Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/esnMZWg7RRAnz7R6_5juzefGpmc.roa
File: esnMZWg7RRAnz7R6_5juzefGpmc.roa (raw, json)
Hash identifier: vkeAh0QhIadT7JjQNxG4n1QyzutiBYJPvN4m4LgmWUE=
Subject key identifier: 7A:C9:CC:65:68:3B:45:10:27:CF:B4:7A:FF:98:EE:CD:E7:C6:A6:67
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018D7D75E8ABDAABA294E737E0C426661AED
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/esnMZWg7RRAnz7R6_5juzefGpmc.roa
Signing time: Tue 06 Feb 2024 08:08:15 +0000
ROA not before: Tue 06 Feb 2024 08:08:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.244.0/22 maxlen: 24
83.147.252.0/22 maxlen: 24
91.186.204.0/22 maxlen: 24
91.186.216.0/22 maxlen: 24
94.241.164.0/23 maxlen: 24
94.241.168.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Feb 2024 20:14:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7d:75:e8:ab:da:ab:a2:94:e7:37:e0:c4:26:66:1a:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Feb 6 08:08:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ac9cc65683b451027cfb47aff98eecde7c6a667
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:79:ec:d2:e1:3c:3c:6e:d8:7e:dd:68:23:d4:
a0:f8:05:69:a0:3d:ed:4d:ed:bc:02:27:39:2b:e2:
24:43:1c:b9:32:79:da:54:99:b5:ab:00:7d:7f:ae:
cd:97:d7:7b:69:e8:cf:5f:94:ba:c4:58:ae:f0:bf:
73:e4:ce:de:85:45:7e:37:c1:46:e2:65:c1:26:aa:
3f:b7:97:af:c6:83:86:8f:b4:a6:de:a0:9f:7b:81:
13:ea:05:e3:78:14:d4:b7:c9:90:2f:21:1c:61:e7:
af:d1:b4:3e:95:5f:6d:7a:2b:76:68:95:66:78:09:
3d:88:32:0e:91:31:35:95:43:7a:e2:51:bb:c3:f0:
4f:0e:4c:61:e0:13:4c:9c:4e:7e:f3:56:ce:0c:53:
fe:a4:d7:4e:d3:fc:67:0c:47:bb:c6:19:07:6e:7e:
15:2e:17:e5:0f:37:92:62:75:63:07:e6:b5:7a:0a:
8e:96:b6:1e:b8:7f:1c:e3:5e:d4:aa:a7:3d:98:7a:
80:d3:30:79:a3:9e:f3:43:79:ce:ba:50:7e:e5:97:
fc:9f:c4:c8:3b:5a:cb:05:19:5a:f4:68:dc:78:af:
57:25:ee:62:f9:60:65:6c:4c:98:62:64:a2:87:d4:
4f:f9:2b:dc:37:30:4c:01:15:a3:22:a3:db:d9:f2:
f2:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:C9:CC:65:68:3B:45:10:27:CF:B4:7A:FF:98:EE:CD:E7:C6:A6:67
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/esnMZWg7RRAnz7R6_5juzefGpmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.244.0/22
83.147.252.0/22
91.186.204.0/22
91.186.216.0/22
94.241.164.0/23
94.241.168.0/21
Signature Algorithm: sha256WithRSAEncryption
47:af:db:45:ed:82:bd:ec:af:33:4a:23:27:63:fa:02:b8:07:
b7:d2:0a:c3:f5:c8:3d:6e:d8:10:27:ff:ec:0c:93:49:fd:6a:
f8:db:fd:9b:a7:5f:a3:9b:38:e0:50:84:1d:5e:4a:e2:62:16:
23:4e:7f:ec:8e:79:69:6f:19:1f:77:a0:fd:47:05:56:22:e2:
84:cf:b6:1d:14:9a:63:a0:16:dc:54:45:df:f7:60:a9:56:2a:
ad:2e:9d:d0:ef:7c:dd:c0:4b:20:36:93:29:b3:a7:b8:63:cf:
7d:34:fe:08:e9:e9:8b:d7:3c:79:18:57:6e:d0:ad:36:e5:5e:
c6:8c:09:d3:bb:a8:e5:54:8a:33:de:18:3f:77:fd:e7:68:8e:
de:75:04:4e:47:ec:e9:81:68:18:13:24:3e:74:ee:95:27:e9:
d8:06:eb:5f:31:70:23:3e:3c:8f:3d:3a:51:4d:80:62:bf:b4:
24:37:6c:5c:cd:3f:a3:60:8d:b0:f2:7a:c4:d9:01:96:1d:fc:
1d:62:7b:85:56:e4:4d:34:83:fc:48:a6:fb:da:8f:b2:77:94:
f5:04:0d:20:2b:40:28:5f:1e:8b:d5:59:b5:52:c0:d0:75:ec:
2b:d2:0a:f2:ec:90:fe:7c:f8:ba:d8:5e:a3:92:ff:a3:86:76:
a7:8f:36:ff
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY19deir2quilOc34MQmZhrtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwMjA2MDgwODE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWM5Y2M2NTY4M2I0NTEwMjdjZmI0N2FmZjk4ZWVjZGU3YzZhNjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXns0uE8PG7Yft1oI9Sg+AVpoD3t
Te28Aic5K+IkQxy5MnnaVJm1qwB9f67Nl9d7aejPX5S6xFiu8L9z5M7ehUV+N8FG
4mXBJqo/t5evxoOGj7Sm3qCfe4ET6gXjeBTUt8mQLyEcYeev0bQ+lV9teit2aJVm
eAk9iDIOkTE1lUN64lG7w/BPDkxh4BNMnE5+81bODFP+pNdO0/xnDEe7xhkHbn4V
LhflDzeSYnVjB+a1egqOlrYeuH8c417Uqqc9mHqA0zB5o57zQ3nOulB+5Zf8n8TI
O1rLBRla9GjceK9XJe5i+WBlbEyYYmSih9RP+SvcNzBMARWjIqPb2fLykQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHrJzGVoO0UQJ8+0ev+Y7s3nxqZnMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvZXNuTVpXZzdSUkFuejdSNl81anV6ZWZHcG1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCU5P0AwQC
U5P8AwQCW7rMAwQCW7rYAwQBXvGkAwQDXvGoMA0GCSqGSIb3DQEBCwUAA4IBAQBH
r9tF7YK97K8zSiMnY/oCuAe30grD9cg9btgQJ//sDJNJ/Wr42/2bp1+jmzjgUIQd
XkriYhYjTn/sjnlpbxkfd6D9RwVWIuKEz7YdFJpjoBbcVEXf92CpViqtLp3Q73zd
wEsgNpMps6e4Y899NP4I6emL1zx5GFdu0K025V7GjAnTu6jlVIoz3hg/d/3naI7e
dQROR+zpgWgYEyQ+dO6VJ+nYButfMXAjPjyPPTpRTYBiv7QkN2xczT+jYI2w8nrE
2QGWHfwdYnuFVuRNNIP8SKb72o+yd5T1BA0gK0AoXx6L1Vm1UsDQdewr0gry7JD+
fPi62F6jkv+jhnanjzb/
-----END CERTIFICATE-----
Generated at Wed Feb 7 23:05:28 2024 by rpki-client on console-fra.rpki-client.org