Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/cQN_QHkXGSXuD8JS1aFY8bIAj_c.roa
File: cQN_QHkXGSXuD8JS1aFY8bIAj_c.roa (raw, json)
Hash identifier: zHii/DqZdyleHgtF+dvBAnwjOXvSUvK1UvET1LSp3uY=
Subject key identifier: 71:03:7F:40:79:17:19:25:EE:0F:C2:52:D5:A1:58:F1:B2:00:8F:F7
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 01919820F733CD9B4443472369028B3990B4
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/cQN_QHkXGSXuD8JS1aFY8bIAj_c.roa
Signing time: Wed 28 Aug 2024 08:36:22 +0000
ROA not before: Wed 28 Aug 2024 08:36:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 83.147.216.0/23 maxlen: 24
83.147.217.0/24 maxlen: 24
91.186.214.0/23 maxlen: 24
178.253.31.0/24 maxlen: 24
178.253.52.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Nov 2024 08:39:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:98:20:f7:33:cd:9b:44:43:47:23:69:02:8b:39:90:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Aug 28 08:36:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71037f4079171925ee0fc252d5a158f1b2008ff7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ba:17:7e:4e:da:40:10:dd:83:c8:33:63:bd:
4a:7f:c4:da:2b:02:7b:e6:76:08:21:c6:d5:8a:85:
c6:9f:dd:bc:43:3e:04:46:c3:a1:d8:3f:57:b2:c7:
bc:e0:74:10:e5:91:79:51:cb:63:e3:d6:d9:6e:6b:
b4:02:0b:99:b5:de:b7:06:a0:00:3a:e2:99:b1:01:
0d:77:18:92:d1:d3:98:32:2d:c3:5c:47:72:35:7a:
7a:9b:9a:a7:18:3d:df:2f:e5:15:c1:e9:00:44:7e:
e2:90:c1:f5:8a:01:f6:a1:3b:f8:c1:26:e9:0a:a5:
fe:ca:df:de:4b:e0:95:8b:dd:8a:ba:ef:8e:08:88:
1a:e8:10:20:6a:c4:bc:fc:23:7e:91:f8:91:58:92:
00:53:ca:4c:a4:97:75:a9:8d:b6:f6:0a:ed:09:6d:
b6:2a:31:f0:8e:1a:5c:30:d0:60:4f:4f:f5:44:8f:
b9:7b:c0:a4:8f:52:fb:ce:c6:f3:60:51:64:ea:65:
d7:62:2a:d8:74:b3:03:ee:8c:7a:56:83:2b:83:a5:
71:81:ed:20:7f:38:c2:0d:df:46:4e:16:f1:75:61:
fc:5b:9e:f7:75:c7:e4:c6:d3:c1:cf:33:72:ca:2f:
e1:d0:97:69:3a:c0:5c:7e:83:98:1c:cb:92:95:11:
2f:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:03:7F:40:79:17:19:25:EE:0F:C2:52:D5:A1:58:F1:B2:00:8F:F7
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/cQN_QHkXGSXuD8JS1aFY8bIAj_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.216.0/23
91.186.214.0/23
178.253.31.0/24
178.253.52.0/23
Signature Algorithm: sha256WithRSAEncryption
38:99:f2:f0:71:d1:41:0f:39:8d:f8:a0:a0:c8:61:95:d5:c2:
46:22:35:46:a7:40:37:be:14:e0:4d:a7:d7:0c:79:a3:f9:c6:
49:75:ef:ae:a0:98:7a:8e:4c:8b:eb:83:d8:9d:6d:a8:b6:d2:
e7:5d:d6:2f:d2:8e:e6:ab:94:c0:af:1e:d9:79:3d:29:62:1f:
a0:55:68:2a:9b:91:f9:1c:de:ba:24:ad:63:8d:6f:bf:df:10:
c3:72:1a:cd:2b:ec:8f:00:40:34:ef:28:89:d5:1b:58:13:44:
2e:04:9a:83:5b:4b:41:93:61:03:40:13:55:7c:cc:cb:16:89:
12:bd:67:8c:1f:fc:2b:c6:ec:db:fe:64:fe:58:20:fd:16:68:
af:38:50:d8:e6:8c:ea:b6:c0:47:8f:74:85:a2:56:74:76:09:
e5:ff:0a:1f:b9:d0:78:7d:aa:0b:75:d1:08:aa:69:a2:37:ed:
e6:7c:2b:3c:bf:42:56:5a:8e:40:a1:7c:b9:fe:de:a0:ae:fc:
13:f7:d1:5c:6f:39:f1:4c:be:59:cd:94:aa:19:ce:3b:85:0d:
e9:b0:0f:87:27:f3:c4:79:9a:20:19:76:28:4a:ad:60:53:10:
36:fe:c0:cb:59:d1:6e:f5:84:c4:b7:22:47:30:52:3f:86:f8:
6e:61:78:ff
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZGYIPczzZtEQ0cjaQKLOZC0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwODI4MDgzNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTAzN2Y0MDc5MTcxOTI1ZWUwZmMyNTJkNWExNThmMWIyMDA4ZmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1boXfk7aQBDdg8gzY71Kf8TaKwJ7
5nYIIcbVioXGn928Qz4ERsOh2D9Xsse84HQQ5ZF5Uctj49bZbmu0AguZtd63BqAA
OuKZsQENdxiS0dOYMi3DXEdyNXp6m5qnGD3fL+UVwekARH7ikMH1igH2oTv4wSbp
CqX+yt/eS+CVi92Kuu+OCIga6BAgasS8/CN+kfiRWJIAU8pMpJd1qY229grtCW22
KjHwjhpcMNBgT0/1RI+5e8Ckj1L7zsbzYFFk6mXXYirYdLMD7ox6VoMrg6Vxge0g
fzjCDd9GThbxdWH8W573dcfkxtPBzzNyyi/h0JdpOsBcfoOYHMuSlREvfQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHEDf0B5Fxkl7g/CUtWhWPGyAI/3MB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvY1FOX1FIa1hHU1h1RDhKUzFhRlk4YklBal9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBU5PYAwQB
W7rWAwQAsv0fAwQBsv00MA0GCSqGSIb3DQEBCwUAA4IBAQA4mfLwcdFBDzmN+KCg
yGGV1cJGIjVGp0A3vhTgTafXDHmj+cZJde+uoJh6jkyL64PYnW2ottLnXdYv0o7m
q5TArx7ZeT0pYh+gVWgqm5H5HN66JK1jjW+/3xDDchrNK+yPAEA07yiJ1RtYE0Qu
BJqDW0tBk2EDQBNVfMzLFokSvWeMH/wrxuzb/mT+WCD9FmivOFDY5ozqtsBHj3SF
olZ0dgnl/wofudB4faoLddEIqmmiN+3mfCs8v0JWWo5AoXy5/t6grvwT99Fcbznx
TL5ZzZSqGc47hQ3psA+HJ/PEeZogGXYoSq1gUxA2/sDLWdFu9YTEtyJHMFI/hvhu
YXj/
-----END CERTIFICATE-----
Generated at Tue Nov 12 10:16:27 2024 by rpki-client on console-ams.rpki-client.org