Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/mKCc6y1638a0hhAnitCgWmREqes.roa
File: mKCc6y1638a0hhAnitCgWmREqes.roa (raw, json)
Hash identifier: GBY7F/MUGuv1gKeSMrBkUa8SPa8cp7e3WYOjSOGx8iA=
Subject key identifier: 98:A0:9C:EB:2D:7A:DF:C6:B4:86:10:27:8A:D0:A0:5A:64:44:A9:EB
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018D0BC86E1FC6BBFD031B527AA34D154A8F
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/mKCc6y1638a0hhAnitCgWmREqes.roa
Signing time: Mon 15 Jan 2024 06:21:41 +0000
ROA not before: Mon 15 Jan 2024 06:21:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.186.204.0/22 maxlen: 24
91.186.216.0/22 maxlen: 24
94.241.168.0/21 maxlen: 24
83.147.244.0/22 maxlen: 24
83.147.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 Jan 2024 06:16:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0b:c8:6e:1f:c6:bb:fd:03:1b:52:7a:a3:4d:15:4a:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jan 15 06:21:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98a09ceb2d7adfc6b48610278ad0a05a6444a9eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ba:ab:c8:12:9c:24:13:8c:42:ee:f7:b8:e3:
36:9c:0b:9f:e7:28:a7:6d:3e:c4:fb:44:8f:16:1e:
87:86:67:7c:75:d5:f1:37:c5:15:52:c3:57:0c:8b:
bf:46:95:92:0d:af:da:35:58:03:27:0a:04:cd:8f:
05:b8:61:47:81:cb:a2:23:b5:cb:4f:02:bb:d5:54:
ea:d3:35:8e:01:2a:57:4e:91:5f:ab:d5:4d:9e:d6:
cd:a2:7d:d1:49:bf:7a:64:13:1b:c3:22:b2:a5:ed:
ef:80:96:22:b1:26:db:e4:aa:ec:f5:3a:e2:44:e6:
5f:ca:91:85:35:d5:34:4c:7e:7c:2d:5e:99:42:ba:
74:14:c3:3c:41:3b:c1:ae:4c:31:03:6d:fa:0c:8a:
8f:84:7f:20:54:80:56:63:a7:af:1a:bd:be:e9:c7:
ee:aa:ba:31:0c:ce:50:68:ff:3b:7b:c3:b4:37:a7:
f5:d2:40:90:cf:3f:7d:b4:b7:cd:df:a3:93:42:c3:
fe:27:67:dc:2c:65:e0:a7:ba:a7:1c:34:18:aa:42:
0d:bc:7f:07:2c:19:61:5c:3f:c1:62:b4:90:26:40:
a2:b0:bd:ec:4a:c5:3f:54:51:42:3a:95:c6:da:e3:
1a:a7:92:e3:f0:eb:00:fa:f0:4e:57:7e:3f:57:e0:
91:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:A0:9C:EB:2D:7A:DF:C6:B4:86:10:27:8A:D0:A0:5A:64:44:A9:EB
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/mKCc6y1638a0hhAnitCgWmREqes.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.244.0/22
83.147.252.0/22
91.186.204.0/22
91.186.216.0/22
94.241.168.0/21
Signature Algorithm: sha256WithRSAEncryption
1e:38:f8:5f:40:bf:35:ad:f2:09:b2:bb:4c:0a:cf:cb:b8:99:
09:88:0b:6a:0f:d7:67:3c:41:b1:58:c7:95:16:a7:0c:4c:8c:
f9:88:c0:7b:a3:96:1e:44:64:83:a1:ee:15:a7:b3:b7:48:89:
ab:c0:22:06:82:dd:42:cc:c4:c5:d2:2b:4d:96:5b:37:20:71:
3a:a2:13:b3:b4:f5:9d:96:b5:f2:36:80:3c:b2:4d:43:10:22:
8d:16:fc:5f:9c:fa:ed:aa:c4:c1:35:31:de:60:37:71:6c:38:
68:bb:78:a4:0c:94:90:9d:03:8e:b1:d9:cd:f6:f1:8a:48:99:
4b:ba:c2:73:ce:6b:8a:f6:0d:4c:8b:a7:25:e4:81:17:b0:64:
79:61:5c:17:86:8e:df:4c:db:c3:96:4d:98:61:f5:7d:67:d0:
9d:73:c6:87:27:3a:38:1a:3c:1d:7d:fc:9d:61:0c:be:41:48:
93:e4:22:80:68:cd:1c:b9:1e:1e:50:21:9e:a2:3e:f5:43:27:
b3:f1:6b:b5:73:b5:94:eb:06:cd:64:e0:93:96:6b:4b:1b:db:
ef:c8:83:d0:5d:aa:c7:63:8e:65:e9:04:c4:46:70:25:fe:8b:
4c:bc:a4:ec:5e:af:22:41:9d:48:f3:66:e1:c8:10:db:d4:f5:
ac:bf:83:e7
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY0LyG4fxrv9AxtSeqNNFUqPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwMTE1MDYyMTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGEwOWNlYjJkN2FkZmM2YjQ4NjEwMjc4YWQwYTA1YTY0NDRhOWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbqryBKcJBOMQu73uOM2nAuf5yin
bT7E+0SPFh6Hhmd8ddXxN8UVUsNXDIu/RpWSDa/aNVgDJwoEzY8FuGFHgcuiI7XL
TwK71VTq0zWOASpXTpFfq9VNntbNon3RSb96ZBMbwyKype3vgJYisSbb5Krs9Tri
ROZfypGFNdU0TH58LV6ZQrp0FMM8QTvBrkwxA236DIqPhH8gVIBWY6evGr2+6cfu
qroxDM5QaP87e8O0N6f10kCQzz99tLfN36OTQsP+J2fcLGXgp7qnHDQYqkINvH8H
LBlhXD/BYrSQJkCisL3sSsU/VFFCOpXG2uMap5Lj8OsA+vBOV34/V+CR0wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJignOstet/GtIYQJ4rQoFpkRKnrMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvbUtDYzZ5MTYzOGEwaGhBbml0Q2dXbVJFcWVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCU5P0AwQC
U5P8AwQCW7rMAwQCW7rYAwQDXvGoMA0GCSqGSIb3DQEBCwUAA4IBAQAeOPhfQL81
rfIJsrtMCs/LuJkJiAtqD9dnPEGxWMeVFqcMTIz5iMB7o5YeRGSDoe4Vp7O3SImr
wCIGgt1CzMTF0itNlls3IHE6ohOztPWdlrXyNoA8sk1DECKNFvxfnPrtqsTBNTHe
YDdxbDhou3ikDJSQnQOOsdnN9vGKSJlLusJzzmuK9g1Mi6cl5IEXsGR5YVwXho7f
TNvDlk2YYfV9Z9Cdc8aHJzo4GjwdffydYQy+QUiT5CKAaM0cuR4eUCGeoj71Qyez
8Wu1c7WU6wbNZOCTlmtLG9vvyIPQXarHY45l6QTERnAl/otMvKTsXq8iQZ1I82bh
yBDb1PWsv4Pn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:10 2024 by rpki-client on console-fra.rpki-client.org