Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/nREi2msFilgxkTYuMCPXu8jvEOE.roa
File: nREi2msFilgxkTYuMCPXu8jvEOE.roa (raw, json)
Hash identifier: pGKxA2AdmCkhCEdw4kWVoIy59g2LwzC9YgwZsZn/FrQ=
Subject key identifier: 9D:11:22:DA:6B:05:8A:58:31:91:36:2E:30:23:D7:BB:C8:EF:10:E1
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018D8960716B6D0C0F8BF0F2AF6C37D2B8CB
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/nREi2msFilgxkTYuMCPXu8jvEOE.roa
Signing time: Thu 08 Feb 2024 15:40:15 +0000
ROA not before: Thu 08 Feb 2024 15:40:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.244.0/22 maxlen: 24
91.186.204.0/22 maxlen: 24
91.186.216.0/22 maxlen: 24
94.241.168.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Mar 2024 21:51:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:89:60:71:6b:6d:0c:0f:8b:f0:f2:af:6c:37:d2:b8:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Feb 8 15:40:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d1122da6b058a583191362e3023d7bbc8ef10e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:f8:56:4e:49:35:2f:c8:ae:ce:b2:cc:f7:f4:
ff:93:91:2b:7a:ca:c0:a3:f5:43:91:19:18:ec:44:
ac:9b:a0:6b:a8:24:67:76:71:b7:4d:3c:ba:cc:e7:
1a:52:9e:db:5b:ce:6f:c5:c7:40:a1:31:b3:43:5d:
87:31:6d:6d:87:27:99:48:f1:f2:e1:38:06:4f:2f:
f6:d0:0e:7b:87:16:59:27:a0:5e:0d:9b:6b:ef:e7:
7b:61:48:41:62:46:d8:6b:bd:67:c4:98:bb:e1:45:
ae:74:35:38:c5:59:50:71:a3:c8:7e:53:00:1d:fc:
81:b6:c4:5d:fb:f4:50:fd:50:52:45:8d:f2:1f:1c:
25:c2:3a:db:2b:57:85:0a:38:89:42:52:00:e7:2c:
fc:9e:ec:77:7b:a6:cd:03:66:e7:74:8e:0d:c4:29:
e7:28:78:31:39:a7:72:ea:a5:39:cb:57:2d:e6:9e:
c7:e6:18:c6:69:5c:c8:89:c0:31:fa:e4:94:71:4d:
83:31:bf:1d:f7:32:1e:e7:45:89:ec:82:14:4a:c7:
6e:12:44:00:fc:d5:93:ec:d6:b0:3d:23:ce:67:f9:
64:74:19:5f:86:f8:cd:b4:44:24:a5:1c:19:3e:38:
11:51:30:9b:fc:d1:a7:fa:f5:1a:f5:71:3d:e1:7a:
2d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:11:22:DA:6B:05:8A:58:31:91:36:2E:30:23:D7:BB:C8:EF:10:E1
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/nREi2msFilgxkTYuMCPXu8jvEOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.244.0/22
91.186.204.0/22
91.186.216.0/22
94.241.168.0/21
Signature Algorithm: sha256WithRSAEncryption
24:35:59:0d:d7:7b:a9:96:3d:cc:f4:db:a1:c8:84:4f:fe:41:
32:75:21:95:ae:eb:f8:a8:c8:0e:a5:ae:cb:08:5e:be:63:04:
43:76:7e:da:ff:38:90:27:84:dc:e3:8c:32:44:6c:94:fc:34:
ca:5b:7a:aa:c0:50:6f:be:6a:11:40:c3:40:13:16:a6:39:aa:
1e:ee:38:e8:69:a9:10:81:ed:46:a6:f3:15:92:26:38:d4:09:
6c:da:43:61:d4:59:c2:ef:7f:e0:07:25:4c:87:4e:c1:36:a2:
90:72:42:b6:01:54:b7:e7:fc:ed:fd:6f:2e:ce:ed:f7:3b:c3:
4c:41:a1:07:25:51:09:18:f1:1b:a1:b5:95:da:70:15:7e:d8:
4f:76:e3:0a:99:b7:15:0f:1b:49:79:08:07:41:97:8a:d2:5a:
1b:0d:13:1e:a1:e7:bc:b8:9b:04:a5:84:bb:e5:12:c0:34:f2:
3b:81:9d:46:c7:5e:3c:49:b8:8b:25:b3:b6:1c:e1:9b:c7:75:
1d:3e:40:c4:c4:76:0d:46:36:af:63:08:68:b3:56:f1:fb:7d:
e2:90:18:79:8d:c2:36:e8:2c:85:07:69:30:7a:82:a5:cd:89:
03:20:a2:37:42:f1:d9:ca:1a:57:f0:65:47:98:46:45:3d:6b:
22:ae:3a:74
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY2JYHFrbQwPi/Dyr2w30rjLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwMjA4MTU0MDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDExMjJkYTZiMDU4YTU4MzE5MTM2MmUzMDIzZDdiYmM4ZWYxMGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/hWTkk1L8iuzrLM9/T/k5EresrA
o/VDkRkY7ESsm6BrqCRndnG3TTy6zOcaUp7bW85vxcdAoTGzQ12HMW1thyeZSPHy
4TgGTy/20A57hxZZJ6BeDZtr7+d7YUhBYkbYa71nxJi74UWudDU4xVlQcaPIflMA
HfyBtsRd+/RQ/VBSRY3yHxwlwjrbK1eFCjiJQlIA5yz8nux3e6bNA2bndI4NxCnn
KHgxOady6qU5y1ct5p7H5hjGaVzIicAx+uSUcU2DMb8d9zIe50WJ7IIUSsduEkQA
/NWT7NawPSPOZ/lkdBlfhvjNtEQkpRwZPjgRUTCb/NGn+vUa9XE94XotxwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJ0RItprBYpYMZE2LjAj17vI7xDhMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvblJFaTJtc0ZpbGd4a1RZdU1DUFh1OGp2RU9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCU5P0AwQC
W7rMAwQCW7rYAwQDXvGoMA0GCSqGSIb3DQEBCwUAA4IBAQAkNVkN13uplj3M9Nuh
yIRP/kEydSGVruv4qMgOpa7LCF6+YwRDdn7a/ziQJ4Tc44wyRGyU/DTKW3qqwFBv
vmoRQMNAExamOaoe7jjoaakQge1GpvMVkiY41Als2kNh1FnC73/gByVMh07BNqKQ
ckK2AVS35/zt/W8uzu33O8NMQaEHJVEJGPEbobWV2nAVfthPduMKmbcVDxtJeQgH
QZeK0lobDRMeoee8uJsEpYS75RLANPI7gZ1Gx148SbiLJbO2HOGbx3UdPkDExHYN
RjavYwhos1bx+33ikBh5jcI26CyFB2kweoKlzYkDIKI3QvHZyhpX8GVHmEZFPWsi
rjp0
-----END CERTIFICATE-----
Generated at Tue Mar 5 23:56:57 2024 by rpki-client on console-ams.rpki-client.org