Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/mj5C2qrjCD6IQOSZYXMXdRsTaQ8.roa
File: mj5C2qrjCD6IQOSZYXMXdRsTaQ8.roa (raw, json)
Hash identifier: vygP9qQp6fZ2JwKZp6Mb435Ggfx3bez1bkXPzakyPQI=
Subject key identifier: 9A:3E:42:DA:AA:E3:08:3E:88:40:E4:99:61:73:17:75:1B:13:69:0F
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018CC9BA9E1701BC6AC175B50D3EACF1A065
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/mj5C2qrjCD6IQOSZYXMXdRsTaQ8.roa
Signing time: Tue 02 Jan 2024 10:31:39 +0000
ROA not before: Tue 02 Jan 2024 10:31:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 91.186.200.0/22 maxlen: 24
91.186.214.0/23 maxlen: 24
178.253.12.0/23 maxlen: 24
83.147.216.0/23 maxlen: 24
83.147.217.0/24 maxlen: 24
178.253.31.0/24 maxlen: 24
83.147.232.0/22 maxlen: 24
178.253.52.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jan 2024 06:08:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:ba:9e:17:01:bc:6a:c1:75:b5:0d:3e:ac:f1:a0:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jan 2 10:31:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a3e42daaae3083e8840e499617317751b13690f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:3e:39:06:83:2b:9e:e4:83:da:88:ea:53:38:
11:a6:90:e5:f0:0d:6d:01:18:46:f5:b7:66:82:60:
5a:c6:82:9c:74:2c:8b:ae:b9:4a:05:be:eb:34:ef:
22:1e:33:11:ad:e6:00:21:19:97:32:71:50:88:5a:
a6:ba:8d:02:46:fd:05:6c:b3:74:5d:28:37:60:59:
bc:d2:ba:a2:f2:c6:aa:7d:6c:ae:3c:01:98:f7:c6:
19:ad:2f:39:8e:77:92:11:58:12:a1:e9:37:d3:1b:
14:16:4f:29:a6:28:be:b8:18:ea:ae:18:7e:53:40:
7e:0f:07:57:e4:3c:09:81:5c:d9:63:db:02:b1:0c:
9b:39:5b:8d:3e:c8:18:6f:53:a2:c1:c4:6e:0d:18:
fb:bc:49:8c:c4:24:78:df:49:ef:95:db:5f:ca:73:
da:ec:fa:0a:7f:a5:90:59:fb:01:96:0f:0d:d0:5f:
94:38:5b:28:53:44:71:ff:63:26:af:b5:f9:af:66:
9a:55:9e:79:dc:6c:10:8d:20:82:be:06:7a:50:3f:
48:95:44:d4:ed:15:c4:41:37:b3:56:4b:c4:c2:b4:
07:72:17:db:3b:76:02:11:1a:a7:07:aa:ee:ee:81:
c3:80:b7:c3:80:7f:12:32:0b:12:58:ee:ed:e3:86:
15:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:3E:42:DA:AA:E3:08:3E:88:40:E4:99:61:73:17:75:1B:13:69:0F
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/mj5C2qrjCD6IQOSZYXMXdRsTaQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.216.0/23
83.147.232.0/22
91.186.200.0/22
91.186.214.0/23
178.253.12.0/23
178.253.31.0/24
178.253.52.0/23
Signature Algorithm: sha256WithRSAEncryption
66:ec:de:5b:67:c0:59:f6:89:1b:22:ff:47:2b:ec:be:00:72:
d4:df:79:5c:15:c4:1f:ac:f4:12:78:53:c4:53:8f:76:74:14:
1b:64:fe:ba:7b:0d:44:d4:1a:cc:ab:5f:48:fe:24:ac:74:61:
8e:67:80:5f:de:ef:c4:72:46:11:62:c4:48:87:11:64:a0:97:
56:1b:38:5e:bc:5e:4b:7c:81:b0:d6:8f:25:4f:fe:a1:9b:a4:
fc:0b:85:26:e0:0b:27:d1:70:5d:92:ff:6b:ec:18:47:6e:2b:
5a:cf:0e:d0:30:51:02:f8:2b:33:a6:ee:d5:1c:d9:de:a5:cf:
91:48:2a:49:84:54:f6:7b:97:9a:da:69:f3:11:97:b9:a8:95:
57:be:6c:64:aa:b8:5a:0d:9a:80:43:2b:59:b5:ad:1b:0f:07:
c9:cc:f5:03:65:f2:c9:e9:b1:f6:03:42:4a:a5:63:37:b8:61:
1b:33:58:e0:a8:0f:65:08:39:21:b3:e7:1f:ad:bf:a3:80:60:
9b:41:e8:e0:ac:3e:93:b5:ef:65:bd:a7:ce:eb:67:fd:ca:09:
a9:70:13:c5:64:e3:27:f8:6f:97:17:7f:32:86:43:f9:13:84:
45:2d:6f:ac:46:03:e6:74:4b:3f:b2:91:f4:f0:14:fd:be:0a:
1c:3d:d1:90
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzJup4XAbxqwXW1DT6s8aBlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwMTAyMTAzMTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTNlNDJkYWFhZTMwODNlODg0MGU0OTk2MTczMTc3NTFiMTM2OTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqz45BoMrnuSD2ojqUzgRppDl8A1t
ARhG9bdmgmBaxoKcdCyLrrlKBb7rNO8iHjMRreYAIRmXMnFQiFqmuo0CRv0FbLN0
XSg3YFm80rqi8saqfWyuPAGY98YZrS85jneSEVgSoek30xsUFk8ppii+uBjqrhh+
U0B+DwdX5DwJgVzZY9sCsQybOVuNPsgYb1OiwcRuDRj7vEmMxCR430nvldtfynPa
7PoKf6WQWfsBlg8N0F+UOFsoU0Rx/2Mmr7X5r2aaVZ553GwQjSCCvgZ6UD9IlUTU
7RXEQTezVkvEwrQHchfbO3YCERqnB6ru7oHDgLfDgH8SMgsSWO7t44YVrwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJo+Qtqq4wg+iEDkmWFzF3UbE2kPMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvbWo1QzJxcmpDRDZJUU9TWllYTVhkUnNUYVE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBU5PYAwQC
U5PoAwQCW7rIAwQBW7rWAwQBsv0MAwQAsv0fAwQBsv00MA0GCSqGSIb3DQEBCwUA
A4IBAQBm7N5bZ8BZ9okbIv9HK+y+AHLU33lcFcQfrPQSeFPEU492dBQbZP66ew1E
1BrMq19I/iSsdGGOZ4Bf3u/EckYRYsRIhxFkoJdWGzhevF5LfIGw1o8lT/6hm6T8
C4Um4Asn0XBdkv9r7BhHbitazw7QMFEC+Cszpu7VHNnepc+RSCpJhFT2e5ea2mnz
EZe5qJVXvmxkqrhaDZqAQytZta0bDwfJzPUDZfLJ6bH2A0JKpWM3uGEbM1jgqA9l
CDkhs+cfrb+jgGCbQejgrD6Tte9lvafO62f9ygmpcBPFZOMn+G+XF38yhkP5E4RF
LW+sRgPmdEs/spH08BT9vgocPdGQ
-----END CERTIFICATE-----
Generated at Thu Jan 11 06:52:36 2024 by rpki-client on console-fra.rpki-client.org