Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/KpgV5-xPO4NRbV6W2uXvOx13do8.roa
File: KpgV5-xPO4NRbV6W2uXvOx13do8.roa (raw, json)
Hash identifier: Lgu7WPW/9nLeTJ7M65P2YnyJM+vaeJA9oQkjTaPESsg=
Subject key identifier: 2A:98:15:E7:EC:4F:3B:83:51:6D:5E:96:DA:E5:EF:3B:1D:77:76:8F
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 01926B7D618B1491823B50638C0211550ADB
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/KpgV5-xPO4NRbV6W2uXvOx13do8.roa
Signing time: Tue 08 Oct 2024 09:37:12 +0000
ROA not before: Tue 08 Oct 2024 09:37:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.244.0/22 maxlen: 24
91.186.200.0/22 maxlen: 24
91.186.204.0/22 maxlen: 24
91.186.216.0/23 maxlen: 24
94.241.168.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Oct 2024 06:05:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6b:7d:61:8b:14:91:82:3b:50:63:8c:02:11:55:0a:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Oct 8 09:37:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a9815e7ec4f3b83516d5e96dae5ef3b1d77768f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e2:91:19:9c:d0:3e:07:f4:c6:9d:7e:36:40:
99:fc:0d:27:02:24:05:8b:99:5d:af:e9:dd:84:04:
59:78:0b:38:58:42:10:16:af:05:73:49:77:65:a6:
64:cf:e4:b5:fb:39:e0:9f:52:91:6d:94:73:0e:06:
b2:c5:97:b7:0e:08:1d:d0:5b:6f:f8:db:44:3c:e8:
54:55:51:4b:87:34:ea:85:c3:64:92:18:9f:64:9b:
0e:cd:78:8f:93:8a:4b:9d:5f:ba:35:bf:cd:69:a6:
50:76:b8:2d:00:a5:6e:a6:56:0c:29:2a:c9:cf:50:
23:ee:bf:a7:c2:0f:25:5b:da:fe:b7:cf:73:79:b2:
05:29:27:f1:6b:3e:de:58:dc:21:4a:ff:a2:74:5a:
aa:37:e4:9d:bc:31:db:df:a6:59:9c:8d:ff:f1:13:
31:49:b6:9a:12:fb:76:09:30:a1:04:5e:ed:35:da:
f5:2a:5e:89:93:ce:f1:76:cd:81:11:cb:0b:18:32:
5a:a1:69:9b:a4:21:b3:fd:75:74:6f:03:5a:75:91:
7f:32:07:78:03:44:51:81:85:e5:a9:ff:4f:87:43:
25:b1:29:78:fb:a7:e0:e3:51:b3:79:8e:ad:90:e0:
46:ad:4d:d5:41:43:ed:d9:59:1c:73:96:ef:1a:41:
ce:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:98:15:E7:EC:4F:3B:83:51:6D:5E:96:DA:E5:EF:3B:1D:77:76:8F
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/KpgV5-xPO4NRbV6W2uXvOx13do8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.244.0/22
91.186.200.0/21
91.186.216.0/23
94.241.168.0/21
Signature Algorithm: sha256WithRSAEncryption
24:68:32:7c:aa:29:f4:13:ff:3c:c3:68:8a:6d:6f:56:8a:19:
b6:e4:5b:6b:ac:0a:d8:48:51:ff:16:71:ea:67:c9:ad:be:df:
d9:94:ff:41:ad:fe:77:55:e2:61:3d:0b:dd:3b:d2:c8:76:51:
40:8b:74:9a:fa:5f:6b:e2:61:48:62:26:e4:ea:6f:42:17:10:
ba:d2:fc:a0:e5:eb:ca:ec:92:ca:dc:de:50:4c:12:4f:09:38:
50:90:33:87:07:88:66:74:6d:7f:cd:ef:62:12:e3:e5:20:ce:
81:5b:83:cd:5f:fb:d4:22:eb:60:63:45:10:e7:ef:f6:63:1d:
a6:75:79:7d:af:09:21:10:76:22:44:9e:4f:97:ae:71:3e:1d:
28:0b:b7:25:2f:05:6a:78:4d:da:05:33:c1:20:e6:42:4e:56:
59:5f:e4:0b:88:b8:e7:7d:d0:2a:a3:87:73:75:54:18:ea:4a:
67:f6:76:2b:b1:b3:43:47:19:ce:bb:72:c6:e4:43:b7:05:d6:
b2:03:72:ef:60:16:10:6c:1f:6e:cf:53:02:e9:f6:fe:3b:23:
3c:28:86:fb:97:2e:ee:2d:2c:cc:b0:8d:e9:f4:d3:5b:26:8d:
6e:ae:ce:c4:0f:a7:0a:82:3b:fb:d1:ac:36:ff:d4:07:a3:5a:
74:3e:d9:9c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZJrfWGLFJGCO1BjjAIRVQrbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQxMDA4MDkzNzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTk4MTVlN2VjNGYzYjgzNTE2ZDVlOTZkYWU1ZWYzYjFkNzc3NjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+KRGZzQPgf0xp1+NkCZ/A0nAiQF
i5ldr+ndhARZeAs4WEIQFq8Fc0l3ZaZkz+S1+zngn1KRbZRzDgayxZe3Dggd0Ftv
+NtEPOhUVVFLhzTqhcNkkhifZJsOzXiPk4pLnV+6Nb/NaaZQdrgtAKVuplYMKSrJ
z1Aj7r+nwg8lW9r+t89zebIFKSfxaz7eWNwhSv+idFqqN+SdvDHb36ZZnI3/8RMx
SbaaEvt2CTChBF7tNdr1Kl6Jk87xds2BEcsLGDJaoWmbpCGz/XV0bwNadZF/Mgd4
A0RRgYXlqf9Ph0MlsSl4+6fg41GzeY6tkOBGrU3VQUPt2Vkcc5bvGkHO+wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCqYFefsTzuDUW1eltrl7zsdd3aPMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvS3BnVjUteFBPNE5SYlY2VzJ1WHZPeDEzZG84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCU5P0AwQD
W7rIAwQBW7rYAwQDXvGoMA0GCSqGSIb3DQEBCwUAA4IBAQAkaDJ8qin0E/88w2iK
bW9Wihm25FtrrArYSFH/FnHqZ8mtvt/ZlP9Brf53VeJhPQvdO9LIdlFAi3Sa+l9r
4mFIYibk6m9CFxC60vyg5evK7JLK3N5QTBJPCThQkDOHB4hmdG1/ze9iEuPlIM6B
W4PNX/vUIutgY0UQ5+/2Yx2mdXl9rwkhEHYiRJ5Pl65xPh0oC7clLwVqeE3aBTPB
IOZCTlZZX+QLiLjnfdAqo4dzdVQY6kpn9nYrsbNDRxnOu3LG5EO3BdayA3LvYBYQ
bB9uz1MC6fb+OyM8KIb7ly7uLSzMsI3p9NNbJo1urs7ED6cKgjv70aw2/9QHo1p0
Ptmc
-----END CERTIFICATE-----
Generated at Wed Oct 16 08:33:52 2024 by rpki-client on console-ams.rpki-client.org