Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/U1IRdgG5nyQ4Vms3ggm7sTc6FCQ.roa
File: U1IRdgG5nyQ4Vms3ggm7sTc6FCQ.roa (raw, json)
Hash identifier: edl1QXZEAoEGJHfF9tFliWXcmEbq59qmDynN4YXi8yo=
Subject key identifier: 53:52:11:76:01:B9:9F:24:38:56:6B:37:82:09:BB:B1:37:3A:14:24
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 0189D0B56F984D122F6E36B5B65FDAD586DD
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/U1IRdgG5nyQ4Vms3ggm7sTc6FCQ.roa
Signing time: Mon 07 Aug 2023 15:54:58 +0000
ROA not before: Mon 07 Aug 2023 15:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.186.216.0/22 maxlen: 24
94.241.168.0/21 maxlen: 24
178.253.22.0/23 maxlen: 24
178.253.32.0/24 maxlen: 24
83.147.244.0/22 maxlen: 24
83.147.252.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d0:b5:6f:98:4d:12:2f:6e:36:b5:b6:5f:da:d5:86:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Aug 7 15:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5352117601b99f2438566b378209bbb1373a1424
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c3:e5:cc:2a:91:a3:bd:e3:87:d7:b3:c5:04:
ac:29:48:aa:98:4c:23:31:63:03:8b:52:ca:d4:a3:
8d:af:bd:79:88:80:07:d0:ac:df:db:fd:5a:b7:e5:
b5:4f:f6:67:76:b5:c4:16:89:0b:66:bd:13:8d:44:
32:a7:b3:e8:6f:e1:d1:85:d3:d6:b4:9d:4e:3b:cf:
d2:47:47:0a:7c:d0:04:ef:23:f8:6c:91:e3:82:cf:
7e:5a:70:77:5a:0a:7a:2f:e0:59:69:00:24:f0:3d:
0c:32:44:4c:6d:4e:81:c3:78:0d:0e:ff:40:3f:7e:
89:c9:02:16:8f:57:7c:7c:c8:f7:a2:8e:b7:ca:27:
ac:4f:3b:cf:4a:74:af:98:8d:91:f4:8c:61:a6:bc:
8b:92:68:1a:85:5a:db:e4:ff:fc:7b:6b:6c:1e:2b:
6e:ec:ec:21:6a:cd:5c:ca:1d:fd:91:9b:20:6c:f8:
ce:d6:6f:96:04:e2:d3:bc:5a:00:55:fe:55:67:94:
f4:62:85:fe:41:67:9d:18:85:d5:2c:09:08:66:9b:
80:7b:05:b2:68:65:8c:a0:f3:01:34:96:52:84:f6:
26:87:b8:80:cd:6b:66:6e:f7:c0:9b:64:23:91:f2:
78:bb:9a:0c:62:f1:7d:44:fd:d4:b2:ac:76:c6:c9:
24:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:52:11:76:01:B9:9F:24:38:56:6B:37:82:09:BB:B1:37:3A:14:24
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/U1IRdgG5nyQ4Vms3ggm7sTc6FCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.244.0/22
83.147.252.0/22
91.186.216.0/22
94.241.168.0/21
178.253.22.0/23
178.253.32.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:75:e0:d0:2e:b8:a8:3e:9e:0a:a1:89:7a:c9:ca:56:b9:0f:
b3:07:c0:dd:fb:60:f3:32:33:cf:8e:db:d5:a3:62:d3:cc:1d:
0a:c4:64:75:e9:4e:21:e7:f6:b3:a9:94:5e:e3:fd:d9:20:ab:
72:a9:bb:bb:24:4c:43:06:5a:61:2f:50:9e:0f:ac:6f:04:d1:
14:50:95:d5:e1:21:50:1b:93:27:a1:9b:84:4c:12:eb:1c:32:
17:63:a0:e5:9d:8a:91:a3:e1:31:21:7f:2e:59:ea:d0:30:07:
4c:0d:40:d2:af:55:b2:97:f7:76:5a:81:47:ed:23:a6:3f:12:
7d:76:0a:cf:ff:a5:03:40:a5:2a:2f:25:cb:35:81:71:71:fd:
98:a5:d7:db:4a:1a:40:55:6e:c3:36:f1:a9:8c:c3:c7:24:df:
27:30:3c:6b:f2:3d:02:0e:75:3c:2f:07:77:12:17:23:f9:b2:
e8:70:02:c3:ac:7e:e3:fe:5f:eb:f8:db:4b:cd:91:30:f0:63:
80:8f:29:66:18:0f:dc:78:b1:be:80:f5:a0:22:7d:3a:60:7b:
dd:63:6c:40:70:3c:23:a4:16:c6:7b:00:d1:56:24:30:e6:f5:
84:71:c8:62:ac:85:8a:b2:ea:3d:65:2c:da:bb:db:a7:0b:68:
11:0e:ef:08
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYnQtW+YTRIvbja1tl/a1YbdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwODA3MTU1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzUyMTE3NjAxYjk5ZjI0Mzg1NjZiMzc4MjA5YmJiMTM3M2ExNDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMPlzCqRo73jh9ezxQSsKUiqmEwj
MWMDi1LK1KONr715iIAH0Kzf2/1at+W1T/ZndrXEFokLZr0TjUQyp7Pob+HRhdPW
tJ1OO8/SR0cKfNAE7yP4bJHjgs9+WnB3Wgp6L+BZaQAk8D0MMkRMbU6Bw3gNDv9A
P36JyQIWj1d8fMj3oo63yiesTzvPSnSvmI2R9IxhpryLkmgahVrb5P/8e2tsHitu
7Owhas1cyh39kZsgbPjO1m+WBOLTvFoAVf5VZ5T0YoX+QWedGIXVLAkIZpuAewWy
aGWMoPMBNJZShPYmh7iAzWtmbvfAm2QjkfJ4u5oMYvF9RP3Usqx2xskk8wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFNSEXYBuZ8kOFZrN4IJu7E3OhQkMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvVTFJUmRnRzVueVE0Vm1zM2dnbTdzVGM2RkNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCU5P0AwQC
U5P8AwQCW7rYAwQDXvGoAwQBsv0WAwQAsv0gMA0GCSqGSIb3DQEBCwUAA4IBAQCb
deDQLrioPp4KoYl6ycpWuQ+zB8Dd+2DzMjPPjtvVo2LTzB0KxGR16U4h5/azqZRe
4/3ZIKtyqbu7JExDBlphL1CeD6xvBNEUUJXV4SFQG5MnoZuETBLrHDIXY6DlnYqR
o+ExIX8uWerQMAdMDUDSr1Wyl/d2WoFH7SOmPxJ9dgrP/6UDQKUqLyXLNYFxcf2Y
pdfbShpAVW7DNvGpjMPHJN8nMDxr8j0CDnU8Lwd3Ehcj+bLocALDrH7j/l/r+NtL
zZEw8GOAjylmGA/ceLG+gPWgIn06YHvdY2xAcDwjpBbGewDRViQw5vWEcchirIWK
suo9ZSzau9unC2gRDu8I
-----END CERTIFICATE-----
Generated at Fri Aug 11 09:15:39 2023 by rpki-client on console-fra.rpki-client.org