Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/qsfpvxoNTIS3NEx9YTekA2JA_Fg.roa
File: qsfpvxoNTIS3NEx9YTekA2JA_Fg.roa (raw, json)
Hash identifier: oQjdN1RKzOgfd2qMflIXItSAr4F1wlkbpfHyHPJzF6c=
Subject key identifier: AA:C7:E9:BF:1A:0D:4C:84:B7:34:4C:7D:61:37:A4:03:62:40:FC:58
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018944CED20FC631001A99469C553DE89A48
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/qsfpvxoNTIS3NEx9YTekA2JA_Fg.roa
Signing time: Tue 11 Jul 2023 11:55:52 +0000
ROA not before: Tue 11 Jul 2023 11:55:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.186.216.0/22 maxlen: 24
94.241.168.0/21 maxlen: 24
178.253.22.0/23 maxlen: 24
178.253.40.0/22 maxlen: 24
83.147.240.0/22 maxlen: 24
178.253.55.0/24 maxlen: 24
83.147.244.0/22 maxlen: 24
83.147.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 23 Jul 2023 05:32:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:44:ce:d2:0f:c6:31:00:1a:99:46:9c:55:3d:e8:9a:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jul 11 11:55:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aac7e9bf1a0d4c84b7344c7d6137a4036240fc58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:47:2b:a9:fe:15:0b:d1:ff:52:8e:a2:a8:eb:
a1:e8:ea:4f:12:ae:20:25:92:8f:1e:13:eb:a8:47:
1d:20:69:1e:02:ba:91:29:23:32:2e:70:92:c8:d2:
ca:3e:e9:6b:ac:c6:93:db:cb:78:44:53:f0:ad:d7:
d1:af:38:67:ce:a6:c8:86:9d:74:43:03:99:6a:6a:
ec:4a:7a:0c:9c:97:cf:fb:35:8d:b1:2b:f7:df:3e:
44:ba:c1:3d:0e:1a:eb:7e:a8:8f:ec:91:20:67:83:
9c:c5:8c:f0:a0:94:cc:ff:74:c3:7c:05:ed:e5:30:
48:eb:8c:18:65:77:fb:92:91:19:c9:e3:4a:28:ed:
10:07:da:25:9f:5a:04:51:c4:f9:51:98:59:34:47:
50:8e:c1:34:4c:81:56:1f:1c:73:c8:47:b9:ad:91:
c9:58:d9:79:ce:49:0e:6c:01:ec:2b:4a:4d:06:a3:
47:ed:00:27:66:25:5d:ab:bb:d0:28:76:7a:bd:96:
7b:ab:89:01:22:04:69:98:e1:e3:8d:d2:ee:fa:7d:
0e:a6:9b:37:f8:0d:cd:28:f8:33:3f:0b:d2:0a:93:
99:3c:ac:d5:4b:99:e9:4f:d5:9a:aa:2b:a4:9b:dc:
04:ad:98:6b:f6:52:e3:d2:fb:30:e8:99:aa:1b:ec:
b3:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:C7:E9:BF:1A:0D:4C:84:B7:34:4C:7D:61:37:A4:03:62:40:FC:58
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/qsfpvxoNTIS3NEx9YTekA2JA_Fg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.240.0/21
83.147.252.0/22
91.186.216.0/22
94.241.168.0/21
178.253.22.0/23
178.253.40.0/22
178.253.55.0/24
Signature Algorithm: sha256WithRSAEncryption
55:26:b2:de:90:c2:0c:e7:84:01:25:ec:03:74:2d:00:15:a7:
ae:9b:ed:84:01:10:ee:07:00:55:d6:0a:88:38:d7:91:d8:c7:
47:33:9f:0f:1a:82:a5:4e:37:1f:50:16:30:81:65:ea:0a:14:
a4:03:d4:21:42:8d:fc:2d:ab:36:85:54:6f:c2:14:7b:f5:79:
b6:61:b5:70:9f:ad:84:bf:c1:20:40:f2:ba:83:55:40:fc:0c:
5a:16:f9:06:ab:26:dd:94:3b:9e:95:e5:2d:70:07:ec:d3:b0:
7f:0d:7b:53:b8:12:49:10:e8:ea:53:f3:16:dc:aa:1e:2e:7f:
33:72:fa:ae:10:ad:8c:95:3c:cb:d8:84:26:b1:54:ab:9b:a4:
fb:5c:51:ee:04:24:c8:9d:eb:d9:15:7d:80:1b:40:4f:c5:4e:
be:a8:81:e8:1b:4a:c5:d4:55:53:57:3b:0b:3c:69:45:b0:4a:
be:79:a9:13:51:17:14:dd:85:25:55:59:f7:5e:12:de:f6:16:
53:42:92:84:73:7a:fb:e4:44:ca:7d:bf:f6:ab:56:de:5b:37:
db:b5:9b:fb:ce:4a:70:cb:5d:6b:8c:44:d8:7b:70:a8:ee:fe:
57:5b:12:af:51:cc:a8:f7:21:ae:5b:0b:ad:bb:5b:fc:64:91:
77:73:77:a7
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYlEztIPxjEAGplGnFU96JpIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwNzExMTE1NTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWM3ZTliZjFhMGQ0Yzg0YjczNDRjN2Q2MTM3YTQwMzYyNDBmYzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkcrqf4VC9H/Uo6iqOuh6OpPEq4g
JZKPHhPrqEcdIGkeArqRKSMyLnCSyNLKPulrrMaT28t4RFPwrdfRrzhnzqbIhp10
QwOZamrsSnoMnJfP+zWNsSv33z5EusE9DhrrfqiP7JEgZ4OcxYzwoJTM/3TDfAXt
5TBI64wYZXf7kpEZyeNKKO0QB9oln1oEUcT5UZhZNEdQjsE0TIFWHxxzyEe5rZHJ
WNl5zkkObAHsK0pNBqNH7QAnZiVdq7vQKHZ6vZZ7q4kBIgRpmOHjjdLu+n0Opps3
+A3NKPgzPwvSCpOZPKzVS5npT9Waqiukm9wErZhr9lLj0vsw6JmqG+yz6QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKrH6b8aDUyEtzRMfWE3pANiQPxYMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvcXNmcHZ4b05USVMzTkV4OVlUZWtBMkpBX0ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDU5PwAwQC
U5P8AwQCW7rYAwQDXvGoAwQBsv0WAwQCsv0oAwQAsv03MA0GCSqGSIb3DQEBCwUA
A4IBAQBVJrLekMIM54QBJewDdC0AFaeum+2EARDuBwBV1gqIONeR2MdHM58PGoKl
TjcfUBYwgWXqChSkA9QhQo38Las2hVRvwhR79Xm2YbVwn62Ev8EgQPK6g1VA/Axa
FvkGqybdlDueleUtcAfs07B/DXtTuBJJEOjqU/MW3KoeLn8zcvquEK2MlTzL2IQm
sVSrm6T7XFHuBCTInevZFX2AG0BPxU6+qIHoG0rF1FVTVzsLPGlFsEq+eakTURcU
3YUlVVn3XhLe9hZTQpKEc3r75ETKfb/2q1beWzfbtZv7zkpwy11rjETYe3Co7v5X
WxKvUcyo9yGuWwutu1v8ZJF3c3en
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:20 2024 by rpki-client on console-ams.rpki-client.org