Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/t_QsT3TL6yg5GcME6IP4xAtmElo.roa
File: t_QsT3TL6yg5GcME6IP4xAtmElo.roa (raw, json)
Hash identifier: +zis4VIAO42DSqfKaX5+UpcX1uZbhpBPcSDBlFJuAU0=
Subject key identifier: B7:F4:2C:4F:74:CB:EB:28:39:19:C3:04:E8:83:F8:C4:0B:66:12:5A
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 0185708CD9C7BA711F022F5FCD4AAD9300B1
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/t_QsT3TL6yg5GcME6IP4xAtmElo.roa
Signing time: Mon 02 Jan 2023 03:35:57 +0000
ROA not before: Mon 02 Jan 2023 03:35:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 94.241.168.0/21 maxlen: 24
94.241.176.0/21 maxlen: 24
83.147.232.0/22 maxlen: 24
83.147.248.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Jan 2023 21:01:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:d9:c7:ba:71:1f:02:2f:5f:cd:4a:ad:93:00:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jan 2 03:35:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7f42c4f74cbeb283919c304e883f8c40b66125a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:24:c5:bd:21:6d:5d:1f:8d:04:a0:da:b1:83:
55:72:70:fc:8d:98:ee:f4:31:42:84:9f:c5:95:6c:
51:6c:74:53:21:ec:8c:80:b6:a2:7d:c0:44:e7:d1:
f8:f4:68:7d:82:13:8e:49:6f:5c:e8:b6:6c:56:42:
d0:3a:99:50:5f:b2:94:1d:00:78:1f:fb:92:26:b5:
85:20:d4:af:d1:35:28:34:7b:a6:89:3f:b6:4e:45:
0e:b7:81:88:28:db:49:56:33:c2:57:ca:62:cb:ce:
d6:6d:1f:21:d8:ed:ac:91:5d:17:ed:a2:cc:6e:21:
d3:43:ab:5a:8f:dd:bf:ca:3b:29:5f:88:f6:0e:4b:
84:b6:7f:b8:39:ee:6f:f4:b0:ca:8d:b2:77:f8:68:
df:53:87:95:e6:6e:1f:b9:38:2b:1d:d0:b8:bd:1e:
64:65:d5:26:cd:6d:d9:73:7a:19:47:2f:ca:51:b9:
1d:47:b0:8e:0c:5d:d8:de:80:10:18:9b:bb:7f:cb:
5f:3d:75:f4:77:a5:b1:27:5a:13:92:7b:8c:40:90:
b2:1a:39:15:27:f6:52:56:a9:91:26:04:17:a5:45:
b4:bf:d9:a2:c1:e6:63:68:05:d0:06:34:ab:7a:da:
e3:8a:9c:32:a1:d3:94:79:42:5e:74:63:2f:29:8b:
bc:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:F4:2C:4F:74:CB:EB:28:39:19:C3:04:E8:83:F8:C4:0B:66:12:5A
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/t_QsT3TL6yg5GcME6IP4xAtmElo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.232.0/22
83.147.248.0/22
94.241.168.0-94.241.183.255
Signature Algorithm: sha256WithRSAEncryption
2e:df:c9:a3:db:b7:9a:7b:1b:78:6b:3e:2d:12:79:97:80:15:
4c:79:a9:75:a5:72:a8:9f:9b:fb:a8:6d:26:fc:cf:1d:23:b2:
62:08:8e:0d:8d:b9:b3:5a:9c:71:f1:f6:ea:1e:89:1c:a4:3c:
86:0e:1a:62:22:48:1b:20:23:4e:88:a0:70:37:a8:44:48:d2:
1a:b3:f3:ac:c1:d0:6b:cd:cf:97:6e:20:7e:2b:f1:70:6a:0c:
d1:a5:6c:a4:5b:e3:5c:7c:ee:af:7e:86:0d:9c:a8:e7:9c:dd:
6f:33:b1:d7:4e:17:ef:4a:9a:d0:45:68:f8:4e:e1:a4:12:53:
ff:2d:54:96:fc:2a:b5:76:a4:e7:f1:ad:98:6a:d8:4c:f1:eb:
ee:c7:fb:f4:37:aa:16:9c:78:d8:b8:1b:c4:80:2b:2d:2f:ab:
ee:fd:3f:0e:8b:bf:b8:18:40:82:20:d8:9c:b3:b6:15:ad:18:
f4:fb:f7:61:e7:4e:2f:ca:69:73:39:b6:f5:b4:ad:d2:3e:5f:
a1:1e:aa:4c:05:85:66:0e:9c:94:63:76:1c:78:f8:3b:68:18:
17:ae:b4:d3:93:de:21:57:28:49:15:81:60:bb:48:40:58:a6:
9b:0f:65:3b:3c:49:ce:3e:3a:cf:b7:46:7a:f3:2c:6f:fb:b1:
a4:94:61:39
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVwjNnHunEfAi9fzUqtkwCxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwMTAyMDMzNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2Y0MmM0Zjc0Y2JlYjI4MzkxOWMzMDRlODgzZjhjNDBiNjYxMjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1iTFvSFtXR+NBKDasYNVcnD8jZju
9DFChJ/FlWxRbHRTIeyMgLaifcBE59H49Gh9ghOOSW9c6LZsVkLQOplQX7KUHQB4
H/uSJrWFINSv0TUoNHumiT+2TkUOt4GIKNtJVjPCV8piy87WbR8h2O2skV0X7aLM
biHTQ6taj92/yjspX4j2DkuEtn+4Oe5v9LDKjbJ3+GjfU4eV5m4fuTgrHdC4vR5k
ZdUmzW3Zc3oZRy/KUbkdR7CODF3Y3oAQGJu7f8tfPXX0d6WxJ1oTknuMQJCyGjkV
J/ZSVqmRJgQXpUW0v9miweZjaAXQBjSretrjipwyodOUeUJedGMvKYu8LwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLf0LE90y+soORnDBOiD+MQLZhJaMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvdF9Rc1QzVEw2eWc1R2NNRTZJUDR4QXRtRWxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCU5PoAwQC
U5P4MAwDBANe8agDBANe8bAwDQYJKoZIhvcNAQELBQADggEBAC7fyaPbt5p7G3hr
Pi0SeZeAFUx5qXWlcqifm/uobSb8zx0jsmIIjg2NubNanHHx9uoeiRykPIYOGmIi
SBsgI06IoHA3qERI0hqz86zB0GvNz5duIH4r8XBqDNGlbKRb41x87q9+hg2cqOec
3W8zsddOF+9KmtBFaPhO4aQSU/8tVJb8KrV2pOfxrZhq2Ezx6+7H+/Q3qhaceNi4
G8SAKy0vq+79Pw6Lv7gYQIIg2JyzthWtGPT792HnTi/KaXM5tvW0rdI+X6EeqkwF
hWYOnJRjdhx4+DtoGBeutNOT3iFXKEkVgWC7SEBYppsPZTs8Sc4+Os+3RnrzLG/7
saSUYTk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:10 2024 by rpki-client on console-fra.rpki-client.org