Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/PeTnooXgvbivbZK07I1XHU65-q0.roa
File: PeTnooXgvbivbZK07I1XHU65-q0.roa (raw, json)
Hash identifier: 6UxxoMXs3PGfhGXkFEoXCi09oBR7N7ysmJXa6lT6Imo=
Subject key identifier: 3D:E4:E7:A2:85:E0:BD:B8:AF:6D:92:B4:EC:8D:57:1D:4E:B9:FA:AD
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 01901C4752143C1C9F1EFB02FD615DD327DB
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/PeTnooXgvbivbZK07I1XHU65-q0.roa
Signing time: Sat 15 Jun 2024 14:22:34 +0000
ROA not before: Sat 15 Jun 2024 14:22:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.232.0/22 maxlen: 24
83.147.244.0/22 maxlen: 24
91.186.200.0/22 maxlen: 24
91.186.204.0/22 maxlen: 24
94.241.168.0/21 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Jun 2024 07:10:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:1c:47:52:14:3c:1c:9f:1e:fb:02:fd:61:5d:d3:27:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jun 15 14:22:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3de4e7a285e0bdb8af6d92b4ec8d571d4eb9faad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:46:79:09:52:71:73:b9:6f:f9:e0:49:9a:f5:
99:7f:0a:90:ac:37:64:3b:5b:cd:cf:51:d0:5a:df:
dc:e0:04:b6:7b:ef:4c:0c:22:07:0b:f9:d0:d3:93:
1f:01:7f:27:2b:0c:13:17:91:b1:d6:f4:53:b7:66:
bf:b0:71:c3:cb:42:3d:40:f7:29:7c:5f:a0:87:85:
84:4b:c0:fc:04:31:2a:c2:c1:23:bc:5e:34:27:61:
f6:19:bd:9c:13:73:8a:79:e6:3d:d2:c1:88:ec:65:
83:f4:f1:a3:02:6f:16:36:29:2c:79:a5:0d:db:a1:
c1:b8:19:97:a2:33:67:26:fe:72:54:20:af:e3:a3:
7b:58:b7:a3:91:68:f9:f7:1c:05:22:3d:5e:5b:cc:
43:fe:5c:a1:e6:60:fe:b7:3d:08:c9:bf:0d:37:10:
8e:94:e8:bb:cd:ab:92:3c:a2:8d:36:d3:64:cb:05:
dc:27:36:e5:79:f0:6c:c2:4c:52:9c:d2:48:17:4f:
27:36:ab:16:a0:2f:9e:ae:06:f2:46:94:03:b0:e3:
60:05:44:3a:47:03:9c:9c:53:6b:af:03:43:33:37:
82:05:fd:3e:5f:98:92:fe:73:39:a1:6f:f9:c9:9e:
87:3b:03:4d:de:b7:22:68:54:97:05:6c:65:55:82:
cc:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:E4:E7:A2:85:E0:BD:B8:AF:6D:92:B4:EC:8D:57:1D:4E:B9:FA:AD
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/PeTnooXgvbivbZK07I1XHU65-q0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.232.0/22
83.147.244.0/22
91.186.200.0/21
94.241.168.0/21
Signature Algorithm: sha256WithRSAEncryption
4f:8a:8e:13:ad:7a:ad:9d:b9:ca:38:f0:dd:0e:a9:53:a3:df:
95:e2:34:2a:39:89:fd:20:5b:c9:c2:24:db:37:f3:b8:67:96:
c1:9b:49:38:e0:2c:1d:53:70:c5:ff:a0:a8:41:db:9e:03:f3:
06:60:4b:e8:ea:7b:ce:4c:58:97:aa:d0:8d:d1:79:63:10:93:
25:e2:9a:84:9b:f6:46:65:c1:dd:e1:0e:e1:6b:9e:e9:ac:7e:
42:d6:ba:cb:e3:8f:83:82:c2:31:1a:df:10:43:d7:2e:c5:c2:
f5:45:51:22:39:4b:f7:1e:72:0a:aa:a9:9b:e8:c5:4d:c0:84:
2a:9f:f5:44:d5:98:ef:5c:02:20:69:41:fa:f1:a8:81:12:d7:
64:a6:ee:73:9e:e4:38:dd:9b:8e:e9:e4:38:a4:1b:62:75:36:
72:ef:8b:b6:a8:99:0b:c1:13:6f:ca:94:ca:df:20:c4:57:f0:
c0:d5:00:5c:3b:08:a9:b0:bb:20:25:5f:1a:66:65:72:68:99:
5a:d5:3e:58:fd:cb:58:18:c9:24:26:7f:8c:95:2d:91:17:d2:
bc:43:65:d0:4f:d3:28:9a:94:e8:c6:56:4d:d1:3d:d4:15:07:
cf:b2:46:7e:3e:b6:82:be:bd:4e:05:f8:1c:82:61:52:aa:7c:
2c:10:df:2a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZAcR1IUPByfHvsC/WFd0yfbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwNjE1MTQyMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGU0ZTdhMjg1ZTBiZGI4YWY2ZDkyYjRlYzhkNTcxZDRlYjlmYWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9UZ5CVJxc7lv+eBJmvWZfwqQrDdk
O1vNz1HQWt/c4AS2e+9MDCIHC/nQ05MfAX8nKwwTF5Gx1vRTt2a/sHHDy0I9QPcp
fF+gh4WES8D8BDEqwsEjvF40J2H2Gb2cE3OKeeY90sGI7GWD9PGjAm8WNikseaUN
26HBuBmXojNnJv5yVCCv46N7WLejkWj59xwFIj1eW8xD/lyh5mD+tz0Iyb8NNxCO
lOi7zauSPKKNNtNkywXcJzblefBswkxSnNJIF08nNqsWoC+ergbyRpQDsONgBUQ6
RwOcnFNrrwNDMzeCBf0+X5iS/nM5oW/5yZ6HOwNN3rciaFSXBWxlVYLMIQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD3k56KF4L24r22StOyNVx1OufqtMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvUGVUbm9vWGd2Yml2YlpLMDdJMVhIVTY1LXEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCU5PoAwQC
U5P0AwQDW7rIAwQDXvGoMA0GCSqGSIb3DQEBCwUAA4IBAQBPio4TrXqtnbnKOPDd
DqlTo9+V4jQqOYn9IFvJwiTbN/O4Z5bBm0k44CwdU3DF/6CoQdueA/MGYEvo6nvO
TFiXqtCN0XljEJMl4pqEm/ZGZcHd4Q7ha57prH5C1rrL44+DgsIxGt8QQ9cuxcL1
RVEiOUv3HnIKqqmb6MVNwIQqn/VE1ZjvXAIgaUH68aiBEtdkpu5znuQ43ZuO6eQ4
pBtidTZy74u2qJkLwRNvypTK3yDEV/DA1QBcOwipsLsgJV8aZmVyaJla1T5Y/ctY
GMkkJn+MlS2RF9K8Q2XQT9MompToxlZN0T3UFQfPskZ+PraCvr1OBfgcgmFSqnws
EN8q
-----END CERTIFICATE-----
Generated at Fri Jun 21 11:19:28 2024 by rpki-client on console-ams.rpki-client.org