Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/CnFpFlTmaWspzucsRaMM_DMBsKA.roa
File: CnFpFlTmaWspzucsRaMM_DMBsKA.roa (raw, json)
Hash identifier: 5X74oK0mutfhWJS3mjXqVWvJTLURXzA/559jig7CwxU=
Subject key identifier: 0A:71:69:16:54:E6:69:6B:29:CE:E7:2C:45:A3:0C:FC:33:01:B0:A0
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018E20662AD39F9CE80BD1D9E2EF9AFB7FAD
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/CnFpFlTmaWspzucsRaMM_DMBsKA.roa
Signing time: Fri 08 Mar 2024 23:29:10 +0000
ROA not before: Fri 08 Mar 2024 23:29:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.244.0/22 maxlen: 24
91.186.204.0/22 maxlen: 24
94.241.160.0/23 maxlen: 24
94.241.164.0/23 maxlen: 24
94.241.168.0/21 maxlen: 24
178.253.44.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 09 Mar 2024 07:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:20:66:2a:d3:9f:9c:e8:0b:d1:d9:e2:ef:9a:fb:7f:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Mar 8 23:29:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a71691654e6696b29cee72c45a30cfc3301b0a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:8d:a7:6f:1f:29:2b:b4:73:ce:d0:02:4b:d4:
44:18:3c:49:04:f4:28:99:84:43:14:0c:51:9b:09:
26:af:2e:1d:81:b0:72:f5:84:61:e7:96:dd:fa:50:
b7:6c:9d:a3:be:2d:33:8d:b7:29:ab:3b:19:7b:a5:
97:72:b8:26:dd:f5:7c:a0:e5:f2:13:d3:be:7b:2a:
f2:73:d6:a8:4e:bf:81:5c:57:99:19:e7:e1:51:43:
56:a1:c0:06:63:8a:37:dc:3b:31:d4:32:f4:bd:7f:
20:e0:05:39:c7:f2:24:d2:44:28:43:ce:dd:26:9a:
e2:72:66:4c:53:88:e2:fb:80:35:a8:a9:dd:f2:f9:
52:aa:e6:bc:ad:fd:ac:98:f8:cc:e0:73:74:9a:4b:
70:77:ce:17:96:86:c3:7e:86:88:1d:60:01:3b:3f:
15:5c:67:66:ef:35:a4:d3:e5:e4:8e:3d:ac:07:42:
bf:ff:59:3e:16:ff:42:bb:0e:de:7b:63:d3:29:fa:
5e:c1:52:71:10:2d:47:2c:94:51:f2:89:d3:14:ee:
04:ac:fa:82:87:d4:f9:5f:8a:79:a8:af:5c:6c:e5:
88:51:19:cd:b6:7d:83:f0:63:ab:7c:f7:2c:f3:d1:
15:f4:bb:b2:a2:da:0f:41:aa:ff:e4:6a:01:0d:a1:
da:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:71:69:16:54:E6:69:6B:29:CE:E7:2C:45:A3:0C:FC:33:01:B0:A0
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/CnFpFlTmaWspzucsRaMM_DMBsKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.244.0/22
91.186.204.0/22
94.241.160.0/23
94.241.164.0/23
94.241.168.0/21
178.253.44.0/23
Signature Algorithm: sha256WithRSAEncryption
97:d3:16:d0:7e:3d:df:5f:fb:44:eb:b5:66:31:26:af:b1:e4:
b7:7a:8e:ef:8a:73:6b:19:96:df:5f:1d:d4:be:80:70:94:e7:
4e:0b:0d:d5:b7:96:d0:ef:bc:15:04:53:5d:93:e8:d4:e9:cd:
5c:ef:00:fb:d7:d5:5e:b9:55:4c:2e:c5:b6:3b:f7:d4:e4:42:
fb:82:33:ef:f4:04:00:c3:ea:77:12:f5:71:ac:9f:2c:bc:e1:
e1:a1:78:2f:ab:51:65:5a:46:ec:e6:ac:56:09:7b:86:44:13:
97:3c:03:24:dc:d2:65:28:44:af:66:2f:e2:2d:f5:4d:58:4d:
4a:e4:e0:f4:e5:bb:e6:94:63:ba:b9:9e:bb:54:ae:85:14:24:
da:57:6b:26:68:f4:7d:87:c6:83:97:bf:24:fa:16:a5:9a:40:
26:99:c1:fb:9b:27:c5:3d:f5:ce:e6:07:7d:9c:c0:56:a1:77:
58:23:e7:c2:50:b5:17:ef:89:f8:74:79:26:f5:60:d5:c8:57:
ef:9d:4f:69:3f:31:0c:49:94:fc:ef:26:20:c9:4f:bd:d4:53:
98:41:34:5b:02:79:f7:75:03:d8:7a:59:1d:df:4c:10:f8:7f:
8e:bc:64:a0:14:9f:eb:c6:a5:fd:c3:ee:d6:9e:89:16:0b:2c:
c5:cf:a9:eb
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY4gZirTn5zoC9HZ4u+a+3+tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwMzA4MjMyOTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTcxNjkxNjU0ZTY2OTZiMjljZWU3MmM0NWEzMGNmYzMzMDFiMGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn42nbx8pK7RzztACS9REGDxJBPQo
mYRDFAxRmwkmry4dgbBy9YRh55bd+lC3bJ2jvi0zjbcpqzsZe6WXcrgm3fV8oOXy
E9O+eyryc9aoTr+BXFeZGefhUUNWocAGY4o33Dsx1DL0vX8g4AU5x/Ik0kQoQ87d
JpricmZMU4ji+4A1qKnd8vlSqua8rf2smPjM4HN0mktwd84XlobDfoaIHWABOz8V
XGdm7zWk0+Xkjj2sB0K//1k+Fv9Cuw7ee2PTKfpewVJxEC1HLJRR8onTFO4ErPqC
h9T5X4p5qK9cbOWIURnNtn2D8GOrfPcs89EV9LuyotoPQar/5GoBDaHaswIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFApxaRZU5mlrKc7nLEWjDPwzAbCgMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvQ25GcEZsVG1hV3NwenVjc1JhTU1fRE1Cc0tBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCU5P0AwQC
W7rMAwQBXvGgAwQBXvGkAwQDXvGoAwQBsv0sMA0GCSqGSIb3DQEBCwUAA4IBAQCX
0xbQfj3fX/tE67VmMSavseS3eo7vinNrGZbfXx3UvoBwlOdOCw3Vt5bQ77wVBFNd
k+jU6c1c7wD719VeuVVMLsW2O/fU5EL7gjPv9AQAw+p3EvVxrJ8svOHhoXgvq1Fl
Wkbs5qxWCXuGRBOXPAMk3NJlKESvZi/iLfVNWE1K5OD05bvmlGO6uZ67VK6FFCTa
V2smaPR9h8aDl78k+halmkAmmcH7myfFPfXO5gd9nMBWoXdYI+fCULUX74n4dHkm
9WDVyFfvnU9pPzEMSZT87yYgyU+91FOYQTRbAnn3dQPYelkd30wQ+H+OvGSgFJ/r
xqX9w+7WnokWCyzFz6nr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:09 2024 by rpki-client on console-fra.rpki-client.org