Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/gLTTIrnDhy1h7XMFuDkLN5hOUL0.roa
File: gLTTIrnDhy1h7XMFuDkLN5hOUL0.roa (raw, json)
Hash identifier: H2LuX5DNicaT+iLb2tB+vtl4uZf0eEl2Eh0KrDzKcIc=
Subject key identifier: 80:B4:D3:22:B9:C3:87:2D:61:ED:73:05:B8:39:0B:37:98:4E:50:BD
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018E15B3AF383E18631D14865CF681522048
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/gLTTIrnDhy1h7XMFuDkLN5hOUL0.roa
Signing time: Wed 06 Mar 2024 21:38:01 +0000
ROA not before: Wed 06 Mar 2024 21:38:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.244.0/22 maxlen: 24
91.186.204.0/22 maxlen: 24
94.241.168.0/21 maxlen: 24
178.253.44.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 08 Mar 2024 23:29:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:15:b3:af:38:3e:18:63:1d:14:86:5c:f6:81:52:20:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Mar 6 21:38:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80b4d322b9c3872d61ed7305b8390b37984e50bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:52:e0:1c:8d:81:e7:a8:b0:25:41:bc:b1:24:
e6:78:18:22:27:47:ab:f1:4f:1f:7a:bb:1d:1b:6d:
70:70:4c:d1:15:62:b6:81:48:bc:0f:5d:fd:55:f2:
f1:08:cb:49:7c:9a:95:12:89:c5:55:9e:2d:10:e9:
4c:6c:bf:2b:3f:97:bb:6c:82:00:5b:08:15:a1:59:
ec:7e:8b:5b:f0:a9:70:d5:0b:3b:70:51:f3:4c:40:
35:9d:ee:6a:8e:f6:f4:49:55:a7:f3:11:b1:62:71:
2d:03:6d:8d:f3:8d:a2:a0:66:6a:ca:b9:4c:0e:d8:
01:e3:1f:a2:93:8e:ff:dc:ca:0f:76:03:60:96:d8:
ac:5c:34:81:6f:54:01:e8:1c:80:77:84:f9:cf:cb:
fc:f9:0d:41:df:57:87:6f:d1:4f:d2:db:8f:91:5b:
ed:46:b2:9d:40:26:9f:a8:ea:79:6c:6c:1c:67:ec:
41:fa:53:fc:f6:72:bb:75:88:d5:91:fb:71:eb:14:
e0:55:4a:a8:91:4b:db:99:f4:00:d2:8d:2a:8a:a6:
6e:34:b9:b7:6c:8c:ef:1e:81:36:42:62:8c:f3:21:
04:95:ec:4a:f3:44:90:9c:09:85:8d:20:35:fe:f4:
a9:95:48:55:a7:67:a0:3d:6c:fa:c7:b0:20:62:fe:
c0:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:B4:D3:22:B9:C3:87:2D:61:ED:73:05:B8:39:0B:37:98:4E:50:BD
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/gLTTIrnDhy1h7XMFuDkLN5hOUL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.244.0/22
91.186.204.0/22
94.241.168.0/21
178.253.44.0/23
Signature Algorithm: sha256WithRSAEncryption
38:7e:16:b4:5c:ce:3c:aa:e2:a0:33:c8:00:0e:ae:64:a0:a0:
45:77:ff:18:6a:06:9a:6d:83:1e:cd:4e:ef:8f:ae:18:b5:4a:
7d:2a:57:29:cc:36:5a:4f:27:d6:6e:81:dd:1f:d7:ce:5a:4a:
31:41:c9:4d:85:37:79:24:ec:36:5b:be:4d:eb:73:29:33:5a:
35:ef:cb:0e:09:e6:d5:0a:12:7d:f7:3b:60:33:ce:ef:4c:ae:
97:b8:01:da:dc:f6:23:dc:d7:1f:13:f4:8b:23:2d:ae:bd:1d:
a6:3f:b7:af:e0:37:8b:ec:45:78:e3:66:bf:5c:bb:48:17:59:
25:93:42:99:29:93:20:87:de:ab:75:fe:7e:7d:5c:d4:4a:30:
b6:04:ed:3d:b4:27:93:95:eb:36:dd:ff:0b:62:32:42:0d:73:
16:4c:33:17:85:2c:0d:c6:c4:32:d8:36:a1:b0:12:7b:6e:1e:
c8:9b:92:44:a8:84:38:de:c0:cf:41:98:45:43:83:9a:08:13:
d2:7e:25:2c:9c:47:4d:70:91:f5:bf:a6:0d:bd:92:f3:d4:a9:
f3:f3:b2:22:94:5f:95:6d:9f:62:9e:f4:74:a5:23:b2:f5:44:
6d:92:0c:16:e9:80:b8:48:cb:b0:0d:f6:7d:35:c6:18:8c:f7:
b3:0a:56:49
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY4Vs684PhhjHRSGXPaBUiBIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwMzA2MjEzODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGI0ZDMyMmI5YzM4NzJkNjFlZDczMDViODM5MGIzNzk4NGU1MGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlLgHI2B56iwJUG8sSTmeBgiJ0er
8U8fersdG21wcEzRFWK2gUi8D139VfLxCMtJfJqVEonFVZ4tEOlMbL8rP5e7bIIA
WwgVoVnsfotb8Klw1Qs7cFHzTEA1ne5qjvb0SVWn8xGxYnEtA22N842ioGZqyrlM
DtgB4x+ik47/3MoPdgNgltisXDSBb1QB6ByAd4T5z8v8+Q1B31eHb9FP0tuPkVvt
RrKdQCafqOp5bGwcZ+xB+lP89nK7dYjVkftx6xTgVUqokUvbmfQA0o0qiqZuNLm3
bIzvHoE2QmKM8yEElexK80SQnAmFjSA1/vSplUhVp2egPWz6x7AgYv7AfwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIC00yK5w4ctYe1zBbg5CzeYTlC9MB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvZ0xUVElybkRoeTFoN1hNRnVEa0xONWhPVUwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCU5P0AwQC
W7rMAwQDXvGoAwQBsv0sMA0GCSqGSIb3DQEBCwUAA4IBAQA4fha0XM48quKgM8gA
Dq5koKBFd/8YagaabYMezU7vj64YtUp9KlcpzDZaTyfWboHdH9fOWkoxQclNhTd5
JOw2W75N63MpM1o178sOCebVChJ99ztgM87vTK6XuAHa3PYj3NcfE/SLIy2uvR2m
P7ev4DeL7EV442a/XLtIF1klk0KZKZMgh96rdf5+fVzUSjC2BO09tCeTles23f8L
YjJCDXMWTDMXhSwNxsQy2DahsBJ7bh7Im5JEqIQ43sDPQZhFQ4OaCBPSfiUsnEdN
cJH1v6YNvZLz1Knz87IilF+VbZ9invR0pSOy9URtkgwW6YC4SMuwDfZ9NcYYjPez
ClZJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:19 2024 by rpki-client on console-ams.rpki-client.org