Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/cZ0qHxwzvSSnSTtcFon9uJ-Cxl0.roa
File: cZ0qHxwzvSSnSTtcFon9uJ-Cxl0.roa (raw, json)
Hash identifier: jV2bo9FZG5mZoM1MzMBXRzVc4FQ0OGvxAbdZTQiM6+8=
Subject key identifier: 71:9D:2A:1F:1C:33:BD:24:A7:49:3B:5C:16:89:FD:B8:9F:82:C6:5D
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 019326751E913017BD94E604ECBD4E7EC63E
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/cZ0qHxwzvSSnSTtcFon9uJ-Cxl0.roa
Signing time: Wed 13 Nov 2024 16:57:09 +0000
ROA not before: Wed 13 Nov 2024 16:57:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.244.0/22 maxlen: 24
91.186.200.0/22 maxlen: 24
91.186.204.0/22 maxlen: 24
91.186.216.0/23 maxlen: 24
94.241.168.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Nov 2024 13:24:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:26:75:1e:91:30:17:bd:94:e6:04:ec:bd:4e:7e:c6:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Nov 13 16:57:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=719d2a1f1c33bd24a7493b5c1689fdb89f82c65d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:44:e6:ae:36:c8:5c:5c:62:80:5f:25:a1:f1:
9a:cd:f4:df:58:03:23:2d:a6:b5:6d:48:a0:54:f7:
17:cb:df:23:2e:33:cb:f3:09:30:23:c6:cb:a6:1f:
29:c9:5b:58:13:18:e0:7c:d7:fe:83:77:82:b0:86:
81:b7:31:45:60:b0:64:cf:4e:de:54:f4:ee:1b:6e:
c1:0f:21:dc:76:6b:56:28:41:28:c6:3b:1b:71:77:
9a:27:77:89:f8:11:e4:e2:93:c5:7e:ef:fb:70:6f:
4b:cf:f8:a5:27:41:3c:06:53:ab:b1:60:c0:15:45:
62:f1:dc:34:72:a4:be:07:e9:6b:b1:ec:1d:08:7f:
ce:f4:2e:a8:a6:7e:b4:30:24:65:2b:45:aa:14:24:
12:16:3a:b8:68:6a:e2:59:dd:1e:d5:72:77:dc:9d:
6c:1e:80:a1:9c:9b:2f:0f:07:59:01:7c:87:ba:ea:
b2:3e:76:bf:dd:ae:57:ba:f6:33:5f:ae:f7:bd:04:
ca:ec:fb:d7:92:d5:9d:92:78:05:c1:c0:05:7a:38:
c3:91:5f:36:6a:29:e1:10:9e:76:17:fc:86:55:9b:
64:16:5b:9d:6e:64:8f:fb:8f:d2:ec:05:4c:c6:69:
fe:08:df:ed:62:17:84:4b:3a:37:7e:aa:83:b3:8e:
16:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:9D:2A:1F:1C:33:BD:24:A7:49:3B:5C:16:89:FD:B8:9F:82:C6:5D
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/cZ0qHxwzvSSnSTtcFon9uJ-Cxl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.244.0/22
91.186.200.0/21
91.186.216.0/23
94.241.168.0/21
Signature Algorithm: sha256WithRSAEncryption
05:66:0d:f1:c2:3e:48:8e:b9:a3:ab:62:95:f8:44:b9:83:be:
75:ca:e2:e1:d7:9a:1e:4e:4a:47:9a:c8:06:58:b7:5d:61:09:
37:6d:3b:77:5d:58:6a:1e:89:91:48:c7:a0:11:bb:3f:21:d5:
4c:8b:06:2c:8f:ac:d7:8d:bb:cd:47:5c:09:ac:ff:35:f9:3c:
ac:5c:cb:71:44:bf:85:c4:a9:6e:98:90:ca:63:18:d7:5e:31:
86:b0:c8:1c:84:12:91:36:9c:93:8e:a6:06:b6:b7:84:34:90:
c1:c8:5f:70:11:08:3f:3c:13:14:71:ff:49:3c:57:09:09:af:
3d:0c:ac:7c:f5:3b:29:fd:fb:7f:aa:98:1a:45:aa:53:c1:8f:
7f:32:b9:52:36:8d:e4:cd:eb:c4:79:b6:5f:13:0a:1f:fe:c8:
1e:5a:db:ff:76:d0:8b:eb:09:74:53:19:2e:ca:ba:c5:56:44:
bf:d2:56:cc:22:04:ea:b0:ec:bc:46:85:a7:45:15:3f:98:13:
39:55:f7:b2:04:a9:e0:22:94:f4:fe:2d:6a:5d:b5:ba:04:e2:
42:7d:60:cf:af:56:2d:bd:b3:e1:bc:0f:90:ee:c5:02:98:98:
45:5a:32:f1:76:0d:0e:51:72:51:43:10:aa:63:4d:00:0a:02:
14:37:dc:da
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZMmdR6RMBe9lOYE7L1OfsY+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQxMTEzMTY1NzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTlkMmExZjFjMzNiZDI0YTc0OTNiNWMxNjg5ZmRiODlmODJjNjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7kTmrjbIXFxigF8lofGazfTfWAMj
Laa1bUigVPcXy98jLjPL8wkwI8bLph8pyVtYExjgfNf+g3eCsIaBtzFFYLBkz07e
VPTuG27BDyHcdmtWKEEoxjsbcXeaJ3eJ+BHk4pPFfu/7cG9Lz/ilJ0E8BlOrsWDA
FUVi8dw0cqS+B+lrsewdCH/O9C6opn60MCRlK0WqFCQSFjq4aGriWd0e1XJ33J1s
HoChnJsvDwdZAXyHuuqyPna/3a5XuvYzX673vQTK7PvXktWdkngFwcAFejjDkV82
ainhEJ52F/yGVZtkFludbmSP+4/S7AVMxmn+CN/tYheESzo3fqqDs44WfwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHGdKh8cM70kp0k7XBaJ/bifgsZdMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvY1owcUh4d3p2U1NuU1R0Y0Zvbjl1Si1DeGwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCU5P0AwQD
W7rIAwQBW7rYAwQDXvGoMA0GCSqGSIb3DQEBCwUAA4IBAQAFZg3xwj5Ijrmjq2KV
+ES5g751yuLh15oeTkpHmsgGWLddYQk3bTt3XVhqHomRSMegEbs/IdVMiwYsj6zX
jbvNR1wJrP81+TysXMtxRL+FxKlumJDKYxjXXjGGsMgchBKRNpyTjqYGtreENJDB
yF9wEQg/PBMUcf9JPFcJCa89DKx89Tsp/ft/qpgaRapTwY9/MrlSNo3kzevEebZf
Ewof/sgeWtv/dtCL6wl0UxkuyrrFVkS/0lbMIgTqsOy8RoWnRRU/mBM5VfeyBKng
IpT0/i1qXbW6BOJCfWDPr1YtvbPhvA+Q7sUCmJhFWjLxdg0OUXJRQxCqY00ACgIU
N9za
-----END CERTIFICATE-----
Generated at Thu Nov 14 16:41:13 2024 by rpki-client on console-fra.rpki-client.org