Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/SpSJ6GjvFfhmfbwwtPLr7g7_ZGA.roa
File: SpSJ6GjvFfhmfbwwtPLr7g7_ZGA.roa (raw, json)
Hash identifier: Yg7cYIFmnsasdu4kTnFHnS2rUGIreLKVtEa9FGP9o48=
Subject key identifier: 4A:94:89:E8:68:EF:15:F8:66:7D:BC:30:B4:F2:EB:EE:0E:FF:64:60
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 01893014686667EC02E5EBDCEEA30AC50E16
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/SpSJ6GjvFfhmfbwwtPLr7g7_ZGA.roa
Signing time: Fri 07 Jul 2023 11:19:51 +0000
ROA not before: Fri 07 Jul 2023 11:19:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.186.216.0/22 maxlen: 24
94.241.168.0/21 maxlen: 24
178.253.40.0/22 maxlen: 24
83.147.240.0/22 maxlen: 24
83.147.244.0/22 maxlen: 24
83.147.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Jul 2023 10:40:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:30:14:68:66:67:ec:02:e5:eb:dc:ee:a3:0a:c5:0e:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jul 7 11:19:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a9489e868ef15f8667dbc30b4f2ebee0eff6460
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:97:f6:e2:e5:fa:cf:45:4d:5a:f9:4c:0e:55:
39:00:30:ac:a5:dd:df:d0:35:9e:61:dd:3e:6a:3c:
26:17:72:7c:49:79:4b:44:ff:b6:d1:03:41:b5:13:
a0:fb:76:e4:a0:40:c4:d9:1f:54:59:41:b7:c1:91:
12:6f:46:d9:84:5b:b6:b3:43:14:44:02:87:c9:c7:
fc:e7:ce:1c:17:11:1f:22:2d:71:01:40:62:0e:a9:
b6:df:8e:b6:ab:f1:c6:9a:98:d1:40:a4:e2:93:a3:
35:52:5f:8c:a8:d2:62:4f:88:e2:11:78:07:78:0c:
5a:6a:23:a5:56:ea:e3:81:7a:c2:58:b3:b2:76:57:
45:2a:37:2c:f1:a1:5c:75:7f:45:78:c7:86:8d:28:
98:08:f4:ed:8c:eb:c2:9a:89:42:65:f8:08:78:58:
ae:12:de:e2:00:24:47:f3:7b:f4:b3:e8:0b:b3:3f:
63:b4:92:db:1e:b7:50:41:fc:f5:9c:c6:ab:d7:d3:
c2:ba:af:d7:18:e9:73:ee:82:4f:77:d4:57:e2:74:
1b:7b:8e:ad:f3:41:16:41:60:b4:b7:15:72:3f:c6:
68:2f:11:51:30:13:27:d7:82:49:23:ca:ee:f4:0e:
73:d3:13:3b:e2:dc:c0:c1:e2:bb:70:27:c8:0b:6e:
6b:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:94:89:E8:68:EF:15:F8:66:7D:BC:30:B4:F2:EB:EE:0E:FF:64:60
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/SpSJ6GjvFfhmfbwwtPLr7g7_ZGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.240.0/21
83.147.252.0/22
91.186.216.0/22
94.241.168.0/21
178.253.40.0/22
Signature Algorithm: sha256WithRSAEncryption
90:f4:7c:28:6a:fd:69:3b:e1:c8:a1:ec:a1:c6:45:3c:ec:b3:
9e:54:73:2b:cc:b5:91:76:f5:20:a4:ce:22:ae:81:c9:3e:26:
c8:6d:c2:4f:b4:b2:48:d1:da:1b:38:68:6b:a0:1c:bb:a0:56:
37:12:10:38:c1:ae:55:9e:e0:5b:55:6c:c0:b6:53:94:52:6d:
57:99:56:6a:c2:0c:a3:de:87:4f:d7:51:50:cd:b6:c8:f8:b8:
24:c5:d1:b3:c4:61:dd:0c:23:5e:50:c0:16:61:6e:49:13:6d:
d4:df:15:84:49:62:52:72:49:ff:07:af:bd:9a:e8:cc:3f:10:
a7:f4:5a:21:71:be:d0:60:f6:4a:aa:1c:fa:ac:56:71:e3:09:
37:32:3b:27:d7:55:83:34:c9:a4:89:0b:f2:9d:77:38:7c:38:
b6:17:90:7c:9e:bc:b4:c3:91:0e:c6:d6:d3:a7:a3:b3:fb:47:
2b:b3:36:7c:34:7a:8f:28:d7:44:8d:6a:77:f8:94:d2:d2:a6:
26:2d:bc:ac:e8:99:12:1b:5d:48:ac:fc:38:bc:5d:98:a7:83:
74:dd:3a:d1:65:73:a0:56:2f:27:ad:b7:ad:18:6c:b1:f1:29:
d5:fd:5a:66:d3:c2:f6:37:fc:fc:e2:94:06:e9:e0:ea:c9:71:
e2:d7:e0:cf
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYkwFGhmZ+wC5evc7qMKxQ4WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwNzA3MTExOTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTk0ODllODY4ZWYxNWY4NjY3ZGJjMzBiNGYyZWJlZTBlZmY2NDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpf24uX6z0VNWvlMDlU5ADCspd3f
0DWeYd0+ajwmF3J8SXlLRP+20QNBtROg+3bkoEDE2R9UWUG3wZESb0bZhFu2s0MU
RAKHycf8584cFxEfIi1xAUBiDqm23462q/HGmpjRQKTik6M1Ul+MqNJiT4jiEXgH
eAxaaiOlVurjgXrCWLOydldFKjcs8aFcdX9FeMeGjSiYCPTtjOvCmolCZfgIeFiu
Et7iACRH83v0s+gLsz9jtJLbHrdQQfz1nMar19PCuq/XGOlz7oJPd9RX4nQbe46t
80EWQWC0txVyP8ZoLxFRMBMn14JJI8ru9A5z0xM74tzAweK7cCfIC25r7wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEqUieho7xX4Zn28MLTy6+4O/2RgMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvU3BTSjZHanZGZmhtZmJ3d3RQTHI3ZzdfWkdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDU5PwAwQC
U5P8AwQCW7rYAwQDXvGoAwQCsv0oMA0GCSqGSIb3DQEBCwUAA4IBAQCQ9Hwoav1p
O+HIoeyhxkU87LOeVHMrzLWRdvUgpM4iroHJPibIbcJPtLJI0dobOGhroBy7oFY3
EhA4wa5VnuBbVWzAtlOUUm1XmVZqwgyj3odP11FQzbbI+LgkxdGzxGHdDCNeUMAW
YW5JE23U3xWESWJSckn/B6+9mujMPxCn9Fohcb7QYPZKqhz6rFZx4wk3Mjsn11WD
NMmkiQvynXc4fDi2F5B8nry0w5EOxtbTp6Oz+0crszZ8NHqPKNdEjWp3+JTS0qYm
Lbys6JkSG11IrPw4vF2Yp4N03TrRZXOgVi8nrbetGGyx8SnV/Vpm08L2N/z84pQG
6eDqyXHi1+DP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:19 2024 by rpki-client on console-ams.rpki-client.org