Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/RIJjICYdlS3y-7Uf-ep5cUFX30Q.roa
File: RIJjICYdlS3y-7Uf-ep5cUFX30Q.roa (raw, json)
Hash identifier: f9mpbXJtpo208UhOcCigDbaX7VBtAoG0t0T+lPxoubE=
Subject key identifier: 44:82:63:20:26:1D:95:2D:F2:FB:B5:1F:F9:EA:79:71:41:57:DF:44
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 019039A1F8F22FCA7A203FC6B570D929FEAD
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/RIJjICYdlS3y-7Uf-ep5cUFX30Q.roa
Signing time: Fri 21 Jun 2024 07:10:34 +0000
ROA not before: Fri 21 Jun 2024 07:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.244.0/22 maxlen: 24
91.186.200.0/22 maxlen: 24
91.186.204.0/22 maxlen: 24
94.241.168.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Jun 2024 09:14:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:39:a1:f8:f2:2f:ca:7a:20:3f:c6:b5:70:d9:29:fe:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jun 21 07:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=44826320261d952df2fbb51ff9ea79714157df44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f7:77:5a:76:87:da:75:9f:8d:60:20:a5:cb:
9c:6c:aa:73:a2:f9:86:6d:f7:ea:6f:f1:53:6b:f1:
7f:5a:3e:dd:c6:2a:0f:45:bb:85:c4:6a:c2:67:dd:
32:53:c0:7d:b3:a2:52:36:fc:b4:f6:2c:fa:2d:13:
6b:2f:bf:c2:4a:15:e9:f7:90:c7:45:cf:a3:3e:10:
4a:96:fc:6e:7a:8e:50:2c:d1:41:c4:0f:88:82:46:
ef:90:a1:c1:fd:91:2b:7d:f7:7c:f4:35:34:0f:61:
76:a2:e5:36:37:09:78:81:0c:67:ff:a0:21:d3:e2:
f8:54:36:dd:91:e4:c9:fb:80:68:67:93:35:df:d6:
9d:90:9c:af:0b:46:4c:21:2e:74:6b:7b:27:21:e9:
61:02:d9:98:e8:bc:e0:0f:63:fe:6a:3e:8e:2f:67:
f9:cb:65:5e:27:39:31:57:81:a2:23:56:dc:de:ff:
2a:bc:f4:79:00:12:a8:53:7a:71:cd:d1:aa:b4:cf:
fa:ee:4e:a9:d7:d1:62:75:9d:e4:f6:d2:de:d9:23:
ef:0e:94:b1:48:76:e4:16:87:67:3b:52:72:d5:0e:
f8:66:c8:bf:17:c2:84:c2:6f:41:d3:64:40:0e:d1:
70:2a:3c:ea:ed:dd:8d:13:58:d6:78:3f:14:43:d6:
ff:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:82:63:20:26:1D:95:2D:F2:FB:B5:1F:F9:EA:79:71:41:57:DF:44
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/RIJjICYdlS3y-7Uf-ep5cUFX30Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.244.0/22
91.186.200.0/21
94.241.168.0/21
Signature Algorithm: sha256WithRSAEncryption
10:bb:bd:2b:8d:a6:e3:12:7f:7e:17:38:19:d7:13:b9:fa:0d:
46:4a:44:25:b7:30:b2:06:5e:ae:84:32:17:24:51:9a:4a:b0:
4e:32:1e:93:be:2a:aa:db:62:d0:72:68:16:01:a4:46:e6:7a:
e5:94:c9:df:ff:6e:97:fe:55:6f:de:99:21:33:5b:ea:fb:ba:
ba:9d:7c:36:01:44:79:5f:83:16:44:ad:aa:d2:cc:c8:27:b6:
d4:5c:72:b5:3b:c5:93:dd:f8:3c:6e:cd:e2:27:60:98:04:92:
40:f8:38:21:cb:f9:c5:e6:11:2f:21:bd:ff:c1:4f:24:e9:c3:
34:41:c1:38:ec:eb:97:f8:fd:67:c6:a2:d7:ac:1d:67:a8:43:
c3:60:42:21:9c:14:78:b5:16:0d:be:63:c5:90:64:9f:4f:e3:
c2:2c:87:c9:c7:37:08:55:55:00:e9:c1:53:db:ef:34:e0:e1:
cf:44:ed:a8:b7:39:0f:5c:39:df:3a:0f:cc:8e:6c:9b:a4:d1:
58:74:70:d7:df:d6:35:55:18:91:d6:59:0b:11:9b:f2:0e:98:
a3:6f:a8:9a:76:8a:fb:b7:d0:2e:21:39:fa:c9:db:00:34:c4:
ef:ba:d9:6a:bc:54:ab:e4:30:ab:58:bf:fa:c9:30:a2:53:79:
83:97:f4:e5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZA5ofjyL8p6ID/GtXDZKf6tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwNjIxMDcxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDgyNjMyMDI2MWQ5NTJkZjJmYmI1MWZmOWVhNzk3MTQxNTdkZjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfd3WnaH2nWfjWAgpcucbKpzovmG
bffqb/FTa/F/Wj7dxioPRbuFxGrCZ90yU8B9s6JSNvy09iz6LRNrL7/CShXp95DH
Rc+jPhBKlvxueo5QLNFBxA+IgkbvkKHB/ZErffd89DU0D2F2ouU2Nwl4gQxn/6Ah
0+L4VDbdkeTJ+4BoZ5M139adkJyvC0ZMIS50a3snIelhAtmY6LzgD2P+aj6OL2f5
y2VeJzkxV4GiI1bc3v8qvPR5ABKoU3pxzdGqtM/67k6p19FidZ3k9tLe2SPvDpSx
SHbkFodnO1Jy1Q74Zsi/F8KEwm9B02RADtFwKjzq7d2NE1jWeD8UQ9b/iQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFESCYyAmHZUt8vu1H/nqeXFBV99EMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvUklKaklDWWRsUzN5LTdVZi1lcDVjVUZYMzBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCU5P0AwQD
W7rIAwQDXvGoMA0GCSqGSIb3DQEBCwUAA4IBAQAQu70rjabjEn9+FzgZ1xO5+g1G
SkQltzCyBl6uhDIXJFGaSrBOMh6Tviqq22LQcmgWAaRG5nrllMnf/26X/lVv3pkh
M1vq+7q6nXw2AUR5X4MWRK2q0szIJ7bUXHK1O8WT3fg8bs3iJ2CYBJJA+Dghy/nF
5hEvIb3/wU8k6cM0QcE47OuX+P1nxqLXrB1nqEPDYEIhnBR4tRYNvmPFkGSfT+PC
LIfJxzcIVVUA6cFT2+804OHPRO2otzkPXDnfOg/MjmybpNFYdHDX39Y1VRiR1lkL
EZvyDpijb6iador7t9AuITn6ydsANMTvutlqvFSr5DCrWL/6yTCiU3mDl/Tl
-----END CERTIFICATE-----
Generated at Tue Jun 25 12:08:07 2024 by rpki-client on console-fra.rpki-client.org