Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/_aJlyJ1ykvl8yh1dTHXPE32CR1w.roa
File: _aJlyJ1ykvl8yh1dTHXPE32CR1w.roa (raw, json)
Hash identifier: JJcr74P1kqD1tIFqH4MAAEck1FD1X1Ou8/A7viGAJ1s=
Subject key identifier: FD:A2:65:C8:9D:72:92:F9:7C:CA:1D:5D:4C:75:CF:13:7D:82:47:5C
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018825E65C1F7BD4C1668A70AB7B55FFE7FF
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/_aJlyJ1ykvl8yh1dTHXPE32CR1w.roa
Signing time: Tue 16 May 2023 18:50:33 +0000
ROA not before: Tue 16 May 2023 18:50:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 94.241.136.0/21 maxlen: 24
91.186.216.0/22 maxlen: 24
83.147.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Jun 2023 16:26:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:25:e6:5c:1f:7b:d4:c1:66:8a:70:ab:7b:55:ff:e7:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: May 16 18:50:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fda265c89d7292f97cca1d5d4c75cf137d82475c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:0c:ee:29:41:bc:4b:71:bb:e2:36:c0:f0:8c:
7a:f3:64:f4:19:fc:53:08:8b:bb:60:b5:eb:7d:ee:
b9:f8:3c:07:dd:e4:ea:47:d0:cb:70:c7:eb:ba:60:
89:19:06:12:73:ae:37:0b:3e:3e:a8:a9:aa:a6:05:
6d:06:72:f0:52:81:0c:7a:d2:32:97:7e:46:01:50:
93:db:15:16:99:2c:49:1c:7d:12:26:65:35:79:74:
68:df:05:f1:57:46:1f:ee:78:8c:95:94:60:7c:89:
60:76:d0:18:7c:06:c8:8d:cc:bf:84:07:98:c2:e9:
3e:66:d6:d6:da:c5:31:92:8f:21:19:85:10:d2:91:
55:29:3e:3e:6a:64:a1:33:e2:4c:2b:84:29:3c:9e:
8e:ef:bc:98:88:b0:60:16:38:b0:ad:e9:e5:7d:6e:
c0:0a:06:19:af:42:35:c5:8b:34:71:25:39:61:af:
a5:8b:f5:a8:66:95:ff:12:35:33:05:79:67:98:03:
97:12:80:39:81:28:51:ba:83:24:fc:2d:b2:e3:43:
73:25:33:00:4f:ad:26:12:82:67:17:b1:7d:af:4c:
ac:1c:57:23:46:a6:23:fd:c3:ed:26:56:33:c2:f3:
05:14:6e:97:24:13:f0:cd:18:10:f4:bc:0d:74:e9:
40:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:A2:65:C8:9D:72:92:F9:7C:CA:1D:5D:4C:75:CF:13:7D:82:47:5C
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/_aJlyJ1ykvl8yh1dTHXPE32CR1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.252.0/22
91.186.216.0/22
94.241.136.0/21
Signature Algorithm: sha256WithRSAEncryption
89:ae:cf:06:8d:5f:b9:61:82:98:26:db:5b:2c:01:3d:90:dc:
87:3f:44:eb:de:7a:c3:6b:c5:0a:15:7c:62:8b:5a:82:0c:3e:
b1:d3:75:25:62:ed:41:2a:17:4b:77:88:3c:8d:4d:a0:b6:c5:
75:c7:90:ec:c0:3b:d6:42:94:b3:c1:4f:73:73:48:d5:81:30:
88:ac:28:da:82:28:bc:60:9b:79:3a:58:9d:32:ac:d1:a5:90:
ee:82:e9:64:46:7a:97:52:16:e4:26:17:42:24:f8:09:c3:9d:
cf:16:b6:28:92:e6:6f:a8:73:3b:15:89:58:49:b3:74:9f:9f:
b9:33:b4:69:a5:9f:be:db:0a:3b:11:3e:4e:09:ac:c3:52:6a:
c2:43:b4:0c:f6:2f:3a:62:a1:3b:33:14:f4:86:b4:2a:f6:44:
d8:02:07:27:dc:11:da:8d:b8:16:74:75:56:35:8a:4c:fb:eb:
36:cd:c2:bd:ae:38:0e:73:c3:67:38:14:d3:bc:0b:4b:b5:b7:
d3:45:ae:c5:14:93:1e:36:3e:bb:d6:bf:48:df:32:16:41:1d:
32:dd:7f:fe:83:63:e7:03:20:f7:a3:81:25:88:de:0e:ba:0f:
e5:5b:45:b7:b2:07:e8:b1:ca:5c:09:5d:55:bf:23:21:0d:ae:
34:01:ba:c6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYgl5lwfe9TBZopwq3tV/+f/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwNTE2MTg1MDMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGEyNjVjODlkNzI5MmY5N2NjYTFkNWQ0Yzc1Y2YxMzdkODI0NzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAzuKUG8S3G74jbA8Ix682T0GfxT
CIu7YLXrfe65+DwH3eTqR9DLcMfrumCJGQYSc643Cz4+qKmqpgVtBnLwUoEMetIy
l35GAVCT2xUWmSxJHH0SJmU1eXRo3wXxV0Yf7niMlZRgfIlgdtAYfAbIjcy/hAeY
wuk+ZtbW2sUxko8hGYUQ0pFVKT4+amShM+JMK4QpPJ6O77yYiLBgFjiwrenlfW7A
CgYZr0I1xYs0cSU5Ya+li/WoZpX/EjUzBXlnmAOXEoA5gShRuoMk/C2y40NzJTMA
T60mEoJnF7F9r0ysHFcjRqYj/cPtJlYzwvMFFG6XJBPwzRgQ9LwNdOlAsQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFP2iZcidcpL5fModXUx1zxN9gkdcMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvX2FKbHlKMXlrdmw4eWgxZFRIWFBFMzJDUjF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCU5P8AwQC
W7rYAwQDXvGIMA0GCSqGSIb3DQEBCwUAA4IBAQCJrs8GjV+5YYKYJttbLAE9kNyH
P0Tr3nrDa8UKFXxii1qCDD6x03UlYu1BKhdLd4g8jU2gtsV1x5DswDvWQpSzwU9z
c0jVgTCIrCjagii8YJt5OlidMqzRpZDugulkRnqXUhbkJhdCJPgJw53PFrYokuZv
qHM7FYlYSbN0n5+5M7RppZ++2wo7ET5OCazDUmrCQ7QM9i86YqE7MxT0hrQq9kTY
Agcn3BHajbgWdHVWNYpM++s2zcK9rjgOc8NnOBTTvAtLtbfTRa7FFJMeNj671r9I
3zIWQR0y3X/+g2PnAyD3o4EliN4Oug/lW0W3sgfoscpcCV1VvyMhDa40AbrG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:19 2024 by rpki-client on console-ams.rpki-client.org