Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/Q0mFZFpHqnRqo92IbJuW4k5m8go.roa
File: Q0mFZFpHqnRqo92IbJuW4k5m8go.roa (raw, json)
Hash identifier: uEfeXnNYmUa2dHnuiXio/cFWYon9fsDaIQd6dZ7W8Jw=
Subject key identifier: 43:49:85:64:5A:47:AA:74:6A:A3:DD:88:6C:9B:96:E2:4E:66:F2:0A
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 0185E80BEB037CED49967D7FB9932943B7E8
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/Q0mFZFpHqnRqo92IbJuW4k5m8go.roa
Signing time: Wed 25 Jan 2023 08:29:33 +0000
ROA not before: Wed 25 Jan 2023 08:29:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 91.186.200.0/22 maxlen: 24
91.186.214.0/23 maxlen: 24
94.241.168.0/21 maxlen: 24
94.241.176.0/21 maxlen: 24
83.147.216.0/23 maxlen: 24
178.253.31.0/24 maxlen: 24
83.147.217.0/24 maxlen: 24
83.147.222.0/23 maxlen: 24
83.147.232.0/22 maxlen: 24
178.253.52.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Jan 2023 21:01:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e8:0b:eb:03:7c:ed:49:96:7d:7f:b9:93:29:43:b7:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jan 25 08:29:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=434985645a47aa746aa3dd886c9b96e24e66f20a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:bb:80:f1:5b:93:9f:5d:27:c4:e7:00:22:da:
39:47:da:54:44:72:94:4e:8c:5d:c5:7f:4e:4a:d2:
3b:5b:85:d3:d9:6e:9a:df:46:df:6e:bc:02:9a:8d:
07:22:0a:53:34:db:8e:89:e8:af:4d:c4:5d:a6:40:
7c:22:0c:f9:e4:f1:7f:21:74:5e:26:d8:ef:10:10:
5c:04:2c:b6:2b:ce:c9:69:b2:a8:7c:0a:df:33:7b:
b0:92:da:37:9c:c0:8f:d2:aa:0b:2e:a0:ad:fa:e6:
ee:c4:63:26:f4:0f:42:0d:64:99:e7:cd:e6:49:df:
fa:e4:70:16:76:2b:83:89:55:58:c7:c2:49:96:88:
17:72:be:c3:1c:6e:77:12:c6:44:0a:b1:42:4d:15:
71:c0:dd:de:7e:bb:7c:b0:62:c6:38:9e:48:73:de:
98:5b:93:e8:20:dd:2a:30:0d:01:4a:47:43:8f:14:
29:d3:76:61:21:30:a5:a3:b0:de:b4:c6:08:65:3a:
8b:1f:e4:84:df:fb:e1:be:53:16:1a:d2:b0:d3:69:
42:fe:0e:c1:50:7f:c3:1f:ad:4f:56:b3:55:36:aa:
08:0e:50:f3:eb:69:a5:dd:9a:99:b5:fa:4f:7d:34:
5b:52:e5:ca:f0:5e:37:5f:10:76:30:d7:29:52:41:
47:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:49:85:64:5A:47:AA:74:6A:A3:DD:88:6C:9B:96:E2:4E:66:F2:0A
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/Q0mFZFpHqnRqo92IbJuW4k5m8go.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.216.0/23
83.147.222.0/23
83.147.232.0/22
91.186.200.0/22
91.186.214.0/23
94.241.168.0-94.241.183.255
178.253.31.0/24
178.253.52.0/23
Signature Algorithm: sha256WithRSAEncryption
31:a4:9a:1a:cd:da:4d:65:82:38:fa:8b:d0:29:0b:ee:f3:bb:
ea:70:50:b3:0a:88:ee:24:12:37:b5:7f:7a:4a:9e:b2:51:00:
50:38:6d:63:29:a8:26:e6:d3:3e:9a:d4:ee:95:a1:82:e8:a7:
e4:13:a1:20:97:06:05:bd:f0:01:61:cb:ef:a3:df:a7:69:ba:
a7:1f:67:da:67:0b:1c:32:cc:22:9e:6e:ee:6f:6b:93:e7:27:
4b:13:2f:de:f2:1c:f4:98:7f:44:f9:c5:ff:9a:82:bb:b2:a6:
36:ea:fe:99:fd:d0:56:ec:9e:84:72:88:93:24:ec:a8:2f:9a:
a9:15:bc:e7:fb:e5:96:05:24:76:1b:b6:75:77:56:a2:96:62:
71:cf:55:4a:1f:a1:68:94:a8:a3:30:f1:be:6e:1d:7f:21:e8:
50:45:aa:4d:57:e6:93:37:d4:23:d1:e5:c4:5b:4c:42:f6:97:
35:2d:85:12:86:41:f6:6e:40:c1:6d:54:0f:63:1e:d9:af:14:
a5:b1:44:49:dc:08:4f:2c:52:92:ba:0e:95:be:8e:8c:44:34:
9e:31:1f:bb:18:2b:82:53:fd:53:07:fb:5d:5c:d9:ac:1d:8f:
61:31:a3:a1:e6:ef:61:00:10:88:83:33:51:4f:a7:9e:40:d3:
d8:88:7e:b5
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYXoC+sDfO1Jln1/uZMpQ7foMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwMTI1MDgyOTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzQ5ODU2NDVhNDdhYTc0NmFhM2RkODg2YzliOTZlMjRlNjZmMjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1buA8VuTn10nxOcAIto5R9pURHKU
ToxdxX9OStI7W4XT2W6a30bfbrwCmo0HIgpTNNuOieivTcRdpkB8Igz55PF/IXRe
JtjvEBBcBCy2K87JabKofArfM3uwkto3nMCP0qoLLqCt+ubuxGMm9A9CDWSZ583m
Sd/65HAWdiuDiVVYx8JJlogXcr7DHG53EsZECrFCTRVxwN3efrt8sGLGOJ5Ic96Y
W5PoIN0qMA0BSkdDjxQp03ZhITClo7DetMYIZTqLH+SE3/vhvlMWGtKw02lC/g7B
UH/DH61PVrNVNqoIDlDz62ml3ZqZtfpPfTRbUuXK8F43XxB2MNcpUkFHwQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFENJhWRaR6p0aqPdiGybluJOZvIKMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvUTBtRlpGcEhxblJxbzkySWJKdVc0azVtOGdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQBU5PYAwQB
U5PeAwQCU5PoAwQCW7rIAwQBW7rWMAwDBANe8agDBANe8bADBACy/R8DBAGy/TQw
DQYJKoZIhvcNAQELBQADggEBADGkmhrN2k1lgjj6i9ApC+7zu+pwULMKiO4kEje1
f3pKnrJRAFA4bWMpqCbm0z6a1O6VoYLop+QToSCXBgW98AFhy++j36dpuqcfZ9pn
CxwyzCKebu5va5PnJ0sTL97yHPSYf0T5xf+agruypjbq/pn90FbsnoRyiJMk7Kgv
mqkVvOf75ZYFJHYbtnV3VqKWYnHPVUofoWiUqKMw8b5uHX8h6FBFqk1X5pM31CPR
5cRbTEL2lzUthRKGQfZuQMFtVA9jHtmvFKWxREncCE8sUpK6DpW+joxENJ4xH7sY
K4JT/VMH+11c2awdj2Exo6Hm72EAEIiDM1FPp55A09iIfrU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:19 2024 by rpki-client on console-ams.rpki-client.org