Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/u5FW4V-8hJ8BNdBHPR_0wv9eEe0.roa
File: u5FW4V-8hJ8BNdBHPR_0wv9eEe0.roa (raw, json)
Hash identifier: LMqXvDHJqVFY5GoIHse7IIUeWK/78yEpy+RphYtFV+M=
Subject key identifier: BB:91:56:E1:5F:BC:84:9F:01:35:D0:47:3D:1F:F4:C2:FF:5E:11:ED
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 01907A87CD07BB0111F2CE87D1BD0A20393E
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/u5FW4V-8hJ8BNdBHPR_0wv9eEe0.roa
Signing time: Wed 03 Jul 2024 21:37:18 +0000
ROA not before: Wed 03 Jul 2024 21:37:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.244.0/22 maxlen: 24
91.186.200.0/22 maxlen: 24
91.186.204.0/22 maxlen: 24
94.241.168.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Jul 2024 09:21:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7a:87:cd:07:bb:01:11:f2:ce:87:d1:bd:0a:20:39:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jul 3 21:37:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb9156e15fbc849f0135d0473d1ff4c2ff5e11ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:8b:a3:ce:ed:95:37:62:cd:69:0e:0c:c4:b2:
7d:67:7e:a9:c8:c6:83:6f:14:ab:9d:ca:47:a2:ed:
ee:a1:19:03:04:dc:43:c5:47:be:bd:c4:33:d8:0d:
af:87:f6:0e:c7:c6:f0:db:78:98:8d:6b:8b:23:90:
18:21:65:5e:f2:1b:59:82:03:d0:e1:49:98:66:32:
d3:0a:c2:d6:1e:1c:b5:f0:ac:d9:4b:5e:bf:8f:95:
f6:eb:85:3f:83:cd:01:1c:a5:2d:00:89:0c:da:a7:
4b:7b:a1:8d:04:f2:ac:b0:d8:67:f4:5d:2f:77:db:
e2:62:d1:b3:6f:a7:07:08:f9:76:c9:5a:3f:37:83:
f7:d0:7e:de:77:cd:d3:2d:0c:d3:63:5c:1a:cd:3a:
54:42:07:01:35:e3:c6:50:e4:11:9a:91:9f:f7:9d:
df:3f:19:1d:a6:55:01:40:8d:64:f9:59:9b:2b:27:
f8:32:52:d7:e9:c9:72:41:31:a0:f8:33:c1:7e:81:
7c:24:26:34:a3:2f:8d:b3:31:07:49:17:69:d6:70:
28:f4:c7:0a:f2:fc:2c:b7:e3:4d:95:f0:a3:fb:f2:
e5:64:08:7a:d7:49:f6:c4:e4:87:26:8c:c3:6c:49:
cc:0f:ad:84:2f:62:fc:a6:e6:d3:e9:a1:38:10:22:
a9:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:91:56:E1:5F:BC:84:9F:01:35:D0:47:3D:1F:F4:C2:FF:5E:11:ED
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/u5FW4V-8hJ8BNdBHPR_0wv9eEe0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.244.0/22
91.186.200.0/21
94.241.168.0/21
Signature Algorithm: sha256WithRSAEncryption
13:b1:8e:f3:f1:de:eb:79:44:2d:31:2d:de:9a:16:0c:fb:3a:
e1:1d:d1:08:99:11:11:d9:d4:b5:19:ed:9d:ed:58:51:35:03:
80:98:16:02:72:b2:34:b6:76:f9:e7:7c:ef:6d:3f:4e:78:c2:
b7:40:5d:5f:2b:18:cf:2f:36:d2:bb:8e:33:c0:7d:f8:61:6f:
8b:1a:30:35:6c:cf:83:39:c2:a7:de:ab:70:c5:9e:4e:75:5b:
16:db:45:46:ca:e9:85:d1:20:e6:57:a0:36:6f:c4:9d:ec:7f:
f7:2c:eb:3f:6b:88:3a:81:df:14:a4:39:d3:c9:e6:af:bf:1f:
89:1b:e6:42:bc:56:48:87:91:00:02:35:2b:dc:57:e7:75:5c:
3d:e8:ea:6f:b2:b1:5f:4a:ed:f8:ee:7d:11:39:16:f7:f4:2a:
58:ba:fe:01:d6:68:18:af:71:fc:a7:a9:48:82:e6:f7:f4:e5:
5b:90:62:4a:4e:46:c6:3e:0c:41:db:d1:7a:12:21:b8:29:8d:
7f:e3:95:2c:d9:4d:d6:8c:cc:35:50:b7:2d:27:7f:9a:69:ec:
74:ee:c9:7e:8d:fd:b8:64:06:6a:06:ae:9e:a3:0d:d7:4c:a8:
aa:fc:8c:2c:bc:5d:b3:5e:2c:ca:5b:55:aa:35:d4:a6:d7:be:
83:c7:01:93
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZB6h80HuwER8s6H0b0KIDk+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwNzAzMjEzNzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjkxNTZlMTVmYmM4NDlmMDEzNWQwNDczZDFmZjRjMmZmNWUxMWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYujzu2VN2LNaQ4MxLJ9Z36pyMaD
bxSrncpHou3uoRkDBNxDxUe+vcQz2A2vh/YOx8bw23iYjWuLI5AYIWVe8htZggPQ
4UmYZjLTCsLWHhy18KzZS16/j5X264U/g80BHKUtAIkM2qdLe6GNBPKssNhn9F0v
d9viYtGzb6cHCPl2yVo/N4P30H7ed83TLQzTY1wazTpUQgcBNePGUOQRmpGf953f
PxkdplUBQI1k+VmbKyf4MlLX6clyQTGg+DPBfoF8JCY0oy+NszEHSRdp1nAo9McK
8vwst+NNlfCj+/LlZAh610n2xOSHJozDbEnMD62EL2L8pubT6aE4ECKp2QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLuRVuFfvISfATXQRz0f9ML/XhHtMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvdTVGVzRWLThoSjhCTmRCSFBSXzB3djllRWUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCU5P0AwQD
W7rIAwQDXvGoMA0GCSqGSIb3DQEBCwUAA4IBAQATsY7z8d7reUQtMS3emhYM+zrh
HdEImRER2dS1Ge2d7VhRNQOAmBYCcrI0tnb553zvbT9OeMK3QF1fKxjPLzbSu44z
wH34YW+LGjA1bM+DOcKn3qtwxZ5OdVsW20VGyumF0SDmV6A2b8Sd7H/3LOs/a4g6
gd8UpDnTyeavvx+JG+ZCvFZIh5EAAjUr3FfndVw96OpvsrFfSu347n0RORb39CpY
uv4B1mgYr3H8p6lIgub39OVbkGJKTkbGPgxB29F6EiG4KY1/45Us2U3WjMw1ULct
J3+aaex07sl+jf24ZAZqBq6eow3XTKiq/IwsvF2zXizKW1WqNdSm176DxwGT
-----END CERTIFICATE-----
Generated at Thu Jul 25 12:39:09 2024 by rpki-client on console-fra.rpki-client.org