Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/OpEH99KxgBrF_1SkinICzsGjgdI.roa
File: OpEH99KxgBrF_1SkinICzsGjgdI.roa (raw, json)
Hash identifier: tb0wEibru4FMqcaVeb1nzm0qCrz23lvpD1DpzYagij8=
Subject key identifier: 3A:91:07:F7:D2:B1:80:1A:C5:FF:54:A4:8A:72:02:CE:C1:A3:81:D2
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018F5D1967BBB346A555842A522A908E6838
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/OpEH99KxgBrF_1SkinICzsGjgdI.roa
Signing time: Thu 09 May 2024 11:24:56 +0000
ROA not before: Thu 09 May 2024 11:24:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.244.0/22 maxlen: 24
91.186.204.0/22 maxlen: 24
94.241.168.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sun 12 May 2024 07:01:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5d:19:67:bb:b3:46:a5:55:84:2a:52:2a:90:8e:68:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: May 9 11:24:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a9107f7d2b1801ac5ff54a48a7202cec1a381d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:9f:31:c6:0b:fa:9c:14:02:01:1d:eb:b6:05:
70:d0:5d:45:a1:ce:b5:ea:af:17:d9:2c:38:10:e0:
fd:fe:de:59:db:00:37:a3:f5:6e:2d:4a:bf:e2:97:
1d:fb:ce:de:0f:a9:ca:f2:ea:71:94:c3:13:c7:44:
9c:d9:6a:d6:8f:d1:ee:e9:43:97:d4:38:b5:64:7f:
84:66:c2:e6:69:75:16:65:e9:94:f6:19:66:8f:c8:
15:5a:c5:b9:fd:3a:ba:f4:52:88:ba:cf:64:0b:4c:
81:c6:49:f8:d1:d4:fe:aa:8c:9e:c7:3f:a3:2a:71:
3c:3e:21:f9:93:a5:55:23:1b:e5:ce:4b:05:51:8f:
4d:ec:cc:34:e4:1c:4f:c3:2d:9d:78:12:12:1e:9c:
e6:fa:8a:7c:2c:10:15:77:6e:14:61:fb:18:b2:97:
c6:d8:a4:58:d3:1d:8c:4e:7c:de:6d:9b:4b:66:d0:
d8:b2:80:55:9f:3e:dc:ae:38:4e:3f:c1:37:ec:03:
a0:e6:51:28:e0:0b:d0:7e:c1:47:54:31:31:00:2d:
e3:a8:86:44:4e:81:fa:f4:4c:03:84:96:7a:0c:cb:
78:cb:03:69:f6:01:82:68:44:bf:b5:57:0f:0a:f8:
c6:da:ce:46:8d:7b:cb:cf:90:5c:e2:59:2d:f5:db:
c7:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:91:07:F7:D2:B1:80:1A:C5:FF:54:A4:8A:72:02:CE:C1:A3:81:D2
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/OpEH99KxgBrF_1SkinICzsGjgdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.244.0/22
91.186.204.0/22
94.241.168.0/21
Signature Algorithm: sha256WithRSAEncryption
26:04:fa:fe:23:f2:d2:80:e0:e1:13:29:8a:d5:e4:80:06:d9:
9f:d9:0a:79:3a:da:18:7a:25:75:42:90:c4:d8:88:39:f4:7b:
56:d3:a4:78:1a:fd:c5:18:0b:f8:32:3a:d5:5f:8d:d8:35:15:
b8:45:4e:e1:98:c7:1a:05:ef:0b:65:d8:61:73:f6:5c:e6:fd:
a7:c4:00:56:e2:b6:5e:79:02:34:98:de:2b:22:ae:31:d9:81:
13:d0:eb:1d:73:99:fe:44:6f:76:6e:8b:d1:8e:ed:c7:ad:6c:
5f:7e:cf:8f:32:a3:22:48:c2:bb:8a:e6:b6:ed:7d:2a:eb:db:
1e:12:99:26:1b:bd:42:d6:b0:fe:d2:a7:89:82:9f:5c:ed:69:
e9:eb:70:df:3e:9d:a2:f3:0b:bb:39:48:b7:83:ee:23:64:7e:
f2:a8:94:d0:f9:04:89:96:05:b1:65:50:e7:45:8e:b1:bf:4a:
af:4e:6a:3d:bc:36:27:5a:f9:00:36:9a:36:d6:52:c5:dd:18:
fb:82:16:2c:02:a0:b8:26:e5:99:c9:8d:17:d1:3d:b3:64:99:
b2:38:ca:72:8f:a0:e4:ee:7a:da:64:f3:b0:fa:81:94:78:be:
a1:ed:98:b9:68:ad:34:20:52:92:53:27:27:26:65:5f:52:5a:
e7:da:e1:eb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY9dGWe7s0alVYQqUiqQjmg4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwNTA5MTEyNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTkxMDdmN2QyYjE4MDFhYzVmZjU0YTQ4YTcyMDJjZWMxYTM4MWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJ8xxgv6nBQCAR3rtgVw0F1Foc61
6q8X2Sw4EOD9/t5Z2wA3o/VuLUq/4pcd+87eD6nK8upxlMMTx0Sc2WrWj9Hu6UOX
1Di1ZH+EZsLmaXUWZemU9hlmj8gVWsW5/Tq69FKIus9kC0yBxkn40dT+qoyexz+j
KnE8PiH5k6VVIxvlzksFUY9N7Mw05BxPwy2deBISHpzm+op8LBAVd24UYfsYspfG
2KRY0x2MTnzebZtLZtDYsoBVnz7crjhOP8E37AOg5lEo4AvQfsFHVDExAC3jqIZE
ToH69EwDhJZ6DMt4ywNp9gGCaES/tVcPCvjG2s5GjXvLz5Bc4lkt9dvHLQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDqRB/fSsYAaxf9UpIpyAs7Bo4HSMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvT3BFSDk5S3hnQnJGXzFTa2luSUN6c0dqZ2RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCU5P0AwQC
W7rMAwQDXvGoMA0GCSqGSIb3DQEBCwUAA4IBAQAmBPr+I/LSgODhEymK1eSABtmf
2Qp5OtoYeiV1QpDE2Ig59HtW06R4Gv3FGAv4MjrVX43YNRW4RU7hmMcaBe8LZdhh
c/Zc5v2nxABW4rZeeQI0mN4rIq4x2YET0Osdc5n+RG92bovRju3HrWxffs+PMqMi
SMK7iua27X0q69seEpkmG71C1rD+0qeJgp9c7Wnp63DfPp2i8wu7OUi3g+4jZH7y
qJTQ+QSJlgWxZVDnRY6xv0qvTmo9vDYnWvkANpo21lLF3Rj7ghYsAqC4JuWZyY0X
0T2zZJmyOMpyj6Dk7nraZPOw+oGUeL6h7Zi5aK00IFKSUycnJmVfUlrn2uHr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:19 2024 by rpki-client on console-ams.rpki-client.org