Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/BqiYolWUWBWqaZlXiYkCvHSIxbE.roa
File: BqiYolWUWBWqaZlXiYkCvHSIxbE.roa (raw, json)
Hash identifier: MqjAW8jxat1mzjGu2NTgKj219VjlDJVOCI5KMMJwmk0=
Subject key identifier: 06:A8:98:A2:55:94:58:15:AA:69:99:57:89:89:02:BC:74:88:C5:B1
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018D62D3F83914B27BF36425A0EDD94F2ABB
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/BqiYolWUWBWqaZlXiYkCvHSIxbE.roa
Signing time: Thu 01 Feb 2024 04:01:15 +0000
ROA not before: Thu 01 Feb 2024 04:01:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.232.0/22 maxlen: 24
83.147.244.0/22 maxlen: 24
83.147.252.0/22 maxlen: 24
91.186.204.0/22 maxlen: 24
91.186.216.0/22 maxlen: 24
94.241.164.0/23 maxlen: 24
94.241.168.0/21 maxlen: 24
178.253.44.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 04 Feb 2024 19:59:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:62:d3:f8:39:14:b2:7b:f3:64:25:a0:ed:d9:4f:2a:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Feb 1 04:01:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=06a898a255945815aa699957898902bc7488c5b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:fb:fa:bb:10:20:9e:f5:9b:9e:17:c0:af:37:
50:9a:6d:5b:ca:b6:b1:dc:b1:ad:4b:80:6e:e8:45:
89:4a:e4:63:ab:76:e2:0c:53:2d:a0:77:59:e9:07:
fa:23:e4:2c:f5:53:a3:0d:26:44:e1:ab:8a:2e:5a:
04:0e:6b:35:5c:ab:8a:dc:c9:18:77:61:31:cc:da:
db:70:ec:57:0d:68:b2:09:10:25:15:73:85:0e:a4:
fc:79:c4:ed:71:92:7c:d4:ba:95:9b:97:35:bc:a3:
c6:29:d8:02:f9:45:d5:13:79:a3:b0:d8:e3:af:47:
1d:65:b9:0c:82:74:41:b8:7b:11:bb:53:d4:b4:7e:
70:4c:6a:73:6d:df:20:aa:45:1f:ea:4f:54:21:91:
8d:2c:92:28:1e:37:37:19:55:69:54:29:2a:40:e9:
b0:65:74:43:6b:4e:a6:5f:34:68:11:2c:5a:65:5e:
cc:b7:61:b1:dc:7f:27:35:78:28:7f:10:0c:a1:87:
58:e3:dd:93:56:c5:4a:60:08:03:f5:6e:1f:69:01:
1e:d2:dd:5f:39:76:9f:f0:ae:76:00:54:de:ad:0d:
0e:8c:aa:3a:39:45:6a:57:e0:17:9c:3f:37:7e:f3:
62:d4:36:32:34:bf:66:ed:0e:9c:f6:4f:65:51:a5:
58:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:A8:98:A2:55:94:58:15:AA:69:99:57:89:89:02:BC:74:88:C5:B1
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/BqiYolWUWBWqaZlXiYkCvHSIxbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.232.0/22
83.147.244.0/22
83.147.252.0/22
91.186.204.0/22
91.186.216.0/22
94.241.164.0/23
94.241.168.0/21
178.253.44.0/23
Signature Algorithm: sha256WithRSAEncryption
11:bc:22:5e:1a:63:17:0d:13:33:4d:6d:ef:aa:e3:ff:c0:97:
2a:1d:4a:59:1e:f8:47:e1:2c:2a:8f:b6:19:0b:1a:d4:0a:de:
dc:6f:67:17:55:40:15:50:ec:2e:27:25:be:08:d4:8d:d3:06:
d2:5d:aa:a5:35:9b:64:a8:84:77:3d:0b:f3:2b:f6:cc:11:e6:
37:a3:3a:32:83:93:7c:8d:aa:d6:02:88:46:98:f5:64:cf:4b:
99:93:59:2b:ce:8f:dd:99:6c:82:15:4b:2f:57:7b:9f:fd:87:
59:3a:50:55:7d:0b:46:3d:ec:fb:34:53:81:4b:e7:8a:76:88:
37:81:c4:6e:71:9a:1d:6d:a9:9a:a1:77:66:6c:95:8e:82:c5:
a8:aa:01:20:59:96:38:ab:d1:33:d9:4e:86:9a:ba:ed:5d:25:
fc:15:76:66:c2:7c:c9:9c:c9:dd:8b:06:ca:d2:f3:51:01:f7:
dc:92:8d:c8:27:cd:6f:13:26:52:13:cd:81:05:e8:e6:5e:1d:
45:93:d1:7c:03:c0:89:c2:14:c8:9a:52:ac:b0:e9:ad:49:69:
22:77:49:cc:84:a4:a8:12:64:bb:7f:8c:d9:f1:bf:7e:13:91:
e4:e7:36:5d:f4:07:bb:ae:de:a3:99:c2:23:bb:12:ac:3e:34:
7a:8c:15:df
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY1i0/g5FLJ782QloO3ZTyq7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwMjAxMDQwMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmE4OThhMjU1OTQ1ODE1YWE2OTk5NTc4OTg5MDJiYzc0ODhjNWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/v6uxAgnvWbnhfArzdQmm1byrax
3LGtS4Bu6EWJSuRjq3biDFMtoHdZ6Qf6I+Qs9VOjDSZE4auKLloEDms1XKuK3MkY
d2ExzNrbcOxXDWiyCRAlFXOFDqT8ecTtcZJ81LqVm5c1vKPGKdgC+UXVE3mjsNjj
r0cdZbkMgnRBuHsRu1PUtH5wTGpzbd8gqkUf6k9UIZGNLJIoHjc3GVVpVCkqQOmw
ZXRDa06mXzRoESxaZV7Mt2Gx3H8nNXgofxAMoYdY492TVsVKYAgD9W4faQEe0t1f
OXaf8K52AFTerQ0OjKo6OUVqV+AXnD83fvNi1DYyNL9m7Q6c9k9lUaVYIwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFAaomKJVlFgVqmmZV4mJArx0iMWxMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvQnFpWW9sV1VXQldxYVpsWGlZa0N2SFNJeGJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCU5PoAwQC
U5P0AwQCU5P8AwQCW7rMAwQCW7rYAwQBXvGkAwQDXvGoAwQBsv0sMA0GCSqGSIb3
DQEBCwUAA4IBAQARvCJeGmMXDRMzTW3vquP/wJcqHUpZHvhH4Swqj7YZCxrUCt7c
b2cXVUAVUOwuJyW+CNSN0wbSXaqlNZtkqIR3PQvzK/bMEeY3ozoyg5N8jarWAohG
mPVkz0uZk1krzo/dmWyCFUsvV3uf/YdZOlBVfQtGPez7NFOBS+eKdog3gcRucZod
bamaoXdmbJWOgsWoqgEgWZY4q9Ez2U6GmrrtXSX8FXZmwnzJnMndiwbK0vNRAffc
ko3IJ81vEyZSE82BBejmXh1Fk9F8A8CJwhTImlKssOmtSWkid0nMhKSoEmS7f4zZ
8b9+E5Hk5zZd9Ae7rt6jmcIjuxKsPjR6jBXf
-----END CERTIFICATE-----
Generated at Sun Feb 4 21:07:50 2024 by rpki-client on console-ams.rpki-client.org