Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/t1smfZRBLxra0O1eJ-dwHK6o0W0.roa
File: t1smfZRBLxra0O1eJ-dwHK6o0W0.roa (raw, json)
Hash identifier: XJwK70zqVavo7qpxGn5933o0voVt4NcszMRBdfJiVyQ=
Subject key identifier: B7:5B:26:7D:94:41:2F:1A:DA:D0:ED:5E:27:E7:70:1C:AE:A8:D1:6D
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 0190022EB8275812B4C111AC0849DA8B842F
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/t1smfZRBLxra0O1eJ-dwHK6o0W0.roa
Signing time: Mon 10 Jun 2024 12:45:34 +0000
ROA not before: Mon 10 Jun 2024 12:45:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.244.0/22 maxlen: 24
91.186.200.0/22 maxlen: 24
91.186.204.0/22 maxlen: 24
91.186.216.0/23 maxlen: 24
94.241.168.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Jun 2024 15:23:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:02:2e:b8:27:58:12:b4:c1:11:ac:08:49:da:8b:84:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jun 10 12:45:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b75b267d94412f1adad0ed5e27e7701caea8d16d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:79:3e:5c:f9:c2:86:ec:dd:10:dc:63:46:fe:
6f:ae:59:ae:90:ca:64:ef:f4:b4:c9:c3:a8:57:88:
a0:d0:2e:95:b0:c2:ab:4f:41:f6:eb:77:22:d2:c6:
e3:a6:4f:6e:d5:ef:85:6c:15:71:a2:62:e2:9d:dd:
9d:5d:03:04:04:29:d5:28:72:17:e1:4c:e0:59:43:
6b:4a:2d:9d:6e:70:cc:42:fb:96:cd:a9:ea:0a:18:
86:7d:74:56:98:4a:82:03:67:46:68:8f:1a:94:e4:
04:6a:74:7a:dd:15:74:1c:88:2f:55:1f:06:1e:50:
27:df:f9:c1:3f:5e:fd:aa:0f:36:17:29:3f:72:97:
cd:ef:e7:79:54:56:c5:d4:87:01:7f:9b:bb:73:f9:
14:b0:49:6e:5e:9b:04:73:0b:17:b8:06:99:4a:ee:
25:69:29:ea:9e:21:7f:a7:53:5d:84:0a:fb:9f:97:
70:4d:d3:9a:4e:18:8c:13:9e:b2:7a:aa:e0:eb:06:
98:f7:b2:4d:fd:1c:61:18:be:d3:66:d4:63:ef:92:
50:d2:82:81:1d:5b:25:8f:35:92:99:20:86:91:df:
6b:53:57:7b:b2:98:9e:c0:41:27:a9:ca:7f:c4:2a:
95:49:c6:7b:6b:0a:ed:e7:e5:90:bf:4f:e0:d5:e8:
a4:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:5B:26:7D:94:41:2F:1A:DA:D0:ED:5E:27:E7:70:1C:AE:A8:D1:6D
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/t1smfZRBLxra0O1eJ-dwHK6o0W0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.244.0/22
91.186.200.0/21
91.186.216.0/23
94.241.168.0/21
Signature Algorithm: sha256WithRSAEncryption
60:c0:ec:30:40:fa:01:be:61:f3:28:d7:1d:16:fc:9c:27:4b:
51:c1:02:19:94:78:c5:a4:24:0f:90:fc:92:95:7a:87:88:31:
bb:f8:8d:45:38:da:dc:af:f3:d2:af:15:5c:d8:0e:8b:4d:0d:
4a:4d:ea:da:27:66:e6:6d:0c:08:83:f7:69:96:f9:ec:06:82:
2a:8b:f4:f8:40:1d:f9:07:60:97:18:cc:6e:97:03:6f:2d:21:
b6:1f:67:82:cd:bb:4b:b6:c4:9e:37:2a:c3:a2:11:1f:d1:54:
4e:52:59:25:3b:86:45:5e:e0:42:af:34:3b:7e:b3:36:82:c5:
36:bd:ce:7f:16:64:bf:1f:9f:10:c4:51:a3:94:ca:0d:e3:d2:
26:1c:f9:d3:bc:98:5d:41:04:7f:ed:ad:be:96:ab:1d:82:c5:
7d:a4:8b:8a:71:bf:59:0f:47:7c:e8:ac:bc:d8:35:42:af:96:
80:f2:d9:7f:85:20:64:b1:12:e4:c9:96:f9:2d:09:1f:27:03:
1d:5d:cd:e4:ac:7b:76:13:f7:d1:65:de:1f:e7:10:78:00:d9:
47:df:fb:f3:b4:ca:49:7e:d4:7c:40:5c:45:f8:2b:14:6c:20:
68:6f:56:89:c4:22:fc:5c:a1:66:f7:3f:82:52:f9:bc:f7:34:
1f:bd:ea:67
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZACLrgnWBK0wRGsCEnai4QvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwNjEwMTI0NTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzViMjY3ZDk0NDEyZjFhZGFkMGVkNWUyN2U3NzAxY2FlYThkMTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXk+XPnChuzdENxjRv5vrlmukMpk
7/S0ycOoV4ig0C6VsMKrT0H263ci0sbjpk9u1e+FbBVxomLind2dXQMEBCnVKHIX
4UzgWUNrSi2dbnDMQvuWzanqChiGfXRWmEqCA2dGaI8alOQEanR63RV0HIgvVR8G
HlAn3/nBP179qg82Fyk/cpfN7+d5VFbF1IcBf5u7c/kUsEluXpsEcwsXuAaZSu4l
aSnqniF/p1NdhAr7n5dwTdOaThiME56yeqrg6waY97JN/RxhGL7TZtRj75JQ0oKB
HVsljzWSmSCGkd9rU1d7spiewEEnqcp/xCqVScZ7awrt5+WQv0/g1eik7QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLdbJn2UQS8a2tDtXifncByuqNFtMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvdDFzbWZaUkJMeHJhME8xZUotZHdISzZvMFcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCU5P0AwQD
W7rIAwQBW7rYAwQDXvGoMA0GCSqGSIb3DQEBCwUAA4IBAQBgwOwwQPoBvmHzKNcd
FvycJ0tRwQIZlHjFpCQPkPySlXqHiDG7+I1FONrcr/PSrxVc2A6LTQ1KTeraJ2bm
bQwIg/dplvnsBoIqi/T4QB35B2CXGMxulwNvLSG2H2eCzbtLtsSeNyrDohEf0VRO
UlklO4ZFXuBCrzQ7frM2gsU2vc5/FmS/H58QxFGjlMoN49ImHPnTvJhdQQR/7a2+
lqsdgsV9pIuKcb9ZD0d86Ky82DVCr5aA8tl/hSBksRLkyZb5LQkfJwMdXc3krHt2
E/fRZd4f5xB4ANlH3/vztMpJftR8QFxF+CsUbCBob1aJxCL8XKFm9z+CUvm89zQf
vepn
-----END CERTIFICATE-----
Generated at Tue Jun 11 20:23:07 2024 by rpki-client on console-ams.rpki-client.org