Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/rEsGm_0YwcO9VKOIfcYGdu-nQuI.roa
File: rEsGm_0YwcO9VKOIfcYGdu-nQuI.roa (raw, json)
Hash identifier: yCXl5VFJrhd/haTwlhHWpVFNpRXDZoBnbWGdEvPZhpI=
Subject key identifier: AC:4B:06:9B:FD:18:C1:C3:BD:54:A3:88:7D:C6:06:76:EF:A7:42:E2
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018816D22028B7853C3FAEA6EC2A2AC6A0FF
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/rEsGm_0YwcO9VKOIfcYGdu-nQuI.roa
Signing time: Sat 13 May 2023 20:34:09 +0000
ROA not before: Sat 13 May 2023 20:34:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.186.216.0/22 maxlen: 24
83.147.244.0/22 maxlen: 24
83.147.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 May 2023 09:50:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:16:d2:20:28:b7:85:3c:3f:ae:a6:ec:2a:2a:c6:a0:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: May 13 20:34:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac4b069bfd18c1c3bd54a3887dc60676efa742e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:bf:d5:a6:3e:51:76:b4:05:46:d8:29:6a:bd:
cb:2e:26:8b:3f:67:2d:64:5d:0b:4f:88:a2:9c:57:
d8:83:1b:c1:b0:af:16:ab:e3:e4:15:e6:1b:73:8d:
8d:05:8b:6a:2a:e0:ff:ec:99:56:5d:34:a1:0b:c7:
c1:93:ed:c9:83:de:62:04:9d:73:2b:0d:91:d0:6b:
85:e8:56:3e:a0:3d:e4:9d:55:d2:7c:b2:c9:a5:6d:
5c:24:80:2b:49:f4:ac:e2:22:f2:fa:95:5e:ad:4f:
61:09:49:87:ac:2f:2d:a2:d0:c9:3d:2d:da:f2:09:
d1:a5:be:d3:aa:41:cd:22:61:b8:af:b3:f7:cc:7c:
e2:45:1a:cc:83:29:b3:10:7f:02:a5:e6:10:09:88:
30:ac:fe:15:ef:d9:6f:25:97:4a:1d:a1:9e:41:f6:
bb:7e:f7:53:73:29:4a:af:52:06:f1:f1:48:8f:4a:
2d:85:b0:47:3b:fb:08:2f:27:11:e9:95:76:59:b3:
a1:45:33:d6:85:ee:0b:72:a9:d1:b0:33:85:a7:1b:
10:56:21:94:2a:36:21:b5:fe:bf:ec:5d:b2:69:a6:
73:e4:97:c6:b4:ae:99:67:f1:8d:04:6f:4b:3a:bb:
df:65:63:ab:8f:24:3a:1c:3a:ca:59:0d:20:7e:4e:
ac:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:4B:06:9B:FD:18:C1:C3:BD:54:A3:88:7D:C6:06:76:EF:A7:42:E2
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/rEsGm_0YwcO9VKOIfcYGdu-nQuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.244.0/22
83.147.252.0/22
91.186.216.0/22
Signature Algorithm: sha256WithRSAEncryption
04:06:13:2d:e1:9b:49:71:7d:5d:da:58:77:8c:3c:a7:03:d1:
76:3a:71:ff:15:03:ec:f1:ee:82:84:df:05:38:42:dd:0d:fe:
8d:7a:a8:15:f2:40:a2:22:68:9b:1c:e0:96:56:3d:ff:58:4a:
9c:7b:1f:ea:03:e8:18:b6:29:4b:70:1c:6d:fd:d8:81:71:48:
6d:60:0b:40:1f:61:2e:fa:9a:51:f3:5f:50:c4:56:7d:dc:8c:
06:b7:cd:33:af:a4:6b:3c:8e:fa:87:9e:7a:71:35:e6:52:d8:
9c:0b:b7:64:46:9a:de:8e:f3:ed:fb:74:14:30:7b:a0:95:02:
99:11:2f:b3:26:68:db:3a:81:dc:5f:e3:9e:1f:84:f9:c9:35:
20:e3:de:dc:73:db:b7:1c:97:df:5d:2d:e5:1e:6d:f9:ce:7a:
a5:d8:3c:86:69:35:93:53:8b:4e:68:36:c8:49:96:90:ac:52:
4b:a3:fc:74:3a:8e:d3:9d:a5:e3:02:77:fb:e8:22:5a:c3:ac:
b5:ac:36:a7:fe:80:2d:c1:a7:1b:04:a1:4c:d1:44:11:a6:85:
80:08:4d:51:58:03:25:7c:58:4f:ff:60:28:c9:de:5b:76:18:
88:26:bc:56:16:69:ff:6c:c8:ff:ab:f7:be:9a:e2:bb:0a:cf:
74:c0:53:90
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYgW0iAot4U8P66m7CoqxqD/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwNTEzMjAzNDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzRiMDY5YmZkMThjMWMzYmQ1NGEzODg3ZGM2MDY3NmVmYTc0MmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1b/Vpj5RdrQFRtgpar3LLiaLP2ct
ZF0LT4iinFfYgxvBsK8Wq+PkFeYbc42NBYtqKuD/7JlWXTShC8fBk+3Jg95iBJ1z
Kw2R0GuF6FY+oD3knVXSfLLJpW1cJIArSfSs4iLy+pVerU9hCUmHrC8totDJPS3a
8gnRpb7TqkHNImG4r7P3zHziRRrMgymzEH8CpeYQCYgwrP4V79lvJZdKHaGeQfa7
fvdTcylKr1IG8fFIj0othbBHO/sILycR6ZV2WbOhRTPWhe4LcqnRsDOFpxsQViGU
KjYhtf6/7F2yaaZz5JfGtK6ZZ/GNBG9LOrvfZWOrjyQ6HDrKWQ0gfk6skQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKxLBpv9GMHDvVSjiH3GBnbvp0LiMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvckVzR21fMFl3Y085VktPSWZjWUdkdS1uUXVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCU5P0AwQC
U5P8AwQCW7rYMA0GCSqGSIb3DQEBCwUAA4IBAQAEBhMt4ZtJcX1d2lh3jDynA9F2
OnH/FQPs8e6ChN8FOELdDf6NeqgV8kCiImibHOCWVj3/WEqcex/qA+gYtilLcBxt
/diBcUhtYAtAH2Eu+ppR819QxFZ93IwGt80zr6RrPI76h556cTXmUticC7dkRpre
jvPt+3QUMHuglQKZES+zJmjbOoHcX+OeH4T5yTUg497cc9u3HJffXS3lHm35znql
2DyGaTWTU4tOaDbISZaQrFJLo/x0Oo7TnaXjAnf76CJaw6y1rDan/oAtwacbBKFM
0UQRpoWACE1RWAMlfFhP/2Aoyd5bdhiIJrxWFmn/bMj/q/e+muK7Cs90wFOQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:10 2024 by rpki-client on console-fra.rpki-client.org