Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/qKnHDzJOkLdwYJ9jhOj233--F8g.roa
File: qKnHDzJOkLdwYJ9jhOj233--F8g.roa (raw, json)
Hash identifier: JkNubxPLJ0pF2non9rz+uH/IdOuvjcOfwEf/0t3UIcE=
Subject key identifier: A8:A9:C7:0F:32:4E:90:B7:70:60:9F:63:84:E8:F6:DF:7F:BE:17:C8
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018FD4625EF45585242152C8022CCF378638
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/qKnHDzJOkLdwYJ9jhOj233--F8g.roa
Signing time: Sat 01 Jun 2024 15:19:27 +0000
ROA not before: Sat 01 Jun 2024 15:19:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.244.0/22 maxlen: 24
91.186.200.0/22 maxlen: 24
91.186.204.0/22 maxlen: 24
91.186.216.0/23 maxlen: 24
94.241.168.0/21 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Jun 2024 07:32:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d4:62:5e:f4:55:85:24:21:52:c8:02:2c:cf:37:86:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jun 1 15:19:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8a9c70f324e90b770609f6384e8f6df7fbe17c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:74:f8:f9:c5:0e:99:36:44:21:72:8c:49:0d:
c2:ed:a0:9e:1e:a5:49:b8:0e:9d:db:25:03:4b:17:
10:47:1b:db:76:56:ef:27:4b:ca:a0:94:ec:d5:fa:
b1:86:64:c1:4c:b6:ad:c2:2a:1c:ab:d4:b8:d7:59:
c7:25:22:34:fc:96:8d:a9:02:cd:c1:52:4a:43:03:
15:38:e5:db:0a:01:2b:b0:47:ec:0b:03:09:ae:65:
13:13:94:79:f6:5f:4f:7b:a1:25:66:db:3b:c4:81:
ce:ab:54:4a:71:1f:6b:ba:34:67:a2:7f:f3:b6:47:
22:e9:c0:50:34:bc:18:a2:77:65:cf:3c:79:8b:5c:
62:31:0d:21:79:d9:0a:a4:c3:6b:a2:38:0e:79:8c:
cd:af:0c:43:a3:d6:65:06:ca:bc:1d:cc:7e:62:2f:
2b:aa:9c:14:5b:6b:b5:54:55:c8:14:25:1a:e4:b7:
5a:1b:b8:7c:5e:24:11:1d:d3:5d:c7:71:42:8a:cd:
36:5d:e4:12:f8:69:4f:93:87:2a:6f:99:f2:8a:0d:
ba:92:01:4b:df:22:03:fe:ed:32:1c:f5:00:79:bc:
d8:0f:d2:e5:05:5b:ce:ab:7d:72:6b:a7:ae:f2:43:
9d:da:4c:90:86:af:6a:da:ab:dc:21:3e:56:ea:90:
22:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:A9:C7:0F:32:4E:90:B7:70:60:9F:63:84:E8:F6:DF:7F:BE:17:C8
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/qKnHDzJOkLdwYJ9jhOj233--F8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.244.0/22
91.186.200.0/21
91.186.216.0/23
94.241.168.0/21
Signature Algorithm: sha256WithRSAEncryption
39:e5:64:9c:81:86:81:91:3b:25:95:6c:76:b5:99:31:62:78:
a1:fd:7e:00:97:7f:83:1c:0f:af:b7:3e:97:16:01:3c:a5:9c:
f2:8a:f5:59:76:28:a3:19:55:ec:11:6c:bf:cf:aa:e0:9d:fc:
a0:74:2b:a5:e8:f8:c3:0c:ea:8f:d8:e7:cf:46:40:b2:54:e7:
10:d1:d9:1b:c9:2d:42:06:79:a0:d9:f6:fc:87:9a:cf:4f:94:
40:90:58:78:45:56:e0:c9:0e:32:fd:6c:22:56:1e:09:a7:9a:
fb:72:ae:12:57:3b:7e:cb:7d:8a:0e:3c:8d:03:f7:fa:3d:b2:
86:12:69:10:2a:3d:b7:8e:c5:3b:e7:13:9a:9d:9c:2d:11:72:
29:09:c5:d8:cc:65:50:62:ed:1d:a9:92:1d:de:35:a8:47:4b:
c0:07:69:cd:6d:22:d5:a3:ff:bf:aa:d4:e9:3b:ab:b1:e8:4d:
77:03:9d:c5:14:94:ba:80:48:9f:9c:57:28:42:c6:80:ea:81:
20:36:ca:32:57:db:12:16:3e:fe:67:e2:7a:b8:e8:6c:7d:8e:
d5:90:51:97:14:52:d7:c8:ce:df:19:4c:6e:cd:86:00:1a:aa:
21:b1:4e:2a:47:60:fe:7a:59:08:aa:58:31:84:f2:40:e9:f4:
31:57:91:71
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY/UYl70VYUkIVLIAizPN4Y4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwNjAxMTUxOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGE5YzcwZjMyNGU5MGI3NzA2MDlmNjM4NGU4ZjZkZjdmYmUxN2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1HT4+cUOmTZEIXKMSQ3C7aCeHqVJ
uA6d2yUDSxcQRxvbdlbvJ0vKoJTs1fqxhmTBTLatwiocq9S411nHJSI0/JaNqQLN
wVJKQwMVOOXbCgErsEfsCwMJrmUTE5R59l9Pe6ElZts7xIHOq1RKcR9rujRnon/z
tkci6cBQNLwYondlzzx5i1xiMQ0hedkKpMNrojgOeYzNrwxDo9ZlBsq8Hcx+Yi8r
qpwUW2u1VFXIFCUa5LdaG7h8XiQRHdNdx3FCis02XeQS+GlPk4cqb5nyig26kgFL
3yID/u0yHPUAebzYD9LlBVvOq31ya6eu8kOd2kyQhq9q2qvcIT5W6pAi/wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKipxw8yTpC3cGCfY4To9t9/vhfIMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvcUtuSER6Sk9rTGR3WUo5amhPajIzMy0tRjhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCU5P0AwQD
W7rIAwQBW7rYAwQDXvGoMA0GCSqGSIb3DQEBCwUAA4IBAQA55WScgYaBkTsllWx2
tZkxYnih/X4Al3+DHA+vtz6XFgE8pZzyivVZdiijGVXsEWy/z6rgnfygdCul6PjD
DOqP2OfPRkCyVOcQ0dkbyS1CBnmg2fb8h5rPT5RAkFh4RVbgyQ4y/WwiVh4Jp5r7
cq4SVzt+y32KDjyNA/f6PbKGEmkQKj23jsU75xOanZwtEXIpCcXYzGVQYu0dqZId
3jWoR0vAB2nNbSLVo/+/qtTpO6ux6E13A53FFJS6gEifnFcoQsaA6oEgNsoyV9sS
Fj7+Z+J6uOhsfY7VkFGXFFLXyM7fGUxuzYYAGqohsU4qR2D+elkIqlgxhPJA6fQx
V5Fx
-----END CERTIFICATE-----
Generated at Fri Jun 7 10:21:47 2024 by rpki-client on console-fra.rpki-client.org