Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/gXXI3UCQuojvH-wI7OZY0KK_9O0.roa
File: gXXI3UCQuojvH-wI7OZY0KK_9O0.roa (raw, json)
Hash identifier: OewaHRcRUAJZWS+FBv8rhD7lcmAByaLYjFOjlS9ENVI=
Subject key identifier: 81:75:C8:DD:40:90:BA:88:EF:1F:EC:08:EC:E6:58:D0:A2:BF:F4:ED
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018A045A0D53135062DF6063C7C95C7A51EC
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/gXXI3UCQuojvH-wI7OZY0KK_9O0.roa
Signing time: Thu 17 Aug 2023 16:35:25 +0000
ROA not before: Thu 17 Aug 2023 16:35:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.186.216.0/22 maxlen: 24
94.241.168.0/21 maxlen: 24
178.253.22.0/23 maxlen: 24
83.147.244.0/22 maxlen: 24
83.147.252.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:04:5a:0d:53:13:50:62:df:60:63:c7:c9:5c:7a:51:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Aug 17 16:35:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8175c8dd4090ba88ef1fec08ece658d0a2bff4ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:18:01:9f:87:8a:5a:ff:cc:96:ef:f8:01:6e:
91:bb:93:7b:bb:d6:c3:e7:0a:85:06:b7:35:12:22:
20:3d:99:ba:e9:d7:9c:b9:0e:59:14:98:06:52:ec:
2b:16:28:f9:55:9b:06:06:a4:8f:8b:1f:57:2f:78:
bf:ff:99:1d:ad:b3:0c:a3:1d:ca:0d:d8:60:a8:83:
55:94:11:f7:20:49:b3:6e:be:a5:13:34:85:98:df:
5d:18:58:ab:0d:f1:7c:4f:7e:dc:77:b6:1d:81:7f:
12:bb:52:2f:37:27:13:31:62:21:cb:ef:da:60:d5:
90:67:59:c2:b2:04:ad:32:91:cc:94:b7:db:74:d0:
01:6e:22:19:36:c2:e4:ac:36:8a:1e:6a:13:70:69:
f8:35:0f:92:a5:b2:de:9c:d0:96:05:08:94:6c:16:
75:4c:9b:b7:11:1d:d6:a0:4c:f9:1f:18:9d:49:10:
04:db:92:5f:88:62:3f:ff:59:58:25:ef:bd:4e:86:
b5:3e:0b:95:ab:fd:8a:7f:6b:fc:0d:0f:2e:11:93:
9d:5f:f0:89:57:b1:04:95:c2:6d:d0:95:6b:2f:af:
a5:ff:bd:c4:81:e6:89:eb:75:6b:10:fd:de:1f:ef:
e4:1f:ff:f3:fa:80:18:90:8c:e4:1d:67:45:6e:b4:
cf:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:75:C8:DD:40:90:BA:88:EF:1F:EC:08:EC:E6:58:D0:A2:BF:F4:ED
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/gXXI3UCQuojvH-wI7OZY0KK_9O0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.244.0/22
83.147.252.0/22
91.186.216.0/22
94.241.168.0/21
178.253.22.0/23
Signature Algorithm: sha256WithRSAEncryption
5f:02:14:fc:ce:2e:1e:57:96:2c:64:24:5f:e1:c9:d2:11:2b:
2b:93:84:e8:79:dc:7a:f0:bd:d8:11:7a:7b:cd:db:f2:a9:28:
0c:12:a9:e4:55:eb:cc:c2:62:64:a4:4b:a2:56:7f:29:6c:0a:
a3:5c:c9:e8:9c:73:86:e2:9f:bc:c3:5a:33:b5:c1:6d:bc:92:
8a:3a:d6:45:9e:ec:4d:97:d0:f4:e8:de:b8:ee:10:59:f6:4e:
2f:0a:20:a6:98:ee:b0:62:dd:aa:92:4b:38:85:e1:c6:03:51:
41:8e:52:a2:67:72:c0:fa:c5:d0:a6:e1:e1:1c:f8:4c:ef:e9:
b9:ed:90:55:04:a1:4a:d3:95:ec:48:89:4b:a5:65:7d:78:41:
4d:53:3d:2f:69:48:a3:f4:ce:78:d8:22:b0:2f:39:8f:a6:3e:
50:9d:c0:cd:23:34:bd:07:f4:85:db:8e:41:4f:32:69:e2:42:
5e:2f:e7:93:39:14:d1:81:b8:34:a5:8b:a9:cf:17:f1:f0:bb:
a7:84:8f:ea:17:c1:bd:a6:e3:6d:6e:8b:94:7c:54:e0:00:a4:
df:3d:15:82:be:b5:3e:00:8e:8a:93:e9:63:f1:08:5b:29:8b:
06:08:ec:48:35:e9:d8:f0:8b:b7:b1:64:82:db:db:75:f3:96:
c9:65:ae:f2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYoEWg1TE1Bi32Bjx8lcelHsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwODE3MTYzNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTc1YzhkZDQwOTBiYTg4ZWYxZmVjMDhlY2U2NThkMGEyYmZmNGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxgBn4eKWv/Mlu/4AW6Ru5N7u9bD
5wqFBrc1EiIgPZm66decuQ5ZFJgGUuwrFij5VZsGBqSPix9XL3i//5kdrbMMox3K
DdhgqINVlBH3IEmzbr6lEzSFmN9dGFirDfF8T37cd7YdgX8Su1IvNycTMWIhy+/a
YNWQZ1nCsgStMpHMlLfbdNABbiIZNsLkrDaKHmoTcGn4NQ+SpbLenNCWBQiUbBZ1
TJu3ER3WoEz5HxidSRAE25JfiGI//1lYJe+9Toa1PguVq/2Kf2v8DQ8uEZOdX/CJ
V7EElcJt0JVrL6+l/73EgeaJ63VrEP3eH+/kH//z+oAYkIzkHWdFbrTPRwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIF1yN1AkLqI7x/sCOzmWNCiv/TtMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvZ1hYSTNVQ1F1b2p2SC13STdPWlkwS0tfOU8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCU5P0AwQC
U5P8AwQCW7rYAwQDXvGoAwQBsv0WMA0GCSqGSIb3DQEBCwUAA4IBAQBfAhT8zi4e
V5YsZCRf4cnSESsrk4Toedx68L3YEXp7zdvyqSgMEqnkVevMwmJkpEuiVn8pbAqj
XMnonHOG4p+8w1oztcFtvJKKOtZFnuxNl9D06N647hBZ9k4vCiCmmO6wYt2qkks4
heHGA1FBjlKiZ3LA+sXQpuHhHPhM7+m57ZBVBKFK05XsSIlLpWV9eEFNUz0vaUij
9M542CKwLzmPpj5QncDNIzS9B/SF245BTzJp4kJeL+eTORTRgbg0pYupzxfx8Lun
hI/qF8G9puNtbouUfFTgAKTfPRWCvrU+AI6Kk+lj8QhbKYsGCOxINenY8Iu3sWSC
29t185bJZa7y
Generated at Sat Aug 19 01:17:48 2023 by rpki-client on console-fra.rpki-client.org