Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/ciQsEEpL63HIKn0oOeUmPDB71H0.roa
File: ciQsEEpL63HIKn0oOeUmPDB71H0.roa (raw, json)
Hash identifier: iSyA0QGoGbjUcx234hNZStAsTjdRZlRFMP6kLZeLXoU=
Subject key identifier: 72:24:2C:10:4A:4B:EB:71:C8:2A:7D:28:39:E5:26:3C:30:7B:D4:7D
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 0190107002830ABCE3B1B845E0A65FD4D43E
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/ciQsEEpL63HIKn0oOeUmPDB71H0.roa
Signing time: Thu 13 Jun 2024 07:11:34 +0000
ROA not before: Thu 13 Jun 2024 07:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.232.0/22 maxlen: 24
83.147.244.0/22 maxlen: 24
91.186.194.0/23 maxlen: 24
91.186.200.0/22 maxlen: 24
91.186.204.0/22 maxlen: 24
94.241.160.0/23 maxlen: 24
94.241.168.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sat 15 Jun 2024 14:22:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:10:70:02:83:0a:bc:e3:b1:b8:45:e0:a6:5f:d4:d4:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jun 13 07:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72242c104a4beb71c82a7d2839e5263c307bd47d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:fa:b6:3f:21:f7:2c:0e:ea:18:ae:f7:d9:8a:
48:90:17:df:d8:d6:77:39:fe:ab:40:42:9b:27:cb:
49:d1:1b:b7:eb:c4:2e:b4:43:ba:c2:aa:1e:79:df:
2a:b1:d6:e3:32:1e:3c:75:59:52:29:ce:29:8b:f8:
7f:bb:91:e2:7d:1b:bd:2e:47:31:76:4d:1b:9a:17:
63:23:e6:b2:75:0e:df:80:fc:3a:e9:5c:d4:53:29:
f1:d3:3c:a9:13:e5:12:b4:4f:40:53:03:ed:5f:7c:
05:38:fc:d6:28:b7:fb:21:65:ca:dd:c5:8f:63:42:
59:14:72:35:7d:d4:2f:59:6a:3e:a5:a7:eb:52:ff:
c7:02:cc:02:51:c9:d8:ca:d6:f2:e0:ae:13:52:e1:
86:31:6d:f2:46:93:c0:fb:cf:d5:04:e8:79:c0:81:
b9:f3:3f:75:60:d8:06:e4:7a:af:f6:52:80:fa:77:
ad:16:4a:f7:97:1d:cd:58:ea:28:00:02:48:2f:1a:
0e:a1:1f:9c:50:7b:3e:1e:f6:8a:f1:dc:76:92:ca:
a5:ad:a6:57:82:54:1b:84:2d:a5:af:70:36:42:51:
46:53:01:1c:3f:9e:e9:21:a1:8d:60:cd:32:7e:69:
a9:70:fd:6c:75:39:ec:9a:06:85:7d:ee:3c:df:11:
ff:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:24:2C:10:4A:4B:EB:71:C8:2A:7D:28:39:E5:26:3C:30:7B:D4:7D
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/ciQsEEpL63HIKn0oOeUmPDB71H0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.232.0/22
83.147.244.0/22
91.186.194.0/23
91.186.200.0/21
94.241.160.0/23
94.241.168.0/21
Signature Algorithm: sha256WithRSAEncryption
58:3f:ca:37:97:2b:bf:fd:55:21:06:ae:73:8e:9e:44:f7:8b:
08:79:68:70:c8:70:4e:ad:0b:9c:e5:fa:d8:e9:a2:04:d0:03:
35:28:b0:ed:49:c0:c1:36:62:4b:f1:9b:1b:5c:b3:4b:49:8e:
e8:f4:ec:62:f5:00:e4:bd:a2:41:6b:2b:48:13:87:ba:02:04:
68:9c:c3:c0:64:9a:e3:03:8b:8c:5f:43:20:12:2f:bb:0d:04:
87:0e:e2:33:85:3d:ac:87:95:22:49:4a:f6:a2:6a:02:c7:26:
16:e4:f2:79:bf:20:1a:c2:67:6c:70:3e:57:74:ce:12:d3:42:
de:fb:59:a4:42:3e:e3:7e:10:bc:8e:f8:f2:70:bb:fb:41:b3:
cf:b3:03:a9:03:d9:b6:68:c1:ad:b6:76:35:73:45:3e:a7:67:
05:39:ef:61:c7:a7:0b:ba:61:5e:1b:9d:9e:12:63:39:88:86:
1e:3c:87:10:14:26:b3:08:7e:af:3f:8d:f3:01:32:6b:63:2e:
77:d5:26:b5:88:75:c6:e7:61:2b:5a:42:f7:8c:f6:85:86:e3:
0c:81:54:80:7a:2b:82:3f:ef:66:28:6f:c9:31:70:dd:00:54:
21:bd:e4:51:5d:5c:55:b9:3a:37:d0:9a:78:fc:cf:31:30:b9:
c2:a7:54:45
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZAQcAKDCrzjsbhF4KZf1NQ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwNjEzMDcxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjI0MmMxMDRhNGJlYjcxYzgyYTdkMjgzOWU1MjYzYzMwN2JkNDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3/q2PyH3LA7qGK732YpIkBff2NZ3
Of6rQEKbJ8tJ0Ru368QutEO6wqoeed8qsdbjMh48dVlSKc4pi/h/u5HifRu9Lkcx
dk0bmhdjI+aydQ7fgPw66VzUUynx0zypE+UStE9AUwPtX3wFOPzWKLf7IWXK3cWP
Y0JZFHI1fdQvWWo+pafrUv/HAswCUcnYytby4K4TUuGGMW3yRpPA+8/VBOh5wIG5
8z91YNgG5Hqv9lKA+netFkr3lx3NWOooAAJILxoOoR+cUHs+HvaK8dx2ksqlraZX
glQbhC2lr3A2QlFGUwEcP57pIaGNYM0yfmmpcP1sdTnsmgaFfe483xH/cQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHIkLBBKS+txyCp9KDnlJjwwe9R9MB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvY2lRc0VFcEw2M0hJS24wb09lVW1QREI3MUgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCU5PoAwQC
U5P0AwQBW7rCAwQDW7rIAwQBXvGgAwQDXvGoMA0GCSqGSIb3DQEBCwUAA4IBAQBY
P8o3lyu//VUhBq5zjp5E94sIeWhwyHBOrQuc5frY6aIE0AM1KLDtScDBNmJL8Zsb
XLNLSY7o9Oxi9QDkvaJBaytIE4e6AgRonMPAZJrjA4uMX0MgEi+7DQSHDuIzhT2s
h5UiSUr2omoCxyYW5PJ5vyAawmdscD5XdM4S00Le+1mkQj7jfhC8jvjycLv7QbPP
swOpA9m2aMGttnY1c0U+p2cFOe9hx6cLumFeG52eEmM5iIYePIcQFCazCH6vP43z
ATJrYy531Sa1iHXG52ErWkL3jPaFhuMMgVSAeiuCP+9mKG/JMXDdAFQhveRRXVxV
uTo30Jp4/M8xMLnCp1RF
Generated at Sat Jun 15 15:38:09 2024 by rpki-client on console-fra.rpki-client.org