Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/L6fWZLyX60mTDRA5EbrSR3qNkbQ.roa
File: L6fWZLyX60mTDRA5EbrSR3qNkbQ.roa (raw, json)
Hash identifier: eP7pvJa6ST21H30MqJUG2NFuO5JWME06xuZoINzwHkc=
Subject key identifier: 2F:A7:D6:64:BC:97:EB:49:93:0D:10:39:11:BA:D2:47:7A:8D:91:B4
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018D1B367B0FDE6A5632CDFB88E29FEBCC0B
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/L6fWZLyX60mTDRA5EbrSR3qNkbQ.roa
Signing time: Thu 18 Jan 2024 06:16:11 +0000
ROA not before: Thu 18 Jan 2024 06:16:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.244.0/22 maxlen: 24
83.147.252.0/22 maxlen: 24
91.186.204.0/22 maxlen: 24
91.186.216.0/22 maxlen: 24
94.241.164.0/23 maxlen: 24
94.241.168.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Jan 2024 06:37:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1b:36:7b:0f:de:6a:56:32:cd:fb:88:e2:9f:eb:cc:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jan 18 06:16:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2fa7d664bc97eb49930d103911bad2477a8d91b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:6d:a9:01:cf:c4:cb:39:9e:18:aa:85:f5:e7:
13:69:f1:fa:7b:d9:8b:8f:ce:ab:6e:30:98:35:bd:
03:65:89:2f:98:1d:08:40:3c:1a:83:e9:41:4a:11:
1b:f4:dd:97:85:ce:8e:71:86:4d:37:8b:d8:48:98:
ff:f9:79:50:3c:b7:93:66:15:39:ac:da:23:1c:73:
5e:da:70:bd:65:b0:35:93:00:ad:19:f1:72:36:11:
18:29:1e:13:36:a4:07:cd:1a:4f:97:36:01:c9:47:
cd:ab:2f:ed:c9:02:38:76:c5:0b:ab:60:74:ca:6f:
b1:5a:b7:80:0d:49:bf:2e:a9:d4:d1:4d:30:f0:28:
83:08:0c:ba:13:ba:8d:ba:10:f6:7a:eb:2e:0c:81:
3d:fd:7f:18:28:e8:83:25:32:c6:1a:3b:4d:b5:8f:
60:99:04:30:ea:3f:35:7d:06:62:eb:3e:81:a6:77:
c9:f2:35:96:81:88:b3:6d:d6:a9:53:ea:c0:7f:71:
68:7b:b8:6a:ca:84:83:c3:50:b3:bb:0d:92:97:a1:
04:d7:4b:ac:93:ea:3d:cd:81:79:59:90:5b:11:db:
cc:86:35:69:a1:4c:88:11:e2:e5:fb:25:bf:44:77:
18:37:eb:41:6e:d8:77:32:d0:9e:88:39:eb:d4:5e:
98:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:A7:D6:64:BC:97:EB:49:93:0D:10:39:11:BA:D2:47:7A:8D:91:B4
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/L6fWZLyX60mTDRA5EbrSR3qNkbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.244.0/22
83.147.252.0/22
91.186.204.0/22
91.186.216.0/22
94.241.164.0/23
94.241.168.0/21
Signature Algorithm: sha256WithRSAEncryption
9e:b1:59:57:6b:38:9a:37:8a:2f:9a:e1:5a:ca:c1:99:4d:98:
b9:b4:4c:29:ab:03:a4:67:c6:33:60:86:d3:0d:88:96:77:99:
3b:63:bf:80:3a:eb:aa:99:f8:66:ee:b5:17:06:d5:e4:ef:76:
ef:1b:3b:43:36:0c:8c:3e:77:a9:44:ac:17:b9:ff:1a:e1:5f:
76:c3:f9:c5:78:52:95:96:8c:a0:8a:84:13:a3:da:af:b6:63:
d7:83:6e:62:0d:71:97:c6:ac:e7:89:56:8f:e3:73:62:8a:35:
09:68:ad:33:1e:e2:17:92:2f:da:b4:6c:8c:8d:b3:db:e2:c9:
1e:47:43:7d:2f:ee:76:02:bc:f2:db:78:a5:be:08:6d:f5:f5:
14:90:90:69:01:2c:6c:67:bb:c8:dc:19:4d:72:29:ce:ef:e6:
64:c8:d0:e1:d9:8c:6a:f0:f1:89:fa:78:9e:9f:dd:46:9d:d9:
44:e8:c1:13:15:6a:a5:e4:9f:c0:ca:2a:79:2b:b8:52:cd:b0:
d8:5e:03:01:7a:86:ff:c8:1c:71:05:6f:41:85:f9:b0:5f:38:
b5:4b:65:2e:98:56:5d:cd:6e:0c:e3:f6:8e:e8:42:8d:9b:8a:
3b:21:b2:22:e3:f2:14:f9:f1:b7:9b:69:ef:61:82:99:00:5d:
d3:b3:bc:34
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY0bNnsP3mpWMs37iOKf68wLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwMTE4MDYxNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmE3ZDY2NGJjOTdlYjQ5OTMwZDEwMzkxMWJhZDI0NzdhOGQ5MWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnm2pAc/EyzmeGKqF9ecTafH6e9mL
j86rbjCYNb0DZYkvmB0IQDwag+lBShEb9N2Xhc6OcYZNN4vYSJj/+XlQPLeTZhU5
rNojHHNe2nC9ZbA1kwCtGfFyNhEYKR4TNqQHzRpPlzYByUfNqy/tyQI4dsULq2B0
ym+xWreADUm/LqnU0U0w8CiDCAy6E7qNuhD2eusuDIE9/X8YKOiDJTLGGjtNtY9g
mQQw6j81fQZi6z6BpnfJ8jWWgYizbdapU+rAf3Foe7hqyoSDw1Czuw2Sl6EE10us
k+o9zYF5WZBbEdvMhjVpoUyIEeLl+yW/RHcYN+tBbth3MtCeiDnr1F6YRQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFC+n1mS8l+tJkw0QORG60kd6jZG0MB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvTDZmV1pMeVg2MG1URFJBNUViclNSM3FOa2JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCU5P0AwQC
U5P8AwQCW7rMAwQCW7rYAwQBXvGkAwQDXvGoMA0GCSqGSIb3DQEBCwUAA4IBAQCe
sVlXaziaN4ovmuFaysGZTZi5tEwpqwOkZ8YzYIbTDYiWd5k7Y7+AOuuqmfhm7rUX
BtXk73bvGztDNgyMPnepRKwXuf8a4V92w/nFeFKVloygioQTo9qvtmPXg25iDXGX
xqzniVaP43NiijUJaK0zHuIXki/atGyMjbPb4skeR0N9L+52Arzy23ilvght9fUU
kJBpASxsZ7vI3BlNcinO7+ZkyNDh2Yxq8PGJ+nien91GndlE6METFWql5J/Ayip5
K7hSzbDYXgMBeob/yBxxBW9BhfmwXzi1S2UumFZdzW4M4/aO6EKNm4o7IbIi4/IU
+fG3m2nvYYKZAF3Ts7w0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:19 2024 by rpki-client on console-ams.rpki-client.org