Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/Kh_vwm-w0kKYqSn7vNspzeE95E0.roa
File: Kh_vwm-w0kKYqSn7vNspzeE95E0.roa (raw, json)
Hash identifier: vWxprDv1cwaUHfs+WofT/Nzbm+Mre00DA6Q6Oiut9xY=
Subject key identifier: 2A:1F:EF:C2:6F:B0:D2:42:98:A9:29:FB:BC:DB:29:CD:E1:3D:E4:4D
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018BD4D56812897D17B68B2800212AFBBC21
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/Kh_vwm-w0kKYqSn7vNspzeE95E0.roa
Signing time: Wed 15 Nov 2023 21:13:57 +0000
ROA not before: Wed 15 Nov 2023 21:13:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.186.216.0/22 maxlen: 24
94.241.168.0/21 maxlen: 24
83.147.216.0/24 maxlen: 24
178.253.26.0/23 maxlen: 24
178.253.32.0/24 maxlen: 24
83.147.244.0/22 maxlen: 24
83.147.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Nov 2023 12:24:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d4:d5:68:12:89:7d:17:b6:8b:28:00:21:2a:fb:bc:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Nov 15 21:13:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a1fefc26fb0d24298a929fbbcdb29cde13de44d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:0e:c7:2d:f2:dd:d4:dc:a0:4a:b6:04:ba:02:
27:8a:c0:40:59:82:ef:a4:cd:bd:49:b7:02:db:c5:
33:74:7d:36:6c:92:bf:1e:37:ec:6c:53:af:24:1c:
c5:45:39:f5:ad:ba:22:80:9a:ca:c2:e3:9c:c6:44:
84:27:aa:f1:ac:bd:bb:6c:96:3a:78:bd:86:7e:6a:
f2:07:70:f9:a9:4a:56:04:7a:3c:39:69:d8:f3:20:
d4:90:5e:ed:d1:75:23:8a:89:36:fd:40:e9:fc:ae:
96:11:fe:b5:e9:9d:e2:e6:40:41:b1:8c:28:c5:97:
73:56:f7:64:ee:d5:7b:8c:c3:b6:cb:17:61:ec:80:
6a:f6:28:ab:f4:14:8b:1e:fe:28:31:89:e4:20:3f:
53:f8:bd:47:2f:d0:c9:e3:bc:a7:b2:3e:93:bc:5f:
cf:42:90:9c:2f:02:ae:8a:e2:e1:79:8f:86:29:e9:
0a:6d:ac:3b:2b:0e:1f:3d:8a:79:69:71:9a:b8:c8:
55:45:28:16:1a:33:ec:82:bd:85:66:b1:25:48:d1:
e0:29:4d:b2:4c:f4:08:ff:bf:6a:cb:83:57:1a:84:
05:b8:ed:6a:11:69:13:76:fb:98:5a:4b:13:da:ac:
77:79:d2:48:88:bb:01:d8:11:54:f0:bd:48:1a:43:
16:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:1F:EF:C2:6F:B0:D2:42:98:A9:29:FB:BC:DB:29:CD:E1:3D:E4:4D
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/Kh_vwm-w0kKYqSn7vNspzeE95E0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.216.0/24
83.147.244.0/22
83.147.252.0/22
91.186.216.0/22
94.241.168.0/21
178.253.26.0/23
178.253.32.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:76:4a:dd:04:d2:8e:f7:ba:7c:6f:21:2b:4e:8a:73:99:c2:
02:a7:e5:49:03:d0:df:32:c7:1d:1f:2a:8a:6d:99:0f:d4:a1:
49:c8:2c:70:a2:5b:50:1e:d2:c9:9f:f4:66:5a:66:be:9d:2c:
c8:af:c7:2d:ae:30:a6:c8:5c:af:bf:6e:f5:ca:1a:9d:68:1e:
7e:91:27:45:b6:7a:76:04:2f:8f:d2:74:ed:9d:8e:51:6d:71:
db:83:03:1f:33:8e:9e:e3:d3:53:58:bc:b3:ac:20:a8:b8:ab:
0b:8d:67:d3:0b:2d:7b:46:a0:33:a4:3e:f3:f4:3e:d3:23:9e:
d5:a7:e1:39:c2:12:f7:5d:fa:78:e8:59:e4:68:e7:c1:04:3d:
00:55:63:da:84:65:7a:19:83:00:53:65:84:3a:54:23:99:13:
ca:7b:05:24:1d:fc:94:e4:af:53:24:4e:7c:12:f7:94:60:46:
f3:7a:5f:a5:ce:58:4e:da:eb:03:6f:6f:43:2c:30:5c:43:0d:
3e:52:3f:49:ff:7f:28:a4:3e:b6:6e:43:ba:d7:7f:2c:cd:ed:
5f:bc:07:b6:b3:62:e2:3b:85:5d:a9:50:37:94:0b:ff:9a:69:
c2:a0:a2:fc:fc:92:42:bd:71:6e:31:19:67:1e:f3:20:6e:9d:
0a:5b:55:fd
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYvU1WgSiX0XtosoACEq+7whMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMxMTE1MjExMzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTFmZWZjMjZmYjBkMjQyOThhOTI5ZmJiY2RiMjljZGUxM2RlNDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQ7HLfLd1NygSrYEugInisBAWYLv
pM29SbcC28UzdH02bJK/HjfsbFOvJBzFRTn1rboigJrKwuOcxkSEJ6rxrL27bJY6
eL2GfmryB3D5qUpWBHo8OWnY8yDUkF7t0XUjiok2/UDp/K6WEf616Z3i5kBBsYwo
xZdzVvdk7tV7jMO2yxdh7IBq9iir9BSLHv4oMYnkID9T+L1HL9DJ47ynsj6TvF/P
QpCcLwKuiuLheY+GKekKbaw7Kw4fPYp5aXGauMhVRSgWGjPsgr2FZrElSNHgKU2y
TPQI/79qy4NXGoQFuO1qEWkTdvuYWksT2qx3edJIiLsB2BFU8L1IGkMWHwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCof78JvsNJCmKkp+7zbKc3hPeRNMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvS2hfdndtLXcwa0tZcVNuN3ZOc3B6ZUU5NUUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAU5PYAwQC
U5P0AwQCU5P8AwQCW7rYAwQDXvGoAwQBsv0aAwQAsv0gMA0GCSqGSIb3DQEBCwUA
A4IBAQA9dkrdBNKO97p8byErTopzmcICp+VJA9DfMscdHyqKbZkP1KFJyCxwoltQ
HtLJn/RmWma+nSzIr8ctrjCmyFyvv271yhqdaB5+kSdFtnp2BC+P0nTtnY5RbXHb
gwMfM46e49NTWLyzrCCouKsLjWfTCy17RqAzpD7z9D7TI57Vp+E5whL3Xfp46Fnk
aOfBBD0AVWPahGV6GYMAU2WEOlQjmRPKewUkHfyU5K9TJE58EveUYEbzel+lzlhO
2usDb29DLDBcQw0+Uj9J/38opD62bkO6138sze1fvAe2s2LiO4VdqVA3lAv/mmnC
oKL8/JJCvXFuMRlnHvMgbp0KW1X9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:09 2024 by rpki-client on console-fra.rpki-client.org