:a6:1e:da:f0:c0:e8:11:0f:e7:ea:b6:11:fb:41:14:eb:
1b:3a:e9:d1:83:df:db:af:5f:c0:4a:27:31:84:11:9b:e8:cf:
fb:de:18:12:e1:99:fa:9c:2a:6b:8d:9c:09:d5:f0:b2:36:ea:
a4:fd:a0:53
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYs8MevyCw2uuetlHAQxViwEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMxMDE3MDU1MzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmEzYTUzOTFkODQwNjYxOTY5YjQ2MTlhZTI4NDlkZjA2NjJmMTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1nSusDCJiYPX3rRUXlpWaICgQc2
IN13mh75lD6TpFbEPIw3FOYo3FgklvXEKR507l3MoGOAyhpV2jPcHZBku5hJpBkI
ePUEEAI8ctcGjbxC0Un473IxsC6Zglc+raz+/yftRqwCAPOyJmxm4RkZuJDidCao
axOtYmxxuPhn198IvoCgarVAkYTrbW8/Y1qxtRLxXulcArp+FYBP8dVr6VuUhTbm
evBQL0WL+CK0ita1nHMqnX4dfxeofpc7QiBQYfbFOZKsC8tigS6J15olq+RdrU3C
+IMu8gqfBFTi/8+k6nLKuq6NGwnJcKGAq9kv80NVDNfwiWvG9B87nKsDUwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAKjpTkdhAZhlptGGa4oSd8GYvFxMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvQXFPbE9SMkVCbUdXbTBZWnJpaEozd1ppOFhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCU5P0AwQC
U5P8AwQCW7rYAwQDXvGoAwQAsv0gMA0GCSqGSIb3DQEBCwUAA4IBAQAMFdHtlfUZ
d30fnlW9496WZMdSfkLSD+fpi6x+cIYAqvwiRq+7hLVIX/ZN4nvk/IO1mphJGY7p
9RwZU4zNpMTOVM56IC2JunMY7weGEV/JE+sGX9FbEL3IPEQzmKbchJvrrneiOi3D
y9MtTBZUN7lcYQdO7f19Zz7f87p9FDpB2sLZMmfrzpcYH5P0rJ6EKrfYXrkxNnJ5
bEDHpv5VveHh22S4yxxjblRupTqGESlaYRgNOUNdcsmbxYVMPWIJjpQ9VOpgB0RD
CKYe2vDA6BEP5+q2EftBFOsbOunRg9/br1/ASicxhBGb6M/73hgS4Zn6nCprjZwJ
1fCyNuqk/aBT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:18 2024 by rpki-client on console-ams.rpki-client.org