Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/qojzi1Z-TthNDBUov5JND_KDVuU.roa
File: qojzi1Z-TthNDBUov5JND_KDVuU.roa (raw, json)
Hash identifier: 9HhMl8e0h32gRNtSy1O1IF0A04QcjFR2Hpw/0GH2NoU=
Subject key identifier: AA:88:F3:8B:56:7E:4E:D8:4D:0C:15:28:BF:92:4D:0F:F2:83:56:E5
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018BB40487D8445A4DCA710446CDECA8E444
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/qojzi1Z-TthNDBUov5JND_KDVuU.roa
Signing time: Thu 09 Nov 2023 12:17:57 +0000
ROA not before: Thu 09 Nov 2023 12:17:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.186.216.0/22 maxlen: 24
94.241.168.0/21 maxlen: 24
83.147.216.0/24 maxlen: 24
178.253.26.0/23 maxlen: 24
178.253.32.0/24 maxlen: 24
83.147.244.0/22 maxlen: 24
83.147.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Nov 2023 13:30:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b4:04:87:d8:44:5a:4d:ca:71:04:46:cd:ec:a8:e4:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Nov 9 12:17:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa88f38b567e4ed84d0c1528bf924d0ff28356e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:5a:8a:7d:db:3e:9c:d5:12:ca:14:2c:0e:37:
e5:0f:38:f7:95:53:f7:19:91:de:e3:ae:50:19:7a:
cf:10:bc:ff:79:6a:7e:8f:60:3a:e4:d9:b8:1d:b2:
87:ec:8c:27:e2:8f:56:84:7e:6f:c6:c5:83:b8:88:
d6:fd:d2:d0:73:4c:37:55:bf:b1:de:7a:f4:9a:17:
f2:a0:2a:80:34:2b:2e:50:72:e3:26:5c:fa:28:32:
15:85:9a:92:67:95:41:b3:01:63:fa:92:a3:88:ca:
34:35:e2:9a:85:83:9a:cc:dc:4e:49:c4:91:81:4f:
e9:4e:53:9a:a6:90:be:dd:4b:54:23:98:da:07:80:
c6:9a:f6:dd:8c:06:41:c4:47:cb:66:d0:0a:51:6e:
93:5c:bc:6b:a1:6f:75:e2:7d:d8:6e:d7:e3:e7:61:
63:b6:7f:03:41:e8:a3:bd:ef:b9:70:dc:14:a3:55:
96:1c:1c:fc:23:2d:91:f5:47:23:d7:3f:ad:d6:df:
38:cf:78:0e:99:93:2a:1e:36:7d:56:35:f8:44:ea:
e5:1b:76:4c:7b:58:6e:3c:05:dc:b3:6b:8f:28:d3:
7d:8f:5a:94:ed:16:78:d9:e8:76:4e:74:ee:39:02:
95:54:b5:4b:59:8c:ce:40:2d:b6:69:75:11:b3:46:
a6:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:88:F3:8B:56:7E:4E:D8:4D:0C:15:28:BF:92:4D:0F:F2:83:56:E5
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/qojzi1Z-TthNDBUov5JND_KDVuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.216.0/24
83.147.244.0/22
83.147.252.0/22
91.186.216.0/22
94.241.168.0/21
178.253.26.0/23
178.253.32.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:6c:c0:93:c7:64:35:f4:42:0d:a3:f5:f6:42:91:0a:d7:5a:
20:21:03:7b:fd:16:a7:fe:57:02:89:90:30:40:03:bb:47:87:
30:59:8f:67:9b:14:52:17:a6:5a:cc:42:11:71:14:e0:fc:93:
07:88:b2:a2:8c:9c:26:b1:b8:9a:4c:2b:15:ed:7d:79:6f:7b:
1d:4e:8f:89:e9:03:59:d3:59:c9:e1:20:fc:4b:55:3a:31:9d:
62:20:e4:9b:b0:08:cf:b2:fd:2a:0e:03:be:84:83:98:15:84:
f5:e2:e1:87:33:25:44:54:9a:44:03:ac:fa:7b:a6:d5:af:42:
25:9a:a7:56:39:e8:ff:c0:21:ca:cb:5f:40:71:03:86:a7:01:
c1:1c:bb:2c:49:cb:1c:00:12:56:62:4d:ff:14:32:a0:5f:a1:
41:93:38:49:2b:88:3f:79:14:e7:ab:62:9a:76:d6:d7:10:73:
4c:c2:b3:e7:95:99:38:06:68:54:da:ee:08:6a:59:bb:9e:c3:
c2:a9:65:4b:72:24:4a:4b:33:c4:c4:0a:3f:6f:3b:4c:fe:b0:
bd:bc:2f:87:8d:eb:74:d7:bf:e4:46:16:c0:fc:50:54:15:d7:
0a:89:ac:6e:14:0a:c5:de:d9:42:54:2f:6d:6c:28:bb:41:43:
79:a0:61:88
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYu0BIfYRFpNynEERs3sqOREMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMxMTA5MTIxNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTg4ZjM4YjU2N2U0ZWQ4NGQwYzE1MjhiZjkyNGQwZmYyODM1NmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFqKfds+nNUSyhQsDjflDzj3lVP3
GZHe465QGXrPELz/eWp+j2A65Nm4HbKH7Iwn4o9WhH5vxsWDuIjW/dLQc0w3Vb+x
3nr0mhfyoCqANCsuUHLjJlz6KDIVhZqSZ5VBswFj+pKjiMo0NeKahYOazNxOScSR
gU/pTlOappC+3UtUI5jaB4DGmvbdjAZBxEfLZtAKUW6TXLxroW914n3Ybtfj52Fj
tn8DQeijve+5cNwUo1WWHBz8Iy2R9Ucj1z+t1t84z3gOmZMqHjZ9VjX4ROrlG3ZM
e1huPAXcs2uPKNN9j1qU7RZ42eh2TnTuOQKVVLVLWYzOQC22aXURs0amgwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKqI84tWfk7YTQwVKL+STQ/yg1blMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvcW9qemkxWi1UdGhOREJVb3Y1Sk5EX0tEVnVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAU5PYAwQC
U5P0AwQCU5P8AwQCW7rYAwQDXvGoAwQBsv0aAwQAsv0gMA0GCSqGSIb3DQEBCwUA
A4IBAQCPbMCTx2Q19EINo/X2QpEK11ogIQN7/Ran/lcCiZAwQAO7R4cwWY9nmxRS
F6ZazEIRcRTg/JMHiLKijJwmsbiaTCsV7X15b3sdTo+J6QNZ01nJ4SD8S1U6MZ1i
IOSbsAjPsv0qDgO+hIOYFYT14uGHMyVEVJpEA6z6e6bVr0IlmqdWOej/wCHKy19A
cQOGpwHBHLssScscABJWYk3/FDKgX6FBkzhJK4g/eRTnq2KadtbXEHNMwrPnlZk4
BmhU2u4Ialm7nsPCqWVLciRKSzPExAo/bztM/rC9vC+Hjet017/kRhbA/FBUFdcK
iaxuFArF3tlCVC9tbCi7QUN5oGGI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:10 2024 by rpki-client on console-fra.rpki-client.org