Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/De9S2-gfPoqXQ5PNkw3c2uexix8.roa
File: De9S2-gfPoqXQ5PNkw3c2uexix8.roa (raw, json)
Hash identifier: 4V9erdRRlOk3SNBfZeOPWeX/PcyjRmfSmhjiJxAx/0Y=
Subject key identifier: 0D:EF:52:DB:E8:1F:3E:8A:97:43:93:CD:93:0D:DC:DA:E7:B1:8B:1F
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 01880565AD64A46EDB218FC8AF22AFE41D03
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/De9S2-gfPoqXQ5PNkw3c2uexix8.roa
Signing time: Wed 10 May 2023 11:22:09 +0000
ROA not before: Wed 10 May 2023 11:22:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.186.194.0/23 maxlen: 24
91.186.216.0/22 maxlen: 24
178.253.22.0/23 maxlen: 24
83.147.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 May 2023 18:08:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:05:65:ad:64:a4:6e:db:21:8f:c8:af:22:af:e4:1d:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: May 10 11:22:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0def52dbe81f3e8a974393cd930ddcdae7b18b1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:9e:43:71:42:20:00:26:dd:f1:38:8f:2c:3c:
bb:dc:bb:d1:e0:6d:74:07:7f:31:39:ff:cb:10:81:
be:42:03:4f:9e:7f:43:4b:19:20:75:0f:c2:14:dc:
14:29:a3:75:96:e1:b7:ba:47:c7:6d:ee:4b:1a:0f:
90:7e:d7:3e:85:5a:95:74:fb:7e:1d:37:2d:56:82:
8f:c5:62:e4:b3:6b:67:85:f7:14:7d:27:18:0a:b9:
df:97:6f:06:1d:c6:fa:87:ca:b4:11:33:59:99:24:
04:6e:e4:73:30:ac:0c:a2:c0:4d:b6:f6:e1:0f:2c:
74:2d:c5:66:1c:62:a1:3b:1c:68:56:50:b1:62:80:
fb:5a:8c:88:60:50:fc:af:73:c2:9e:58:f4:b7:e8:
59:bf:d2:50:3d:80:91:28:65:5c:c6:69:28:ae:eb:
21:6e:52:32:0c:d4:db:66:f1:d9:46:e6:6c:eb:ad:
37:65:5d:11:41:98:f2:a9:a3:87:9f:98:58:57:dc:
87:75:db:49:f7:f6:78:9d:f4:0a:36:34:f0:49:09:
1d:2b:a6:ef:f7:e9:9c:fd:a6:f4:a2:39:bb:6b:00:
e9:24:72:13:a3:e4:1c:f9:00:13:33:06:e7:b8:5e:
99:c8:b6:f5:aa:54:ba:70:42:97:dd:a6:ae:3e:79:
e1:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:EF:52:DB:E8:1F:3E:8A:97:43:93:CD:93:0D:DC:DA:E7:B1:8B:1F
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/De9S2-gfPoqXQ5PNkw3c2uexix8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.252.0/22
91.186.194.0/23
91.186.216.0/22
178.253.22.0/23
Signature Algorithm: sha256WithRSAEncryption
10:a7:9f:5b:4d:e8:37:91:c6:8b:4a:2e:e8:40:2c:78:e2:ce:
bb:8c:b1:d9:a4:e1:4c:a3:da:7f:cb:c7:68:81:af:74:f8:8d:
44:b3:36:75:83:aa:55:d4:9d:b9:7a:45:ac:b2:92:cd:89:25:
b3:71:4e:a9:4a:cb:dc:c3:2b:1c:fb:f8:5e:15:bf:55:f8:55:
c8:6c:c4:d6:ec:b4:ce:cb:ca:ab:62:cc:5d:6d:ab:5b:c1:43:
9c:67:80:74:ad:00:b7:65:41:8b:96:bf:dc:23:cb:40:3a:19:
ae:46:20:f9:b0:a7:f7:5c:df:5d:bd:21:28:0a:a6:25:cd:73:
8e:6c:32:0a:ca:90:1b:4b:2c:bb:62:04:7d:18:01:77:41:54:
66:45:66:68:3d:10:9f:79:3a:ea:d6:1d:57:1f:a0:de:51:f3:
08:db:85:ff:4e:15:35:33:f8:a7:f6:d7:e0:10:09:b7:80:e8:
4f:24:fb:91:23:aa:cc:0e:fc:6d:cb:18:dd:2c:fd:1e:69:57:
e3:93:23:97:73:de:0c:43:2a:11:59:04:24:51:26:bb:2b:54:
36:67:cd:df:77:60:2a:85:2b:bd:65:62:da:bb:c2:06:95:2f:
a6:74:cc:c7:bb:8f:ed:8a:32:86:9a:55:52:1f:dd:03:18:1f:
74:65:04:7a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYgFZa1kpG7bIY/IryKv5B0DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwNTEwMTEyMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGVmNTJkYmU4MWYzZThhOTc0MzkzY2Q5MzBkZGNkYWU3YjE4YjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZ5DcUIgACbd8TiPLDy73LvR4G10
B38xOf/LEIG+QgNPnn9DSxkgdQ/CFNwUKaN1luG3ukfHbe5LGg+Qftc+hVqVdPt+
HTctVoKPxWLks2tnhfcUfScYCrnfl28GHcb6h8q0ETNZmSQEbuRzMKwMosBNtvbh
Dyx0LcVmHGKhOxxoVlCxYoD7WoyIYFD8r3PCnlj0t+hZv9JQPYCRKGVcxmkorush
blIyDNTbZvHZRuZs6603ZV0RQZjyqaOHn5hYV9yHddtJ9/Z4nfQKNjTwSQkdK6bv
9+mc/ab0ojm7awDpJHITo+Qc+QATMwbnuF6ZyLb1qlS6cEKX3aauPnnhEQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFA3vUtvoHz6Kl0OTzZMN3NrnsYsfMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvRGU5UzItZ2ZQb3FYUTVQTmt3M2MydWV4aXg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCU5P8AwQB
W7rCAwQCW7rYAwQBsv0WMA0GCSqGSIb3DQEBCwUAA4IBAQAQp59bTeg3kcaLSi7o
QCx44s67jLHZpOFMo9p/y8doga90+I1EszZ1g6pV1J25ekWsspLNiSWzcU6pSsvc
wysc+/heFb9V+FXIbMTW7LTOy8qrYsxdbatbwUOcZ4B0rQC3ZUGLlr/cI8tAOhmu
RiD5sKf3XN9dvSEoCqYlzXOObDIKypAbSyy7YgR9GAF3QVRmRWZoPRCfeTrq1h1X
H6DeUfMI24X/ThU1M/in9tfgEAm3gOhPJPuRI6rMDvxtyxjdLP0eaVfjkyOXc94M
QyoRWQQkUSa7K1Q2Z83fd2AqhSu9ZWLau8IGlS+mdMzHu4/tijKGmlVSH90DGB90
ZQR6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:09 2024 by rpki-client on console-fra.rpki-client.org