Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/m7KzhaDIc_NAuo4kgWJtqF7u080.roa
File: m7KzhaDIc_NAuo4kgWJtqF7u080.roa (raw, json)
Hash identifier: 8lydgNBNL2E/BhMuDEk7T69cOJ7hxwpiErOHADihdq4=
Subject key identifier: 9B:B2:B3:85:A0:C8:73:F3:40:BA:8E:24:81:62:6D:A8:5E:EE:D3:CD
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018E34BE3945C80EC896B57EAA7DAE417975
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/m7KzhaDIc_NAuo4kgWJtqF7u080.roa
Signing time: Tue 12 Mar 2024 22:17:45 +0000
ROA not before: Tue 12 Mar 2024 22:17:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.244.0/22 maxlen: 24
91.186.204.0/22 maxlen: 24
94.241.162.0/23 maxlen: 24
94.241.168.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sat 23 Mar 2024 14:23:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:34:be:39:45:c8:0e:c8:96:b5:7e:aa:7d:ae:41:79:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Mar 12 22:17:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9bb2b385a0c873f340ba8e2481626da85eeed3cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:5c:7a:ee:80:6b:0e:fb:03:f5:2c:24:f0:81:
e6:ba:e3:5a:96:bc:30:9e:54:72:0b:1a:a8:7d:0d:
ed:c4:a5:08:88:de:c9:8a:6f:e8:ac:0f:c8:10:56:
97:ef:5b:30:59:a5:ae:9a:13:5d:37:71:73:d4:f4:
b2:c0:b9:0b:42:a5:ab:e0:b4:c6:62:d2:43:7e:76:
11:5a:b7:d3:ff:19:ee:a2:bf:1c:7a:cc:10:cb:3c:
17:e9:83:a5:72:62:2b:ba:6a:ff:86:c4:fe:c6:06:
6c:4d:3c:4f:1a:cd:69:91:13:cc:8a:9a:c0:6a:fd:
f1:ca:f1:e2:22:de:62:5c:c0:ea:aa:51:99:33:5f:
2d:ff:c7:e9:3a:58:a9:66:b4:f8:46:b2:70:7b:60:
ae:32:43:f3:b5:b4:1d:80:0d:77:b7:b2:21:7f:fb:
f4:fe:43:b9:df:f3:72:c9:99:46:ee:ab:61:a8:7d:
95:97:35:35:10:b9:d7:5b:f8:5e:13:b7:b0:96:c4:
d1:24:02:58:dd:3b:46:f5:5c:1e:43:82:e8:45:42:
56:d8:30:43:32:f3:b9:38:81:d7:53:37:25:5d:4d:
fa:1f:54:68:6a:3b:86:c7:ff:83:d2:c1:e4:71:43:
9e:47:97:f5:0f:53:d1:24:1e:51:a3:3c:12:df:f6:
05:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:B2:B3:85:A0:C8:73:F3:40:BA:8E:24:81:62:6D:A8:5E:EE:D3:CD
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/m7KzhaDIc_NAuo4kgWJtqF7u080.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.244.0/22
91.186.204.0/22
94.241.162.0/23
94.241.168.0/21
Signature Algorithm: sha256WithRSAEncryption
21:e5:a2:e1:e5:72:50:1a:ac:0b:50:f6:1f:e2:29:e6:90:cf:
6f:ad:00:fc:59:d7:a1:5b:ab:1d:0c:1f:04:f0:59:c4:94:8e:
2e:ab:7d:bd:90:55:1f:41:33:96:51:61:00:56:e9:5b:d6:9b:
58:7c:9d:2b:95:ad:79:8b:04:51:70:75:07:b8:69:b1:58:b4:
df:5d:59:d7:35:9b:ad:5a:9b:b6:ce:95:b5:66:16:40:92:de:
7a:fc:1e:bd:f7:97:dd:75:09:4b:9b:aa:d4:b2:fd:fc:c1:d2:
58:a9:83:42:9d:29:00:62:db:f4:26:9c:f5:09:3f:be:dc:30:
06:70:ee:42:9b:5d:59:1b:2f:d6:c3:5d:8e:70:ac:0f:7e:9a:
ce:14:90:f4:7b:4c:cf:14:3e:8a:5b:00:63:3a:02:e0:eb:b3:
f7:91:57:6f:8c:8a:a5:83:aa:0b:4d:96:32:34:78:45:8d:29:
74:16:24:30:54:53:c8:82:1f:f5:46:d2:1c:a6:15:4c:99:1c:
b3:31:83:f7:c9:05:97:b4:4f:f6:25:79:c3:29:21:98:69:10:
90:4e:2d:2c:f9:c5:b4:79:ce:75:f6:98:b9:6f:6f:f1:a2:c3:
a7:d3:d2:22:fb:ce:df:e2:7f:83:49:d5:86:06:0f:ce:c1:8d:
6f:86:8d:1a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY40vjlFyA7IlrV+qn2uQXl1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwMzEyMjIxNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmIyYjM4NWEwYzg3M2YzNDBiYThlMjQ4MTYyNmRhODVlZWVkM2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1x67oBrDvsD9Swk8IHmuuNalrww
nlRyCxqofQ3txKUIiN7Jim/orA/IEFaX71swWaWumhNdN3Fz1PSywLkLQqWr4LTG
YtJDfnYRWrfT/xnuor8ceswQyzwX6YOlcmIrumr/hsT+xgZsTTxPGs1pkRPMiprA
av3xyvHiIt5iXMDqqlGZM18t/8fpOlipZrT4RrJwe2CuMkPztbQdgA13t7Ihf/v0
/kO53/NyyZlG7qthqH2VlzU1ELnXW/heE7ewlsTRJAJY3TtG9VweQ4LoRUJW2DBD
MvO5OIHXUzclXU36H1RoajuGx/+D0sHkcUOeR5f1D1PRJB5RozwS3/YFXwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJuys4WgyHPzQLqOJIFibahe7tPNMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvbTdLemhhREljX05BdW80a2dXSnRxRjd1MDgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCU5P0AwQC
W7rMAwQBXvGiAwQDXvGoMA0GCSqGSIb3DQEBCwUAA4IBAQAh5aLh5XJQGqwLUPYf
4inmkM9vrQD8WdehW6sdDB8E8FnElI4uq329kFUfQTOWUWEAVulb1ptYfJ0rla15
iwRRcHUHuGmxWLTfXVnXNZutWpu2zpW1ZhZAkt56/B6995fddQlLm6rUsv38wdJY
qYNCnSkAYtv0Jpz1CT++3DAGcO5Cm11ZGy/Ww12OcKwPfprOFJD0e0zPFD6KWwBj
OgLg67P3kVdvjIqlg6oLTZYyNHhFjSl0FiQwVFPIgh/1RtIcphVMmRyzMYP3yQWX
tE/2JXnDKSGYaRCQTi0s+cW0ec519pi5b2/xosOn09Ii+87f4n+DSdWGBg/OwY1v
ho0a
-----END CERTIFICATE-----
Generated at Sat Mar 23 16:47:15 2024 by rpki-client on console-ams.rpki-client.org