Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/UwNmm0IR2m-sQPwHwGqokuVZZAk.roa
File: UwNmm0IR2m-sQPwHwGqokuVZZAk.roa (raw, json)
Hash identifier: L9CntA6vkFJMWRsKPAq0U/uxM8v7UD2yMvlspRzbDeE=
Subject key identifier: 53:03:66:9B:42:11:DA:6F:AC:40:FC:07:C0:6A:A8:92:E5:59:64:09
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 0189E3C7F04D02E2363BABC7C17AA1623B12
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/UwNmm0IR2m-sQPwHwGqokuVZZAk.roa
Signing time: Fri 11 Aug 2023 08:47:58 +0000
ROA not before: Fri 11 Aug 2023 08:47:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.186.208.0/22 maxlen: 24
91.186.216.0/22 maxlen: 24
94.241.168.0/21 maxlen: 24
178.253.22.0/23 maxlen: 24
178.253.32.0/24 maxlen: 24
83.147.244.0/22 maxlen: 24
83.147.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Aug 2023 21:16:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e3:c7:f0:4d:02:e2:36:3b:ab:c7:c1:7a:a1:62:3b:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Aug 11 08:47:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5303669b4211da6fac40fc07c06aa892e5596409
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:a7:33:fe:4d:13:a4:2f:08:99:1c:35:91:ef:
7c:9d:55:34:20:64:d2:c3:47:81:a3:fc:83:d2:37:
5a:83:48:f6:01:ff:67:0b:30:d6:0d:e1:70:c7:7a:
a5:77:f3:38:a4:9e:3b:18:7e:35:ac:dd:7f:73:7e:
7c:67:b4:51:25:aa:f5:a5:48:4b:50:aa:4f:fc:6c:
20:65:e0:e7:66:c0:6a:6c:5a:ed:ce:12:1e:05:76:
44:e0:c2:ce:9b:69:a9:a3:22:6b:f3:91:67:05:8b:
aa:8e:54:6c:da:99:9f:88:9f:8e:26:9c:1a:24:a2:
f7:aa:69:2d:52:26:2e:33:49:ae:62:21:25:0f:02:
11:a4:28:c2:f0:44:45:a2:34:f7:93:0e:b7:82:4a:
26:df:2c:52:46:4b:16:dd:e4:76:2e:97:00:72:d4:
f1:40:8c:5d:be:e5:a7:30:c3:6e:93:99:fe:b2:df:
b8:b1:9b:75:e9:ba:27:f3:07:3c:30:4b:a2:bf:eb:
ab:22:65:93:42:e2:e7:48:98:b3:c4:3e:9a:71:e2:
1e:80:9d:50:d7:3d:37:7f:fc:c4:13:d2:87:c7:b1:
85:30:e2:83:72:bb:9c:61:5e:f3:85:db:4d:24:70:
86:fe:c9:db:81:9a:99:4d:d8:68:75:4c:31:35:3f:
c7:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:03:66:9B:42:11:DA:6F:AC:40:FC:07:C0:6A:A8:92:E5:59:64:09
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/UwNmm0IR2m-sQPwHwGqokuVZZAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.244.0/22
83.147.252.0/22
91.186.208.0/22
91.186.216.0/22
94.241.168.0/21
178.253.22.0/23
178.253.32.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:24:ab:1a:69:80:f1:b0:49:b4:f1:f1:59:bf:23:bf:75:11:
8b:f4:34:9a:6f:cb:81:51:ff:d4:19:f1:b8:a7:a0:f6:09:75:
9d:03:0f:7b:65:45:93:8f:d9:61:ff:00:a4:3a:d4:d3:77:27:
f4:7d:76:69:5e:30:16:06:cf:af:af:9c:6d:37:e7:b9:e5:a8:
10:46:cc:87:46:72:fd:dc:17:e3:bf:66:46:6a:1d:62:d1:18:
82:ab:ff:6f:28:4e:87:73:a9:18:75:0e:9b:3a:3f:a9:7a:8a:
54:22:8b:fb:56:78:c7:34:69:e7:c7:59:42:11:ce:0b:49:46:
1a:a6:ea:2d:62:d4:47:3b:0c:49:30:a0:b3:37:6d:fa:58:44:
4a:34:26:1e:6d:14:34:ee:82:75:d3:67:0b:aa:d7:7d:b0:24:
4b:77:4d:b7:bd:20:f8:d1:5f:5d:59:69:dd:b0:4c:40:52:25:
19:69:a1:bb:4e:c2:3d:f9:f0:49:47:ed:37:8d:ac:d0:81:9b:
a2:85:5c:35:bf:bd:af:c2:3f:6c:43:dc:5b:a9:41:45:1b:01:
7a:8b:b7:77:85:46:11:b8:29:2b:20:b2:5e:e3:6c:c6:54:c9:
61:2b:41:e7:ca:3a:2c:75:16:62:7d:77:51:14:ec:79:79:a0:
77:a0:36:10
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYnjx/BNAuI2O6vHwXqhYjsSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwODExMDg0NzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzAzNjY5YjQyMTFkYTZmYWM0MGZjMDdjMDZhYTg5MmU1NTk2NDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6cz/k0TpC8ImRw1ke98nVU0IGTS
w0eBo/yD0jdag0j2Af9nCzDWDeFwx3qld/M4pJ47GH41rN1/c358Z7RRJar1pUhL
UKpP/GwgZeDnZsBqbFrtzhIeBXZE4MLOm2mpoyJr85FnBYuqjlRs2pmfiJ+OJpwa
JKL3qmktUiYuM0muYiElDwIRpCjC8ERFojT3kw63gkom3yxSRksW3eR2LpcActTx
QIxdvuWnMMNuk5n+st+4sZt16bon8wc8MEuiv+urImWTQuLnSJizxD6aceIegJ1Q
1z03f/zEE9KHx7GFMOKDcrucYV7zhdtNJHCG/snbgZqZTdhodUwxNT/HEQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFFMDZptCEdpvrED8B8BqqJLlWWQJMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvVXdObW0wSVIybS1zUVB3SHdHcW9rdVZaWkFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCU5P0AwQC
U5P8AwQCW7rQAwQCW7rYAwQDXvGoAwQBsv0WAwQAsv0gMA0GCSqGSIb3DQEBCwUA
A4IBAQA8JKsaaYDxsEm08fFZvyO/dRGL9DSab8uBUf/UGfG4p6D2CXWdAw97ZUWT
j9lh/wCkOtTTdyf0fXZpXjAWBs+vr5xtN+e55agQRsyHRnL93Bfjv2ZGah1i0RiC
q/9vKE6Hc6kYdQ6bOj+peopUIov7VnjHNGnnx1lCEc4LSUYapuotYtRHOwxJMKCz
N236WERKNCYebRQ07oJ102cLqtd9sCRLd023vSD40V9dWWndsExAUiUZaaG7TsI9
+fBJR+03jazQgZuihVw1v72vwj9sQ9xbqUFFGwF6i7d3hUYRuCkrILJe42zGVMlh
K0HnyjosdRZifXdRFOx5eaB3oDYQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:19 2024 by rpki-client on console-ams.rpki-client.org