Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/cI_H8xNFC5gBSbmUg9WtM9fjBqE.roa
File: cI_H8xNFC5gBSbmUg9WtM9fjBqE.roa (raw, json)
Hash identifier: fubGUxgl/2grghU71oP+wWN5FrDduIm52D2inBihvvA=
Subject key identifier: 70:8F:C7:F3:13:45:0B:98:01:49:B9:94:83:D5:AD:33:D7:E3:06:A1
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018D75B423903B83FAC38A72A0CA1959BA5A
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/cI_H8xNFC5gBSbmUg9WtM9fjBqE.roa
Signing time: Sun 04 Feb 2024 19:59:16 +0000
ROA not before: Sun 04 Feb 2024 19:59:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.244.0/22 maxlen: 24
83.147.252.0/22 maxlen: 24
91.186.204.0/22 maxlen: 24
91.186.216.0/22 maxlen: 24
94.241.164.0/23 maxlen: 24
94.241.168.0/21 maxlen: 24
178.253.44.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Feb 2024 08:08:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:75:b4:23:90:3b:83:fa:c3:8a:72:a0:ca:19:59:ba:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Feb 4 19:59:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=708fc7f313450b980149b99483d5ad33d7e306a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d0:6d:f8:fe:f9:d7:69:fa:70:b0:ef:64:11:
fc:eb:99:aa:03:ec:e9:26:a3:3c:89:cd:cc:64:db:
9b:c6:26:d4:fb:63:bf:57:71:d4:e4:be:60:37:bf:
29:aa:41:8f:9c:b4:e2:1b:55:bc:66:69:2b:68:d3:
6c:39:25:68:ed:51:37:8c:8c:01:7b:7b:cc:f6:68:
90:6c:21:2a:b4:fe:38:96:9b:ef:75:6f:eb:e3:fa:
99:2b:f6:34:7d:c7:12:8c:e2:93:3e:5c:33:53:63:
f7:f4:6b:d4:b3:42:63:93:14:a9:4f:d5:ab:c8:5e:
01:6e:e2:6c:eb:06:37:08:e9:eb:3c:d0:e4:65:9e:
2a:17:89:ba:76:e6:22:b8:9d:cb:59:09:5d:6f:b9:
f5:df:4b:99:d0:c5:c4:04:06:1d:01:30:0f:fe:aa:
9e:1d:f1:a5:1b:e1:ef:aa:67:66:ec:25:2b:0b:09:
f3:08:2c:22:2c:55:81:22:6d:bb:34:1a:c9:39:b3:
a9:64:3e:c9:9a:6b:f7:36:79:0b:3e:6d:fe:4f:1f:
d6:0e:55:60:de:1d:bd:af:42:5c:81:01:d8:42:6a:
b0:c3:07:f7:2c:9c:23:4f:eb:81:d9:69:4a:5c:f3:
c3:3a:93:18:f8:75:81:7e:07:d4:b5:f3:fd:74:80:
c3:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:8F:C7:F3:13:45:0B:98:01:49:B9:94:83:D5:AD:33:D7:E3:06:A1
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/cI_H8xNFC5gBSbmUg9WtM9fjBqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.244.0/22
83.147.252.0/22
91.186.204.0/22
91.186.216.0/22
94.241.164.0/23
94.241.168.0/21
178.253.44.0/23
Signature Algorithm: sha256WithRSAEncryption
64:7a:44:45:00:31:83:04:5f:12:4a:98:02:0e:f9:6e:02:29:
44:76:b9:cd:dc:71:4f:db:ae:e3:e3:39:38:a6:af:17:ad:01:
cd:26:f2:4c:d2:1d:23:c2:04:88:af:e1:cb:97:88:c8:29:94:
3c:2f:42:70:c7:8b:12:8d:00:10:c9:6d:bf:a7:3c:4a:73:69:
b6:21:c0:5c:b8:29:47:fc:39:08:88:2c:37:bb:97:ff:2b:3b:
30:b9:40:55:0f:4a:2b:b2:dd:70:cd:47:ec:27:9a:43:bb:3e:
93:c9:0e:94:ad:a1:82:3a:79:5e:58:5d:5c:bc:16:ef:dc:c5:
fa:df:fd:5d:68:5f:8c:34:52:8e:a7:bb:a8:ab:bb:08:06:05:
02:d6:ed:f6:a1:b9:4c:88:f9:39:ad:18:5b:5c:bf:20:d5:55:
79:df:23:32:b0:4f:04:21:63:96:e5:67:f4:82:ea:e9:e5:48:
17:d0:6d:62:76:9a:0c:55:85:cd:0f:4a:cf:31:ae:78:30:ec:
e0:dc:5d:05:ee:d0:85:21:01:2d:53:e7:6f:78:14:f4:e4:9d:
e7:71:1b:5f:2c:71:97:1f:0e:c6:f4:42:f9:f3:66:a9:e6:0e:
db:13:e2:41:f7:2b:87:0d:75:1f:6e:c4:cf:7e:aa:de:93:0f:
b2:17:8f:ba
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY11tCOQO4P6w4pyoMoZWbpaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwMjA0MTk1OTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDhmYzdmMzEzNDUwYjk4MDE0OWI5OTQ4M2Q1YWQzM2Q3ZTMwNmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptBt+P7512n6cLDvZBH865mqA+zp
JqM8ic3MZNubxibU+2O/V3HU5L5gN78pqkGPnLTiG1W8ZmkraNNsOSVo7VE3jIwB
e3vM9miQbCEqtP44lpvvdW/r4/qZK/Y0fccSjOKTPlwzU2P39GvUs0JjkxSpT9Wr
yF4BbuJs6wY3COnrPNDkZZ4qF4m6duYiuJ3LWQldb7n130uZ0MXEBAYdATAP/qqe
HfGlG+Hvqmdm7CUrCwnzCCwiLFWBIm27NBrJObOpZD7Jmmv3NnkLPm3+Tx/WDlVg
3h29r0JcgQHYQmqwwwf3LJwjT+uB2WlKXPPDOpMY+HWBfgfUtfP9dIDDBwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHCPx/MTRQuYAUm5lIPVrTPX4wahMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvY0lfSDh4TkZDNWdCU2JtVWc5V3RNOWZqQnFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCU5P0AwQC
U5P8AwQCW7rMAwQCW7rYAwQBXvGkAwQDXvGoAwQBsv0sMA0GCSqGSIb3DQEBCwUA
A4IBAQBkekRFADGDBF8SSpgCDvluAilEdrnN3HFP267j4zk4pq8XrQHNJvJM0h0j
wgSIr+HLl4jIKZQ8L0Jwx4sSjQAQyW2/pzxKc2m2IcBcuClH/DkIiCw3u5f/Kzsw
uUBVD0orst1wzUfsJ5pDuz6TyQ6UraGCOnleWF1cvBbv3MX63/1daF+MNFKOp7uo
q7sIBgUC1u32oblMiPk5rRhbXL8g1VV53yMysE8EIWOW5Wf0gurp5UgX0G1idpoM
VYXND0rPMa54MOzg3F0F7tCFIQEtU+dveBT05J3ncRtfLHGXHw7G9EL582ap5g7b
E+JB9yuHDXUfbsTPfqrekw+yF4+6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:19 2024 by rpki-client on console-ams.rpki-client.org