Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/XyHFbLHQ4JCwpMkqnnWlyENsLhE.roa
File: XyHFbLHQ4JCwpMkqnnWlyENsLhE.roa (raw, json)
Hash identifier: 7k2yv+P+hDYu1TF95SxKhJCmplPGd4McjGBFMsuCSbM=
Subject key identifier: 5F:21:C5:6C:B1:D0:E0:90:B0:A4:C9:2A:9E:75:A5:C8:43:6C:2E:11
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 0190022EB8C0C97710D049D6C37F8C7EAFF7
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/XyHFbLHQ4JCwpMkqnnWlyENsLhE.roa
Signing time: Mon 10 Jun 2024 12:45:34 +0000
ROA not before: Mon 10 Jun 2024 12:45:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5065
IP address blocks: 83.147.223.0/24 maxlen: 24
83.147.252.0/22 maxlen: 22
94.241.136.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Jun 2024 15:39:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:02:2e:b8:c0:c9:77:10:d0:49:d6:c3:7f:8c:7e:af:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jun 10 12:45:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f21c56cb1d0e090b0a4c92a9e75a5c8436c2e11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:2e:29:45:37:de:c6:98:98:f0:d0:66:b8:84:
be:da:55:ac:b6:6f:ee:7a:c3:54:80:d9:88:76:c6:
68:fc:9e:38:8e:d4:e9:c1:fc:df:56:83:3f:57:58:
56:e2:94:4c:9d:9b:4b:5d:66:83:bf:59:74:9d:a8:
a9:34:3c:e1:c9:ba:b2:8c:49:55:e6:1f:d9:0f:b4:
cd:98:55:d8:72:44:94:18:33:10:91:7d:9a:86:e3:
47:4f:05:f9:d4:17:50:74:02:37:10:05:5c:95:5a:
63:76:cf:c6:ee:55:0c:34:8e:aa:b3:45:3b:af:fb:
2b:91:6d:89:56:42:f3:88:d4:37:41:6b:a4:45:6a:
c0:50:53:1f:79:6d:c6:83:9a:77:99:c7:10:43:de:
7b:f8:0d:03:23:5f:a5:25:3e:f8:a6:30:3b:40:67:
84:a4:05:ba:ce:ed:06:36:be:65:d1:4e:06:22:11:
a8:6c:a4:e2:fe:66:38:5b:e7:86:f8:f1:b2:e5:d9:
98:f0:54:af:9c:53:78:28:d8:94:4a:b7:30:5b:fb:
3f:fa:d2:4e:08:f4:2e:cc:39:ef:15:c8:24:12:e1:
c1:4a:82:79:8b:ec:47:89:01:ae:d7:aa:cf:b5:c7:
bc:6a:09:9a:91:5d:8f:f6:71:8f:74:79:ee:c5:77:
59:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:21:C5:6C:B1:D0:E0:90:B0:A4:C9:2A:9E:75:A5:C8:43:6C:2E:11
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/XyHFbLHQ4JCwpMkqnnWlyENsLhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.223.0/24
83.147.252.0/22
94.241.136.0/23
Signature Algorithm: sha256WithRSAEncryption
19:db:84:29:a7:c6:aa:7c:bb:61:d7:59:14:91:f3:dc:95:22:
29:ba:40:56:75:a1:d0:e1:af:a5:23:54:ce:8d:a3:c9:6d:1a:
78:1b:0c:60:53:07:3b:a5:11:d1:3c:07:85:9b:57:5b:b9:95:
3a:83:75:48:14:b1:13:91:90:4e:2c:78:26:ca:93:60:43:5d:
e8:3c:11:5d:08:08:80:69:99:71:eb:9b:18:73:97:5a:fe:6d:
65:0f:a9:aa:90:93:f8:f5:f4:9f:83:d0:0c:8c:c3:75:5b:4e:
6a:dd:86:df:6b:4d:92:05:8c:c9:36:62:97:21:25:f3:99:ef:
89:71:5a:d3:01:44:fc:a0:d1:e9:b5:de:3f:03:0c:15:5d:77:
1c:0e:97:4d:42:ad:9e:e6:d5:88:f2:00:b0:f1:c5:79:9d:61:
71:98:c6:34:90:10:61:b7:e0:9e:26:4b:7b:64:59:28:53:13:
e3:03:4a:69:e6:21:08:23:d2:29:90:80:ab:73:c6:6f:2c:42:
b1:1e:5c:d4:f5:ad:a4:81:35:5d:ec:58:10:db:9a:1d:02:04:
16:d8:0e:5f:b4:57:6a:0a:c5:b8:6c:99:b1:3c:2c:f2:54:8a:
5e:89:27:f9:20:d4:22:ab:7c:e0:40:4c:37:9b:cc:f3:f0:c8:
4c:d9:f0:23
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZACLrjAyXcQ0EnWw3+Mfq/3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwNjEwMTI0NTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjIxYzU2Y2IxZDBlMDkwYjBhNGM5MmE5ZTc1YTVjODQzNmMyZTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5C4pRTfexpiY8NBmuIS+2lWstm/u
esNUgNmIdsZo/J44jtTpwfzfVoM/V1hW4pRMnZtLXWaDv1l0naipNDzhybqyjElV
5h/ZD7TNmFXYckSUGDMQkX2ahuNHTwX51BdQdAI3EAVclVpjds/G7lUMNI6qs0U7
r/srkW2JVkLziNQ3QWukRWrAUFMfeW3Gg5p3mccQQ957+A0DI1+lJT74pjA7QGeE
pAW6zu0GNr5l0U4GIhGobKTi/mY4W+eG+PGy5dmY8FSvnFN4KNiUSrcwW/s/+tJO
CPQuzDnvFcgkEuHBSoJ5i+xHiQGu16rPtce8agmakV2P9nGPdHnuxXdZfwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF8hxWyx0OCQsKTJKp51pchDbC4RMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvWHlIRmJMSFE0SkN3cE1rcW5uV2x5RU5zTGhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAU5PfAwQC
U5P8AwQBXvGIMA0GCSqGSIb3DQEBCwUAA4IBAQAZ24Qpp8aqfLth11kUkfPclSIp
ukBWdaHQ4a+lI1TOjaPJbRp4GwxgUwc7pRHRPAeFm1dbuZU6g3VIFLETkZBOLHgm
ypNgQ13oPBFdCAiAaZlx65sYc5da/m1lD6mqkJP49fSfg9AMjMN1W05q3Ybfa02S
BYzJNmKXISXzme+JcVrTAUT8oNHptd4/AwwVXXccDpdNQq2e5tWI8gCw8cV5nWFx
mMY0kBBht+CeJkt7ZFkoUxPjA0pp5iEII9IpkICrc8ZvLEKxHlzU9a2kgTVd7FgQ
25odAgQW2A5ftFdqCsW4bJmxPCzyVIpeiSf5INQiq3zgQEw3m8zz8MhM2fAj
-----END CERTIFICATE-----
Generated at Mon Jun 10 18:29:35 2024 by rpki-client on console-fra.rpki-client.org