Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/duFNHtvYOJsiIs6uEir_f8l2HvQ.roa
File: duFNHtvYOJsiIs6uEir_f8l2HvQ.roa (raw, json)
Hash identifier: j1D9O+DPu9u4uZLNw04yIQK/dc4iHrF/pN8ORXxsRv0=
Subject key identifier: 76:E1:4D:1E:DB:D8:38:9B:22:22:CE:AE:12:2A:FF:7F:C9:76:1E:F4
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 0191F703378C3FB3BDFFB2B1E8F16B662360
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/duFNHtvYOJsiIs6uEir_f8l2HvQ.roa
Signing time: Sun 15 Sep 2024 18:47:48 +0000
ROA not before: Sun 15 Sep 2024 18:47:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.222.0/24 maxlen: 24
83.147.244.0/22 maxlen: 24
91.186.200.0/22 maxlen: 24
91.186.204.0/22 maxlen: 24
91.186.216.0/23 maxlen: 24
94.241.164.0/23 maxlen: 24
94.241.168.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Sep 2024 22:50:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:f7:03:37:8c:3f:b3:bd:ff:b2:b1:e8:f1:6b:66:23:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Sep 15 18:47:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=76e14d1edbd8389b2222ceae122aff7fc9761ef4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:f1:70:ba:43:d0:2f:76:04:5d:94:0e:37:6a:
42:39:e2:57:a2:e5:69:c1:31:c8:84:42:6c:d2:42:
75:bc:e4:69:92:23:07:03:cf:92:da:e8:83:dd:1b:
6c:3d:6e:34:0a:c2:07:ba:9f:72:d4:5c:97:49:50:
3d:30:e4:50:19:e3:a9:ed:eb:8f:e2:92:fe:83:24:
d0:23:be:19:ac:62:15:93:9b:66:35:9c:44:f2:85:
18:16:8e:e3:18:48:ce:25:4f:1f:a1:78:94:e1:52:
9f:b7:ae:fa:4c:2e:08:1b:ea:28:ce:20:82:c0:b6:
3a:23:16:ec:e9:8e:b0:58:1a:f2:38:c4:e1:65:a3:
bf:f9:03:9f:00:52:69:ed:c1:ec:09:25:74:87:20:
1e:c6:a4:8b:45:8b:89:61:88:84:5a:10:b6:48:57:
49:59:42:5a:6d:10:89:8a:c3:1e:f7:82:59:e2:3c:
1b:1c:14:77:88:01:dc:0e:f1:38:d3:13:78:f3:29:
7f:14:f5:e6:2d:c4:6a:59:82:97:27:52:ab:b4:9a:
d6:9d:1b:a0:7c:b0:6a:f9:45:2c:db:43:ca:99:65:
03:fa:57:05:04:bf:54:7b:ad:98:cf:ac:84:a3:14:
bb:5c:4e:6e:94:f6:d1:64:b9:76:b9:a1:ff:5e:98:
d1:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:E1:4D:1E:DB:D8:38:9B:22:22:CE:AE:12:2A:FF:7F:C9:76:1E:F4
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/duFNHtvYOJsiIs6uEir_f8l2HvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.222.0/24
83.147.244.0/22
91.186.200.0/21
91.186.216.0/23
94.241.164.0/23
94.241.168.0/21
Signature Algorithm: sha256WithRSAEncryption
1b:90:7a:42:f1:81:54:0f:51:0c:4c:56:ca:3a:27:36:6a:dd:
92:1b:82:ba:f5:33:34:48:4d:b9:e8:90:e8:62:9e:78:d2:b1:
2f:9c:94:74:2c:68:e2:36:31:55:4e:95:11:13:de:14:15:ef:
cc:62:9c:8b:8f:5a:df:e6:d4:8f:ae:63:e6:1a:79:79:84:1a:
85:1c:f3:f2:5a:d6:45:80:36:f9:80:30:4a:06:e6:6e:a8:9f:
1c:6b:96:df:be:d5:b5:60:08:a7:b4:05:7b:45:77:2b:ec:83:
e4:25:44:b9:68:a5:46:1b:15:9b:3f:95:31:b4:ac:ae:17:eb:
68:ff:ee:1f:b2:38:fe:9f:32:96:85:24:00:7a:7a:1d:e1:11:
5b:db:37:25:a5:c3:82:57:a7:7b:60:84:23:db:a0:80:f5:12:
e5:86:7e:d5:ed:1f:58:c1:db:24:ec:44:5a:e8:52:fe:75:e2:
54:ad:de:fe:17:30:16:c0:9b:12:71:8e:72:6b:a6:1d:af:dd:
96:08:93:0e:76:f2:6a:eb:f1:35:64:1d:5f:39:4f:18:66:5a:
f4:9f:9c:f6:b6:27:c9:be:f5:ad:2a:df:48:dd:58:a9:0c:c8:
9b:1f:d2:e0:17:4b:0a:a6:77:08:3a:c1:0d:d3:30:bc:a5:4d:
55:08:e3:db
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZH3AzeMP7O9/7Kx6PFrZiNgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwOTE1MTg0NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmUxNGQxZWRiZDgzODliMjIyMmNlYWUxMjJhZmY3ZmM5NzYxZWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/FwukPQL3YEXZQON2pCOeJXouVp
wTHIhEJs0kJ1vORpkiMHA8+S2uiD3RtsPW40CsIHup9y1FyXSVA9MORQGeOp7euP
4pL+gyTQI74ZrGIVk5tmNZxE8oUYFo7jGEjOJU8foXiU4VKft676TC4IG+ooziCC
wLY6Ixbs6Y6wWBryOMThZaO/+QOfAFJp7cHsCSV0hyAexqSLRYuJYYiEWhC2SFdJ
WUJabRCJisMe94JZ4jwbHBR3iAHcDvE40xN48yl/FPXmLcRqWYKXJ1KrtJrWnRug
fLBq+UUs20PKmWUD+lcFBL9Ue62Yz6yEoxS7XE5ulPbRZLl2uaH/XpjRqQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHbhTR7b2DibIiLOrhIq/3/Jdh70MB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvZHVGTkh0dllPSnNpSXM2dUVpcl9mOGwySHZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAU5PeAwQC
U5P0AwQDW7rIAwQBW7rYAwQBXvGkAwQDXvGoMA0GCSqGSIb3DQEBCwUAA4IBAQAb
kHpC8YFUD1EMTFbKOic2at2SG4K69TM0SE256JDoYp540rEvnJR0LGjiNjFVTpUR
E94UFe/MYpyLj1rf5tSPrmPmGnl5hBqFHPPyWtZFgDb5gDBKBuZuqJ8ca5bfvtW1
YAintAV7RXcr7IPkJUS5aKVGGxWbP5UxtKyuF+to/+4fsjj+nzKWhSQAenod4RFb
2zclpcOCV6d7YIQj26CA9RLlhn7V7R9Ywdsk7ERa6FL+deJUrd7+FzAWwJsScY5y
a6Ydr92WCJMOdvJq6/E1ZB1fOU8YZlr0n5z2tifJvvWtKt9I3VipDMibH9LgF0sK
pncIOsEN0zC8pU1VCOPb
-----END CERTIFICATE-----
Generated at Tue Sep 17 00:29:55 2024 by rpki-client on console-ams.rpki-client.org