Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/LrHnqmWSPSum3H7EwT1LEO-qpKw.roa
File: LrHnqmWSPSum3H7EwT1LEO-qpKw.roa (raw, json)
Hash identifier: nsXRcA0W4wVn4koFT5Rxowiu6GgxEtoWLX1mX+tXtFw=
Subject key identifier: 2E:B1:E7:AA:65:92:3D:2B:A6:DC:7E:C4:C1:3D:4B:10:EF:AA:A4:AC
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 01924EF3205CA1CAC32801FC9ACB11716717
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/LrHnqmWSPSum3H7EwT1LEO-qpKw.roa
Signing time: Wed 02 Oct 2024 20:36:49 +0000
ROA not before: Wed 02 Oct 2024 20:36:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.194.0/24 maxlen: 24
83.147.222.0/24 maxlen: 24
83.147.244.0/22 maxlen: 24
83.147.248.0/22 maxlen: 24
91.186.200.0/22 maxlen: 24
91.186.204.0/22 maxlen: 24
91.186.216.0/23 maxlen: 24
94.241.168.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Oct 2024 13:07:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4e:f3:20:5c:a1:ca:c3:28:01:fc:9a:cb:11:71:67:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Oct 2 20:36:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2eb1e7aa65923d2ba6dc7ec4c13d4b10efaaa4ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:1f:98:50:c0:a4:f5:c8:ec:65:c8:d8:25:dc:
a2:22:93:d1:33:d2:0f:fa:f2:05:53:ff:c2:e9:f2:
d9:da:7e:35:bb:e7:0a:48:88:64:f3:08:b5:28:2b:
49:03:41:97:c7:74:bb:1f:4e:9f:c2:a3:0b:98:57:
4f:f6:b5:b7:70:0c:3f:6a:7a:eb:8b:c7:10:87:4e:
e9:58:5b:2c:11:7b:bf:6a:9c:14:b5:9a:fb:d2:db:
56:df:e5:42:3e:dc:8b:6c:1a:f6:f8:fe:40:d8:e6:
b5:6d:59:ff:5e:e7:45:99:ff:2c:e9:ac:5d:2e:76:
c2:c4:e2:c6:d4:7a:d9:75:15:ef:fc:50:3a:d6:dd:
e3:6a:77:0c:af:57:cc:b6:4c:27:4f:a1:15:43:0d:
be:ff:94:9b:42:e3:53:89:13:ff:19:4f:0c:d8:3b:
28:dd:e8:66:fd:7c:a7:63:4d:21:1f:df:0d:de:f8:
a1:63:13:ce:92:68:a2:e3:fd:94:06:ce:61:be:af:
47:67:c3:3e:19:9c:63:9c:75:84:41:cc:aa:7a:8e:
2c:e0:90:74:de:e7:0d:be:c4:12:25:da:11:0b:76:
47:fa:57:26:ed:da:d3:9e:00:6f:3e:60:20:db:df:
d4:b4:36:f2:06:9c:2a:f6:05:f0:f8:44:b6:96:76:
8f:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:B1:E7:AA:65:92:3D:2B:A6:DC:7E:C4:C1:3D:4B:10:EF:AA:A4:AC
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/LrHnqmWSPSum3H7EwT1LEO-qpKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.194.0/24
83.147.222.0/24
83.147.244.0-83.147.251.255
91.186.200.0/21
91.186.216.0/23
94.241.168.0/21
Signature Algorithm: sha256WithRSAEncryption
1f:6d:a8:93:20:f7:e4:b3:43:43:b5:3c:50:f8:ea:04:d3:a1:
3e:6e:88:31:4a:9e:0d:45:2d:3c:cf:79:58:ff:13:0f:58:8c:
d7:ee:b0:03:44:44:d9:68:1a:2d:fd:4a:2c:f6:1c:d1:e2:75:
7a:8f:6e:0b:13:b6:7f:c1:32:e2:79:c3:36:8d:0a:a6:78:26:
b3:c8:84:b9:d8:29:28:c3:56:ea:c5:d4:3b:96:e0:ee:78:57:
65:f7:5e:8a:e9:d1:54:c9:0b:a1:57:59:ce:89:7f:8c:05:f5:
21:ff:6d:a7:37:79:19:72:99:cc:e9:9e:4d:12:9c:9a:7f:17:
84:b8:ce:42:fb:d8:1b:1f:79:4b:31:fa:97:24:b9:06:da:af:
db:a1:b1:c4:b7:01:ab:90:27:17:8f:11:bf:61:6d:b0:2b:c6:
65:05:a7:ab:24:b1:65:10:58:ba:92:9a:7a:f5:a7:1c:34:ca:
c1:91:34:3b:00:21:eb:57:cc:48:94:d3:c7:46:70:c5:7c:af:
4b:48:5e:d1:f9:0f:f4:43:d0:eb:5e:8d:60:c6:a5:3c:4c:4d:
37:d5:70:59:f6:fb:d8:4e:e3:72:a5:67:3e:28:73:38:de:54:
9c:b7:cf:cf:32:a2:b8:94:b6:26:65:d9:f8:66:3b:e2:4d:6c:
14:44:3f:e4
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZJO8yBcocrDKAH8mssRcWcXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQxMDAyMjAzNjQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWIxZTdhYTY1OTIzZDJiYTZkYzdlYzRjMTNkNGIxMGVmYWFhNGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuB+YUMCk9cjsZcjYJdyiIpPRM9IP
+vIFU//C6fLZ2n41u+cKSIhk8wi1KCtJA0GXx3S7H06fwqMLmFdP9rW3cAw/anrr
i8cQh07pWFssEXu/apwUtZr70ttW3+VCPtyLbBr2+P5A2Oa1bVn/XudFmf8s6axd
LnbCxOLG1HrZdRXv/FA61t3jancMr1fMtkwnT6EVQw2+/5SbQuNTiRP/GU8M2Dso
3ehm/XynY00hH98N3vihYxPOkmii4/2UBs5hvq9HZ8M+GZxjnHWEQcyqeo4s4JB0
3ucNvsQSJdoRC3ZH+lcm7drTngBvPmAg29/UtDbyBpwq9gXw+ES2lnaPBQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFC6x56plkj0rptx+xME9SxDvqqSsMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvTHJIbnFtV1NQU3VtM0g3RXdUMUxFTy1xcEt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAU5PCAwQA
U5PeMAwDBAJTk/QDBAJTk/gDBANbusgDBAFbutgDBANe8agwDQYJKoZIhvcNAQEL
BQADggEBAB9tqJMg9+SzQ0O1PFD46gTToT5uiDFKng1FLTzPeVj/Ew9YjNfusANE
RNloGi39Siz2HNHidXqPbgsTtn/BMuJ5wzaNCqZ4JrPIhLnYKSjDVurF1DuW4O54
V2X3Xorp0VTJC6FXWc6Jf4wF9SH/bac3eRlymczpnk0SnJp/F4S4zkL72BsfeUsx
+pckuQbar9uhscS3AauQJxePEb9hbbArxmUFp6sksWUQWLqSmnr1pxw0ysGRNDsA
IetXzEiU08dGcMV8r0tIXtH5D/RD0OtejWDGpTxMTTfVcFn2+9hO43KlZz4oczje
VJy3z88yoriUtiZl2fhmO+JNbBREP+Q=
-----END CERTIFICATE-----
Generated at Thu Oct 3 15:30:06 2024 by rpki-client on console-ams.rpki-client.org