Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/OCu5DSfMwuNLQVblPLGERx1hArs.roa
File: OCu5DSfMwuNLQVblPLGERx1hArs.roa (raw, json)
Hash identifier: xDO8gtq9qJCNxfg5W+06YI22HhrCWZSDTnU1bFCH/W0=
Subject key identifier: 38:2B:B9:0D:27:CC:C2:E3:4B:41:56:E5:3C:B1:84:47:1D:61:02:BB
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 019002CE0632567E66F82A16F14C50489076
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/OCu5DSfMwuNLQVblPLGERx1hArs.roa
Signing time: Mon 10 Jun 2024 15:39:34 +0000
ROA not before: Mon 10 Jun 2024 15:39:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5065
IP address blocks: 83.147.223.0/24 maxlen: 24
83.147.252.0/22 maxlen: 24
94.241.136.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Sep 2024 22:39:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:02:ce:06:32:56:7e:66:f8:2a:16:f1:4c:50:48:90:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jun 10 15:39:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=382bb90d27ccc2e34b4156e53cb184471d6102bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:46:e1:1d:6b:b0:a6:12:61:8d:52:cc:32:e3:
2c:d0:4f:d3:80:10:f0:98:61:aa:d1:b7:1a:92:8b:
da:95:05:d2:35:4e:9b:d9:37:48:f7:3c:53:fc:20:
58:b3:f3:60:1b:f5:f0:be:4a:de:57:30:54:93:74:
b3:c2:50:a5:c6:66:b3:a4:73:f7:f2:42:8d:79:b0:
11:b3:03:4a:2f:bb:0e:7a:4a:16:ca:4e:62:ec:99:
b7:5b:48:df:af:db:b2:46:8e:2c:8e:06:79:8b:5b:
4d:d5:40:50:2f:4b:c7:cc:8d:93:72:c9:0c:a8:e2:
0c:cd:16:d8:9b:6b:49:df:5f:c3:24:45:30:d5:d0:
e9:00:cd:64:b6:31:c4:84:bb:7e:4a:91:9b:51:7f:
0d:49:cd:f4:1a:91:59:98:d1:82:33:80:66:73:b6:
14:67:2d:4b:c0:58:91:b2:d5:c5:c2:89:f7:3d:65:
a8:1e:1e:87:a0:53:48:69:5e:3b:07:1b:f7:b9:cb:
50:8f:90:8a:b1:21:b1:02:71:38:e1:96:ff:9d:51:
a0:c7:f9:e1:8c:95:f2:13:45:90:c3:29:4b:01:a0:
0a:56:cf:b7:6d:d8:8a:80:75:73:f4:fa:bf:3e:2c:
24:05:f7:d1:23:fc:7b:f8:99:83:ec:ec:db:24:36:
2c:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:2B:B9:0D:27:CC:C2:E3:4B:41:56:E5:3C:B1:84:47:1D:61:02:BB
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/OCu5DSfMwuNLQVblPLGERx1hArs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.223.0/24
83.147.252.0/22
94.241.136.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:e6:cb:7b:e1:ab:42:a4:94:0e:85:37:c1:fe:b5:d1:c3:58:
0b:62:80:54:4e:b8:86:b6:35:4a:b6:c3:d7:97:52:f5:ca:3a:
e6:d9:1b:28:8a:bf:7d:be:14:78:ee:57:c0:fb:2d:63:37:f4:
36:37:b0:d1:20:6e:ad:9c:55:44:4c:46:30:a4:0f:b3:10:54:
a0:ce:cd:a7:41:1d:ee:e1:77:81:69:09:45:b1:c3:10:a7:a5:
10:d6:6f:03:44:5f:93:88:3d:56:26:d7:d2:47:27:6b:25:eb:
e9:5a:e2:e0:f2:b2:7a:94:3c:2b:10:03:43:6e:18:4e:da:4e:
17:c5:68:76:11:a5:76:73:ba:a1:8e:93:74:04:a6:26:61:2d:
e3:da:45:c1:1c:72:9d:41:f5:a8:ae:e5:21:c6:f2:3a:fd:92:
fd:ee:78:dc:2a:46:3d:cd:55:c5:d0:ca:90:1d:18:2b:6e:3f:
8f:8c:99:fb:29:22:18:5d:93:49:65:9b:31:f7:b5:be:2d:e4:
4d:71:13:80:78:a2:8d:2c:30:2f:07:29:3b:2b:45:53:cf:90:
56:d2:9a:8e:d8:88:fc:64:4c:3f:dd:c0:74:ef:44:ed:9b:a2:
af:85:de:f3:17:dd:12:48:a1:b4:69:44:45:ab:d9:09:4a:fa:
5a:95:ca:89
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZACzgYyVn5m+CoW8UxQSJB2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwNjEwMTUzOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODJiYjkwZDI3Y2NjMmUzNGI0MTU2ZTUzY2IxODQ0NzFkNjEwMmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUbhHWuwphJhjVLMMuMs0E/TgBDw
mGGq0bcakovalQXSNU6b2TdI9zxT/CBYs/NgG/XwvkreVzBUk3SzwlClxmazpHP3
8kKNebARswNKL7sOekoWyk5i7Jm3W0jfr9uyRo4sjgZ5i1tN1UBQL0vHzI2TcskM
qOIMzRbYm2tJ31/DJEUw1dDpAM1ktjHEhLt+SpGbUX8NSc30GpFZmNGCM4Bmc7YU
Zy1LwFiRstXFwon3PWWoHh6HoFNIaV47Bxv3uctQj5CKsSGxAnE44Zb/nVGgx/nh
jJXyE0WQwylLAaAKVs+3bdiKgHVz9Pq/PiwkBffRI/x7+JmD7OzbJDYsHQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDgruQ0nzMLjS0FW5TyxhEcdYQK7MB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvT0N1NURTZk13dU5MUVZibFBMR0VSeDFoQXJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAU5PfAwQC
U5P8AwQBXvGIMA0GCSqGSIb3DQEBCwUAA4IBAQBL5st74atCpJQOhTfB/rXRw1gL
YoBUTriGtjVKtsPXl1L1yjrm2Rsoir99vhR47lfA+y1jN/Q2N7DRIG6tnFVETEYw
pA+zEFSgzs2nQR3u4XeBaQlFscMQp6UQ1m8DRF+TiD1WJtfSRydrJevpWuLg8rJ6
lDwrEANDbhhO2k4XxWh2EaV2c7qhjpN0BKYmYS3j2kXBHHKdQfWoruUhxvI6/ZL9
7njcKkY9zVXF0MqQHRgrbj+PjJn7KSIYXZNJZZsx97W+LeRNcROAeKKNLDAvByk7
K0VTz5BW0pqO2Ij8ZEw/3cB070Ttm6Kvhd7zF90SSKG0aURFq9kJSvpalcqJ
-----END CERTIFICATE-----
Generated at Sat Sep 7 01:13:55 2024 by rpki-client on console-fra.rpki-client.org