Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/d0Jh0L8pbcVRUUN_DwtD0WdP6RU.roa
File: d0Jh0L8pbcVRUUN_DwtD0WdP6RU.roa (raw, json)
Hash identifier: SD8u1H69PplNC9gcn9jiS8aRstwH0Vo66Uuf6mZcPFE=
Subject key identifier: 77:42:61:D0:BF:29:6D:C5:51:51:43:7F:0F:0B:43:D1:67:4F:E9:15
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018D3A2FDCD4E195B3320ACBC28826B61A71
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/d0Jh0L8pbcVRUUN_DwtD0WdP6RU.roa
Signing time: Wed 24 Jan 2024 06:37:11 +0000
ROA not before: Wed 24 Jan 2024 06:37:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.216.0/24 maxlen: 24
83.147.244.0/22 maxlen: 24
83.147.252.0/22 maxlen: 24
91.186.204.0/22 maxlen: 24
91.186.216.0/22 maxlen: 24
94.241.164.0/23 maxlen: 24
94.241.168.0/21 maxlen: 24
178.253.26.0/24 maxlen: 24
178.253.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Jan 2024 19:49:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3a:2f:dc:d4:e1:95:b3:32:0a:cb:c2:88:26:b6:1a:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jan 24 06:37:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=774261d0bf296dc55151437f0f0b43d1674fe915
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:53:f0:c3:02:ab:7e:1a:da:c8:ed:d4:01:62:
c0:69:cd:bf:29:f7:eb:cb:30:3f:1d:3a:ca:b6:ff:
6d:2f:61:37:e8:29:d9:99:9f:a3:d8:52:d6:51:61:
e5:01:a2:09:04:d8:78:2d:70:da:7b:42:0e:3b:cc:
2b:22:bb:ae:60:25:11:07:82:85:e8:5f:4b:28:f8:
4b:a5:28:b1:99:d5:83:11:54:23:4f:1e:d7:53:1f:
a9:12:fa:0f:a6:28:d6:88:d8:52:d6:6e:78:09:5f:
46:79:f8:4f:e9:d2:4b:19:31:59:9c:db:2f:54:a8:
38:cf:11:62:d9:60:5c:63:94:8c:b4:52:8b:2a:f1:
c2:aa:e7:4b:24:37:18:bb:c1:85:cd:95:31:ca:7a:
90:cf:0a:1d:f5:05:75:72:df:d4:5a:4f:f4:40:34:
3b:35:ba:54:47:2e:38:7f:a0:40:58:84:f0:f7:0a:
39:c9:c0:95:18:87:66:e8:6d:fe:ba:bf:1a:4b:2e:
03:13:4c:5e:e5:ad:11:e7:22:0a:8d:9d:ab:27:53:
18:e2:d0:a3:1a:72:c1:b5:1a:41:34:ba:83:86:98:
43:9d:31:9d:20:ec:8e:da:a8:e0:e0:9f:16:d4:16:
10:af:52:5f:2c:08:be:c5:eb:74:ad:73:c2:ad:37:
fe:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:42:61:D0:BF:29:6D:C5:51:51:43:7F:0F:0B:43:D1:67:4F:E9:15
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/d0Jh0L8pbcVRUUN_DwtD0WdP6RU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.216.0/24
83.147.244.0/22
83.147.252.0/22
91.186.204.0/22
91.186.216.0/22
94.241.164.0/23
94.241.168.0/21
178.253.26.0/23
Signature Algorithm: sha256WithRSAEncryption
36:b2:6b:78:ca:fc:fe:da:5b:3e:49:8f:97:0e:11:78:02:e8:
0c:2d:ea:10:fa:41:f1:fd:e2:75:db:8a:f0:39:a7:2b:b5:d9:
f2:db:76:08:fc:a9:0b:47:38:c3:04:2d:5e:d6:b5:aa:86:07:
98:ed:92:0c:4e:8f:0b:dd:14:25:2c:fa:f9:0a:08:3e:59:85:
88:32:21:b6:75:e5:0f:4f:f7:ae:f9:9a:10:27:4c:4f:0c:37:
02:00:7b:c2:cd:13:83:8f:76:21:be:56:99:7c:08:bc:33:23:
41:d7:6f:cd:c5:53:80:2a:22:aa:cb:a1:aa:f9:0d:21:0b:2d:
2c:55:c1:af:00:38:3f:82:0c:83:24:87:05:ba:9f:15:3a:21:
c9:bb:3e:b9:c9:8d:78:1f:69:f7:ef:54:44:9b:1a:40:ac:18:
68:78:07:e2:3a:0a:3d:5b:fe:85:fb:42:92:18:27:a9:84:0f:
8a:f5:db:a3:66:40:74:10:31:10:85:23:f1:1f:a7:74:57:0a:
f2:bd:71:fb:d6:64:78:95:7a:dd:b4:86:cd:5d:ac:6b:0e:14:
55:79:99:8c:05:26:81:2c:76:80:48:40:6d:0c:57:bb:ea:42:
48:b3:2a:0e:03:cb:a3:4e:b0:41:a2:b8:d6:ae:08:aa:b3:bd:
1c:2b:ac:a3
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY06L9zU4ZWzMgrLwogmthpxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwMTI0MDYzNzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzQyNjFkMGJmMjk2ZGM1NTE1MTQzN2YwZjBiNDNkMTY3NGZlOTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplPwwwKrfhrayO3UAWLAac2/Kffr
yzA/HTrKtv9tL2E36CnZmZ+j2FLWUWHlAaIJBNh4LXDae0IOO8wrIruuYCURB4KF
6F9LKPhLpSixmdWDEVQjTx7XUx+pEvoPpijWiNhS1m54CV9GefhP6dJLGTFZnNsv
VKg4zxFi2WBcY5SMtFKLKvHCqudLJDcYu8GFzZUxynqQzwod9QV1ct/UWk/0QDQ7
NbpURy44f6BAWITw9wo5ycCVGIdm6G3+ur8aSy4DE0xe5a0R5yIKjZ2rJ1MY4tCj
GnLBtRpBNLqDhphDnTGdIOyO2qjg4J8W1BYQr1JfLAi+xet0rXPCrTf+9QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFHdCYdC/KW3FUVFDfw8LQ9FnT+kVMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvZDBKaDBMOHBiY1ZSVVVOX0R3dEQwV2RQNlJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAU5PYAwQC
U5P0AwQCU5P8AwQCW7rMAwQCW7rYAwQBXvGkAwQDXvGoAwQBsv0aMA0GCSqGSIb3
DQEBCwUAA4IBAQA2smt4yvz+2ls+SY+XDhF4AugMLeoQ+kHx/eJ124rwOacrtdny
23YI/KkLRzjDBC1e1rWqhgeY7ZIMTo8L3RQlLPr5Cgg+WYWIMiG2deUPT/eu+ZoQ
J0xPDDcCAHvCzRODj3YhvlaZfAi8MyNB12/NxVOAKiKqy6Gq+Q0hCy0sVcGvADg/
ggyDJIcFup8VOiHJuz65yY14H2n371REmxpArBhoeAfiOgo9W/6F+0KSGCephA+K
9dujZkB0EDEQhSPxH6d0VwryvXH71mR4lXrdtIbNXaxrDhRVeZmMBSaBLHaASEBt
DFe76kJIsyoOA8ujTrBBorjWrgiqs70cK6yj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:19 2024 by rpki-client on console-ams.rpki-client.org