Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/SV-bHKfDR5eNe2Z3QyKo3plxtPk.roa
File: SV-bHKfDR5eNe2Z3QyKo3plxtPk.roa (raw, json)
Hash identifier: X9oZJeQM7m7rQ+kR6/vhH99CxGS7qLREhKVLigninCc=
Subject key identifier: 49:5F:9B:1C:A7:C3:47:97:8D:7B:66:77:43:22:A8:DE:99:71:B4:F9
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 0188BF7A504B6CA740C01EA569F72B48F477
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/SV-bHKfDR5eNe2Z3QyKo3plxtPk.roa
Signing time: Thu 15 Jun 2023 14:34:04 +0000
ROA not before: Thu 15 Jun 2023 14:34:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 91.186.200.0/22 maxlen: 24
91.186.214.0/23 maxlen: 24
178.253.12.0/23 maxlen: 24
83.147.216.0/23 maxlen: 24
178.253.31.0/24 maxlen: 24
83.147.217.0/24 maxlen: 24
83.147.222.0/24 maxlen: 24
83.147.232.0/22 maxlen: 24
178.253.52.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:bf:7a:50:4b:6c:a7:40:c0:1e:a5:69:f7:2b:48:f4:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jun 15 14:34:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=495f9b1ca7c347978d7b66774322a8de9971b4f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:58:d1:c8:e2:ce:11:30:96:bd:b4:8a:75:74:
25:03:d0:2e:b0:2e:8e:2a:79:23:de:61:9f:b5:80:
c7:7c:96:98:df:27:1e:74:e9:72:7b:8f:19:a5:b9:
dc:41:4f:d9:00:a0:7d:02:18:14:9c:1c:58:1e:68:
39:54:84:51:7f:86:66:53:15:0d:72:a2:02:53:d2:
b1:ff:ef:ef:e3:05:b5:ba:47:14:79:80:f0:78:d6:
42:86:bb:38:7f:b5:95:9d:a1:ef:a0:ca:f1:aa:f0:
8c:a1:37:e7:28:8d:4d:6d:2d:f5:10:54:2f:9b:88:
16:02:c7:84:a3:c1:4d:5d:59:7b:5b:8b:5e:1e:56:
86:a6:cf:f1:4c:1f:5c:af:51:85:c4:04:4c:cd:f1:
f0:63:ef:4a:c7:58:d6:ae:b6:a9:4c:a1:d3:7a:7b:
61:fd:cf:ae:58:7a:39:0c:b5:aa:b4:01:dc:d6:d1:
48:cc:63:87:a0:18:c8:80:c4:d8:98:a1:f2:18:fa:
79:23:7f:05:47:20:f2:ec:bd:a5:64:29:9e:23:eb:
39:53:65:50:90:e3:c9:da:89:b5:e0:64:94:a1:99:
6a:69:51:09:f9:99:b2:85:a7:78:96:82:6b:71:e6:
87:71:c7:94:39:77:64:4f:47:96:af:ba:77:0a:38:
7f:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:5F:9B:1C:A7:C3:47:97:8D:7B:66:77:43:22:A8:DE:99:71:B4:F9
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/SV-bHKfDR5eNe2Z3QyKo3plxtPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.216.0/23
83.147.222.0/24
83.147.232.0/22
91.186.200.0/22
91.186.214.0/23
178.253.12.0/23
178.253.31.0/24
178.253.52.0/23
Signature Algorithm: sha256WithRSAEncryption
06:2d:9a:4b:e7:11:66:66:ff:c4:de:66:c7:3d:ec:cb:d1:9d:
b6:7a:93:8f:74:08:f9:ec:b4:d9:57:80:cd:07:17:62:19:a3:
b1:c4:15:f0:9e:f9:11:d4:aa:dd:4f:9c:33:f2:99:3e:6a:95:
34:bc:a3:d5:6c:98:40:49:9a:8e:e5:53:44:89:56:26:8d:7a:
31:6d:5d:f9:a8:cf:10:5f:d5:b5:4b:15:18:ea:15:ff:dc:a7:
36:b6:4e:1a:71:c7:04:eb:e6:dd:04:f9:49:2c:1e:5b:83:37:
0f:86:b1:32:2f:18:e6:9d:f4:01:0c:26:7d:ad:81:8c:af:5b:
7a:4f:3b:76:71:47:2c:75:38:df:f9:cb:ed:d3:53:7a:71:61:
c9:9f:65:bc:37:11:fb:6a:8f:b7:e7:95:d8:d0:21:24:d9:5e:
e3:cf:d2:68:ac:12:4c:0a:28:50:2f:ca:66:8d:86:e6:d4:bd:
ca:fb:d2:d1:5e:9a:25:7e:19:42:f1:9c:c8:5e:53:fc:e8:59:
78:86:91:3c:c8:89:6b:22:69:f2:7e:9f:94:4d:02:01:fb:12:
fb:85:2b:43:54:3d:7f:f0:f5:c4:c6:d0:8a:04:40:40:b5:e0:
08:a8:b0:98:d6:0f:5a:55:a6:61:ba:f7:6c:37:3e:5b:a4:c5:
07:7c:66:7c
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYi/elBLbKdAwB6lafcrSPR3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwNjE1MTQzNDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTVmOWIxY2E3YzM0Nzk3OGQ3YjY2Nzc0MzIyYThkZTk5NzFiNGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ljRyOLOETCWvbSKdXQlA9AusC6O
Knkj3mGftYDHfJaY3ycedOlye48ZpbncQU/ZAKB9AhgUnBxYHmg5VIRRf4ZmUxUN
cqICU9Kx/+/v4wW1ukcUeYDweNZChrs4f7WVnaHvoMrxqvCMoTfnKI1NbS31EFQv
m4gWAseEo8FNXVl7W4teHlaGps/xTB9cr1GFxARMzfHwY+9Kx1jWrrapTKHTenth
/c+uWHo5DLWqtAHc1tFIzGOHoBjIgMTYmKHyGPp5I38FRyDy7L2lZCmeI+s5U2VQ
kOPJ2om14GSUoZlqaVEJ+Zmyhad4loJrceaHcceUOXdkT0eWr7p3Cjh/PwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFElfmxynw0eXjXtmd0MiqN6ZcbT5MB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvU1YtYkhLZkRSNWVOZTJaM1F5S28zcGx4dFBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBU5PYAwQA
U5PeAwQCU5PoAwQCW7rIAwQBW7rWAwQBsv0MAwQAsv0fAwQBsv00MA0GCSqGSIb3
DQEBCwUAA4IBAQAGLZpL5xFmZv/E3mbHPezL0Z22epOPdAj57LTZV4DNBxdiGaOx
xBXwnvkR1KrdT5wz8pk+apU0vKPVbJhASZqO5VNEiVYmjXoxbV35qM8QX9W1SxUY
6hX/3Kc2tk4acccE6+bdBPlJLB5bgzcPhrEyLxjmnfQBDCZ9rYGMr1t6Tzt2cUcs
dTjf+cvt01N6cWHJn2W8NxH7ao+355XY0CEk2V7jz9JorBJMCihQL8pmjYbm1L3K
+9LRXpolfhlC8ZzIXlP86Fl4hpE8yIlrImnyfp+UTQIB+xL7hStDVD1/8PXExtCK
BEBAteAIqLCY1g9aVaZhuvdsNz5bpMUHfGZ8
-----END CERTIFICATE-----
Generated at Thu Oct 12 11:53:50 2023 by rpki-client on console-fra.rpki-client.org