Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/vTnwQyVZNiLWlczMfSn8DL3Xgzg.roa
File: vTnwQyVZNiLWlczMfSn8DL3Xgzg.roa (raw, json)
Hash identifier: VmS0ZRaZr1b92Apa+TVb4/DYy3Y3Su1ccT/KiHVFFM4=
Subject key identifier: BD:39:F0:43:25:59:36:22:D6:95:CC:CC:7D:29:FC:0C:BD:D7:83:38
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018B2390868E7981DCFB89F454E6C8FA2984
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/vTnwQyVZNiLWlczMfSn8DL3Xgzg.roa
Signing time: Thu 12 Oct 2023 11:05:55 +0000
ROA not before: Thu 12 Oct 2023 11:05:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.186.216.0/22 maxlen: 24
94.241.168.0/21 maxlen: 24
83.147.222.0/24 maxlen: 24
83.147.244.0/22 maxlen: 24
83.147.252.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:23:90:86:8e:79:81:dc:fb:89:f4:54:e6:c8:fa:29:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Oct 12 11:05:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd39f04325593622d695cccc7d29fc0cbdd78338
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:38:50:12:2b:d1:f2:77:4e:6b:d6:7a:87:05:
85:d6:e9:18:68:33:bb:1b:e4:9a:57:5e:6b:7d:73:
86:4c:93:87:3f:09:15:d8:10:6d:6d:fd:b9:06:7d:
bb:bc:23:ba:26:fe:0e:64:b6:27:70:17:4d:a2:54:
c4:0e:50:4a:fa:9c:f3:b2:32:a4:67:47:f7:55:ec:
95:64:73:19:40:ef:ae:87:d5:51:49:2b:a4:dd:27:
ca:a7:d0:b4:0e:ed:73:29:32:58:be:8b:87:f7:db:
e7:d5:ae:23:86:21:13:49:59:d9:11:0d:f3:44:dd:
1a:05:ff:df:af:af:30:fb:32:3d:79:9e:86:cb:9c:
00:04:ea:b5:f0:95:9f:66:84:e2:a9:a7:bc:5f:5d:
87:c0:79:1d:f8:6b:6a:d9:43:12:dd:18:5d:60:73:
52:66:e7:ee:9f:2d:4d:08:fc:42:07:fe:fc:84:75:
14:7d:8a:8c:8d:0f:96:28:c2:d4:89:39:41:90:15:
35:42:ff:a5:4e:59:a4:bd:f3:d2:40:6f:c7:4c:88:
f6:bc:6a:24:0d:03:f8:41:af:9c:61:fe:ac:22:f9:
85:c9:d9:12:e2:d3:af:96:8f:0a:1c:e7:6f:c2:15:
36:1a:c0:e9:e1:66:fe:73:82:77:dc:be:de:7b:6e:
b2:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:39:F0:43:25:59:36:22:D6:95:CC:CC:7D:29:FC:0C:BD:D7:83:38
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/vTnwQyVZNiLWlczMfSn8DL3Xgzg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.222.0/24
83.147.244.0/22
83.147.252.0/22
91.186.216.0/22
94.241.168.0/21
Signature Algorithm: sha256WithRSAEncryption
5d:98:02:5d:6d:2e:82:7c:da:fa:41:c1:cf:27:7e:a0:41:f3:
4d:bb:d3:d5:38:8f:32:9d:cd:72:0a:52:2c:a9:a2:94:8a:ef:
da:31:73:c9:bf:f6:19:91:06:c7:0b:4c:bf:b5:ce:65:c8:83:
b9:28:d5:6c:3b:b4:a8:2f:7b:58:7e:88:3f:32:c9:49:bf:27:
5c:30:2f:78:aa:9b:e5:a6:d2:d5:1d:0a:f1:ef:fd:74:a7:94:
9d:4c:e1:3f:91:77:f5:3a:44:ea:e2:ef:03:d0:80:f6:66:02:
10:85:76:69:30:03:75:8f:09:1a:da:41:c2:03:fd:c0:6a:28:
a2:42:f9:a9:62:38:38:e5:5f:ed:b0:f1:28:d8:13:20:b9:a3:
f1:9b:9d:1e:64:ee:93:ed:3c:9c:a5:3f:eb:25:1e:ba:d3:6e:
6f:eb:d1:5c:43:fc:be:be:2b:82:af:c9:48:b7:d7:4c:c2:49:
20:13:3a:11:ef:4a:48:99:4b:db:de:1c:78:ea:ae:48:48:e2:
de:61:3d:ce:3c:7c:47:0c:73:26:97:48:12:a0:19:28:f2:8a:
6c:02:fc:8d:52:69:21:48:7f:29:c5:6e:09:70:ed:fc:09:de:
24:bc:b0:84:cd:06:8c:d3:2b:0a:de:02:63:c5:3b:b9:25:94:
89:3f:a7:f8
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYsjkIaOeYHc+4n0VObI+imEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMxMDEyMTEwNTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDM5ZjA0MzI1NTkzNjIyZDY5NWNjY2M3ZDI5ZmMwY2JkZDc4MzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoThQEivR8ndOa9Z6hwWF1ukYaDO7
G+SaV15rfXOGTJOHPwkV2BBtbf25Bn27vCO6Jv4OZLYncBdNolTEDlBK+pzzsjKk
Z0f3VeyVZHMZQO+uh9VRSSuk3SfKp9C0Du1zKTJYvouH99vn1a4jhiETSVnZEQ3z
RN0aBf/fr68w+zI9eZ6Gy5wABOq18JWfZoTiqae8X12HwHkd+Gtq2UMS3RhdYHNS
Zufuny1NCPxCB/78hHUUfYqMjQ+WKMLUiTlBkBU1Qv+lTlmkvfPSQG/HTIj2vGok
DQP4Qa+cYf6sIvmFydkS4tOvlo8KHOdvwhU2GsDp4Wb+c4J33L7ee26ytQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFL058EMlWTYi1pXMzH0p/Ay914M4MB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvdlRud1F5VlpOaUxXbGN6TWZTbjhETDNYZ3pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAU5PeAwQC
U5P0AwQCU5P8AwQCW7rYAwQDXvGoMA0GCSqGSIb3DQEBCwUAA4IBAQBdmAJdbS6C
fNr6QcHPJ36gQfNNu9PVOI8ync1yClIsqaKUiu/aMXPJv/YZkQbHC0y/tc5lyIO5
KNVsO7SoL3tYfog/MslJvydcMC94qpvlptLVHQrx7/10p5SdTOE/kXf1OkTq4u8D
0ID2ZgIQhXZpMAN1jwka2kHCA/3AaiiiQvmpYjg45V/tsPEo2BMguaPxm50eZO6T
7TycpT/rJR66025v69FcQ/y+viuCr8lIt9dMwkkgEzoR70pImUvb3hx46q5ISOLe
YT3OPHxHDHMml0gSoBko8opsAvyNUmkhSH8pxW4JcO38Cd4kvLCEzQaM0ysK3gJj
xTu5JZSJP6f4
-----END CERTIFICATE-----
Generated at Fri Oct 13 22:17:02 2023 by rpki-client on console-fra.rpki-client.org