Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/cRlYFVj_8j9eKuWx4MXxbQ4khXw.roa
File: cRlYFVj_8j9eKuWx4MXxbQ4khXw.roa (raw, json)
Hash identifier: 8iNdh98+1kd/E3BJhE17JWLbP43Tw5414g9YRbvidW8=
Subject key identifier: 71:19:58:15:58:FF:F2:3F:5E:2A:E5:B1:E0:C5:F1:6D:0E:24:85:7C
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018D05D6D1FF9B2B9EC71E8EC4BCF27990D2
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/cRlYFVj_8j9eKuWx4MXxbQ4khXw.roa
Signing time: Sun 14 Jan 2024 02:39:40 +0000
ROA not before: Sun 14 Jan 2024 02:39:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.186.200.0/22 maxlen: 24
91.186.204.0/22 maxlen: 24
91.186.216.0/22 maxlen: 24
94.241.168.0/21 maxlen: 24
83.147.244.0/22 maxlen: 24
83.147.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jan 2024 06:21:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:05:d6:d1:ff:9b:2b:9e:c7:1e:8e:c4:bc:f2:79:90:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jan 14 02:39:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7119581558fff23f5e2ae5b1e0c5f16d0e24857c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:33:70:ef:cd:18:d1:35:68:82:99:d5:9d:9a:
3c:22:66:4e:c2:49:d4:1e:fa:47:51:05:08:a6:b3:
97:a7:e1:3f:bf:16:c3:44:e2:9b:89:24:69:fc:af:
2e:1d:4e:df:a7:d2:a5:e2:dc:ef:1c:cd:45:88:c5:
97:36:f1:3a:af:1c:65:54:43:0f:a0:ad:54:00:5e:
da:2f:46:88:c8:2e:23:66:7a:60:33:45:82:10:ce:
15:5b:64:96:cc:1f:83:df:62:46:f7:ab:12:0d:d7:
c8:dc:4d:16:92:c7:70:3c:b2:f3:91:dc:ff:0b:2a:
d1:86:d4:8b:26:2c:9a:69:4e:a2:19:c9:70:cb:1b:
a8:3c:27:f7:3e:3b:0c:7b:a8:2d:b3:70:bf:83:e0:
29:1f:99:ef:6d:4b:59:30:22:dd:12:81:81:56:5d:
cc:ff:05:f5:83:f3:53:f7:42:b6:ca:18:8a:a8:60:
99:35:37:04:89:d5:12:fe:69:ea:78:24:64:25:cb:
c6:e9:cb:58:db:19:3d:95:16:55:d6:d9:e4:bc:24:
b1:36:4a:44:3a:73:4a:23:63:3f:c8:40:8a:f5:77:
3e:6a:17:e2:2d:1f:f7:ef:64:cc:4c:b9:34:b3:97:
28:7a:80:e7:84:cd:8d:1e:c7:f6:5a:52:84:2d:09:
b2:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:19:58:15:58:FF:F2:3F:5E:2A:E5:B1:E0:C5:F1:6D:0E:24:85:7C
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/cRlYFVj_8j9eKuWx4MXxbQ4khXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.244.0/22
83.147.252.0/22
91.186.200.0/21
91.186.216.0/22
94.241.168.0/21
Signature Algorithm: sha256WithRSAEncryption
8d:99:dc:79:1f:cf:5c:ac:b0:d6:11:83:20:b3:32:5c:6b:52:
e4:8e:54:df:ec:3f:96:a8:86:4f:95:1c:c2:c6:18:1b:09:6a:
91:d7:e7:00:bb:3f:e8:f9:5d:55:f3:c5:f5:78:31:97:37:23:
99:f8:73:f9:35:51:ed:f3:c9:61:a2:84:35:85:8b:ee:28:07:
4c:a5:dc:3b:7e:1c:87:4c:73:a9:42:24:e5:95:38:f1:8d:41:
45:48:72:4a:da:63:13:7d:b0:4c:d5:dc:09:05:01:60:f3:d2:
0e:b5:80:60:88:17:f1:f3:55:0f:9c:ee:b9:5a:a6:f4:da:6b:
85:73:c6:84:93:ac:7a:f2:05:1b:f6:70:5d:23:15:bf:6e:a2:
de:c2:59:ba:cd:de:f3:54:15:f2:53:49:c7:79:ad:8f:ba:25:
8f:59:14:2a:e6:c2:70:c4:09:f8:cc:de:0f:b4:84:06:d4:b0:
ee:57:41:08:8f:b4:2f:31:b6:35:9d:68:6e:f6:6b:8b:6e:be:
f9:b7:c0:3e:43:cc:fe:dd:d7:ac:0a:95:30:db:7f:b8:4f:24:
0e:01:aa:a0:7b:4d:6c:91:da:0f:57:89:8f:e8:d4:e8:85:2c:
af:3d:db:42:24:15:1d:dd:f0:4e:6c:55:79:4a:d1:be:01:71:
ab:21:05:37
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY0F1tH/myuexx6OxLzyeZDSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwMTE0MDIzOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTE5NTgxNTU4ZmZmMjNmNWUyYWU1YjFlMGM1ZjE2ZDBlMjQ4NTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzNw780Y0TVogpnVnZo8ImZOwknU
HvpHUQUIprOXp+E/vxbDROKbiSRp/K8uHU7fp9Kl4tzvHM1FiMWXNvE6rxxlVEMP
oK1UAF7aL0aIyC4jZnpgM0WCEM4VW2SWzB+D32JG96sSDdfI3E0WksdwPLLzkdz/
CyrRhtSLJiyaaU6iGclwyxuoPCf3PjsMe6gts3C/g+ApH5nvbUtZMCLdEoGBVl3M
/wX1g/NT90K2yhiKqGCZNTcEidUS/mnqeCRkJcvG6ctY2xk9lRZV1tnkvCSxNkpE
OnNKI2M/yECK9Xc+ahfiLR/372TMTLk0s5coeoDnhM2NHsf2WlKELQmy9QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHEZWBVY//I/XirlseDF8W0OJIV8MB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvY1JsWUZWal84ajllS3VXeDRNWHhiUTRraFh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCU5P0AwQC
U5P8AwQDW7rIAwQCW7rYAwQDXvGoMA0GCSqGSIb3DQEBCwUAA4IBAQCNmdx5H89c
rLDWEYMgszJca1LkjlTf7D+WqIZPlRzCxhgbCWqR1+cAuz/o+V1V88X1eDGXNyOZ
+HP5NVHt88lhooQ1hYvuKAdMpdw7fhyHTHOpQiTllTjxjUFFSHJK2mMTfbBM1dwJ
BQFg89IOtYBgiBfx81UPnO65Wqb02muFc8aEk6x68gUb9nBdIxW/bqLewlm6zd7z
VBXyU0nHea2PuiWPWRQq5sJwxAn4zN4PtIQG1LDuV0EIj7QvMbY1nWhu9muLbr75
t8A+Q8z+3desCpUw23+4TyQOAaqge01skdoPV4mP6NTohSyvPdtCJBUd3fBObFV5
StG+AXGrIQU3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:09 2024 by rpki-client on console-fra.rpki-client.org