Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/ul3h2W90XCkvlk-Rih4UIV6wIJ0.roa
File: ul3h2W90XCkvlk-Rih4UIV6wIJ0.roa (raw, json)
Hash identifier: SZBLdj67gwHP8JUBTb0jQSOXN9ovSOIK2ziDw1nRmEg=
Subject key identifier: BA:5D:E1:D9:6F:74:5C:29:2F:96:4F:91:8A:1E:14:21:5E:B0:20:9D
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 0190E931AC22A96EDCB76C93D7DFCC01E725
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/ul3h2W90XCkvlk-Rih4UIV6wIJ0.roa
Signing time: Thu 25 Jul 2024 09:21:04 +0000
ROA not before: Thu 25 Jul 2024 09:21:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.216.0/24 maxlen: 24
83.147.244.0/22 maxlen: 24
91.186.200.0/22 maxlen: 24
91.186.204.0/22 maxlen: 24
94.241.168.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sat 27 Jul 2024 06:46:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e9:31:ac:22:a9:6e:dc:b7:6c:93:d7:df:cc:01:e7:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jul 25 09:21:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba5de1d96f745c292f964f918a1e14215eb0209d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:83:ce:a3:d3:c5:02:fa:32:88:5f:1d:da:3c:
aa:dc:28:4e:74:ee:59:3b:b2:fc:8c:b9:e8:06:6a:
06:62:d6:94:02:44:83:e8:b1:6f:0a:a7:1d:5d:18:
45:f5:9c:b1:92:1c:22:11:fb:3e:b9:f2:17:33:2f:
4b:10:62:6e:41:64:1e:78:65:71:4b:a4:db:28:1a:
04:65:17:ad:35:69:d6:54:bc:be:33:19:13:b9:8f:
f8:04:8c:50:05:00:c0:81:c6:e6:e2:9e:e9:06:2c:
1c:05:49:78:d1:be:88:be:8c:28:74:6f:e6:e7:8e:
58:86:0c:b7:17:7b:84:e4:7b:77:6c:e2:7c:b7:71:
37:21:40:f3:ce:fa:30:af:e7:02:46:fd:a1:2e:eb:
ed:ae:e8:f6:e8:ab:94:af:e7:f5:04:6f:75:2a:4b:
f3:a2:d4:f1:b2:cb:ad:62:ea:a9:32:e4:fd:9a:a5:
c8:ba:00:d6:33:15:28:0c:4c:58:01:3c:06:30:a5:
92:9d:80:8b:69:36:e8:86:13:b9:a0:b7:26:79:aa:
ad:4c:9b:27:11:6a:27:34:0a:59:75:bc:6a:6e:c1:
63:23:e5:30:9a:8c:fb:a7:91:92:56:95:58:3c:78:
be:72:0c:a7:52:ae:5b:25:4c:0f:4b:82:48:0a:78:
91:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:5D:E1:D9:6F:74:5C:29:2F:96:4F:91:8A:1E:14:21:5E:B0:20:9D
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/ul3h2W90XCkvlk-Rih4UIV6wIJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.216.0/24
83.147.244.0/22
91.186.200.0/21
94.241.168.0/21
Signature Algorithm: sha256WithRSAEncryption
23:9c:dc:83:0d:c7:28:78:3c:f7:8d:a4:30:18:44:25:44:67:
fd:34:b9:03:d9:42:83:2c:ef:51:d0:94:21:c3:18:1d:ad:d1:
b0:5d:6c:1f:38:a5:54:c1:53:1c:e8:35:c4:48:bb:43:65:38:
46:85:82:d7:31:84:96:c8:16:67:e3:8b:0e:92:62:64:9c:02:
93:15:f9:7c:0e:cb:49:17:2b:c3:11:18:d6:e7:4b:10:02:32:
e8:a4:af:5f:27:e9:27:70:a2:87:ad:49:37:07:c3:81:06:73:
d1:7e:d5:d0:8b:90:c6:af:63:15:c7:34:fd:a4:e9:6b:25:d0:
6e:7b:2d:7a:1d:cd:6d:bd:da:de:d9:72:65:c3:4e:c5:2c:ce:
88:01:af:b2:2c:dd:c2:62:a8:a8:1e:aa:86:92:aa:6f:a0:19:
36:6b:d3:86:67:0f:5a:03:b8:67:0c:90:79:0c:0b:3f:56:86:
88:a6:28:d8:8b:81:9b:d0:bd:b8:7f:47:93:eb:fd:97:d2:85:
1a:6f:80:c8:cf:a3:4d:45:c1:38:d4:18:e3:a5:40:a6:a7:88:
53:eb:31:94:64:bf:87:e3:aa:ee:7b:cf:b9:20:3c:56:96:78:
c8:87:b4:00:05:ec:3a:08:79:18:aa:d9:23:23:80:25:2f:34:
e7:a6:e0:35
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZDpMawiqW7ct2yT19/MAeclMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwNzI1MDkyMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTVkZTFkOTZmNzQ1YzI5MmY5NjRmOTE4YTFlMTQyMTVlYjAyMDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4POo9PFAvoyiF8d2jyq3ChOdO5Z
O7L8jLnoBmoGYtaUAkSD6LFvCqcdXRhF9ZyxkhwiEfs+ufIXMy9LEGJuQWQeeGVx
S6TbKBoEZRetNWnWVLy+MxkTuY/4BIxQBQDAgcbm4p7pBiwcBUl40b6IvowodG/m
545Yhgy3F3uE5Ht3bOJ8t3E3IUDzzvowr+cCRv2hLuvtruj26KuUr+f1BG91Kkvz
otTxssutYuqpMuT9mqXIugDWMxUoDExYATwGMKWSnYCLaTbohhO5oLcmeaqtTJsn
EWonNApZdbxqbsFjI+Uwmoz7p5GSVpVYPHi+cgynUq5bJUwPS4JICniRewIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLpd4dlvdFwpL5ZPkYoeFCFesCCdMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvdWwzaDJXOTBYQ2t2bGstUmloNFVJVjZ3SUowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAU5PYAwQC
U5P0AwQDW7rIAwQDXvGoMA0GCSqGSIb3DQEBCwUAA4IBAQAjnNyDDccoeDz3jaQw
GEQlRGf9NLkD2UKDLO9R0JQhwxgdrdGwXWwfOKVUwVMc6DXESLtDZThGhYLXMYSW
yBZn44sOkmJknAKTFfl8DstJFyvDERjW50sQAjLopK9fJ+kncKKHrUk3B8OBBnPR
ftXQi5DGr2MVxzT9pOlrJdBuey16Hc1tvdre2XJlw07FLM6IAa+yLN3CYqioHqqG
kqpvoBk2a9OGZw9aA7hnDJB5DAs/VoaIpijYi4Gb0L24f0eT6/2X0oUab4DIz6NN
RcE41BjjpUCmp4hT6zGUZL+H46rue8+5IDxWlnjIh7QABew6CHkYqtkjI4AlLzTn
puA1
Generated at Sat Jul 27 08:30:47 2024 by rpki-client on console-fra.rpki-client.org