Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/vWsSZ-DfVZNmJXD5zSj-KOS5RXg.roa
File: vWsSZ-DfVZNmJXD5zSj-KOS5RXg.roa (raw, json)
Hash identifier: 7YhYb1ATKz9xaBcIQdYUZ2+CCM8+Lm1YuFafWdMTMkE=
Subject key identifier: BD:6B:12:67:E0:DF:55:93:66:25:70:F9:CD:28:FE:28:E4:B9:45:78
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018B2390871A1ED45FBB129FBDCE5B6E3062
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/vWsSZ-DfVZNmJXD5zSj-KOS5RXg.roa
Signing time: Thu 12 Oct 2023 11:05:56 +0000
ROA not before: Thu 12 Oct 2023 11:05:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 91.186.200.0/22 maxlen: 24
91.186.214.0/23 maxlen: 24
178.253.12.0/23 maxlen: 24
83.147.216.0/23 maxlen: 24
83.147.217.0/24 maxlen: 24
178.253.31.0/24 maxlen: 24
83.147.232.0/22 maxlen: 24
178.253.52.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:23:90:87:1a:1e:d4:5f:bb:12:9f:bd:ce:5b:6e:30:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Oct 12 11:05:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd6b1267e0df5593662570f9cd28fe28e4b94578
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:d0:94:17:3d:69:11:79:66:da:59:98:94:3a:
6a:20:a0:18:7b:c0:8f:66:a2:16:37:bf:79:20:cc:
cd:d0:05:24:4e:2e:bb:84:b7:f9:71:c9:90:f5:12:
f2:05:70:38:d4:a7:65:ba:f6:38:ac:cc:0c:35:df:
ab:bf:a7:e9:50:e7:90:e3:9c:6e:c5:ad:f8:72:e0:
c5:74:8a:56:96:55:fd:e7:3e:71:dc:13:0d:d0:77:
9b:78:34:72:1d:22:a5:9a:1b:dd:1b:9c:b4:3b:e5:
07:57:a8:74:f4:9a:83:7e:3a:f2:1f:34:db:49:64:
ce:59:ae:3e:20:c3:bd:b4:02:62:eb:b1:23:e5:0c:
4d:6c:3d:2d:19:e8:40:a4:1d:fb:a4:50:a8:01:cc:
9f:b7:35:81:78:4a:e9:f9:8b:73:68:76:11:a8:3b:
f1:be:26:09:33:6f:17:37:2d:91:09:18:27:23:df:
1a:82:cc:c0:bb:8d:47:be:ba:95:b1:07:73:f8:5c:
ba:bd:2c:8d:8b:05:e7:0f:7d:d6:b1:50:d0:d2:03:
30:32:f0:19:d7:1b:36:44:09:25:f6:bd:86:c0:b3:
31:3f:52:ef:ef:a5:bd:35:33:7f:b9:a5:c4:d7:34:
a2:92:f3:eb:36:b6:58:f6:79:25:7a:78:36:a3:03:
b4:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:6B:12:67:E0:DF:55:93:66:25:70:F9:CD:28:FE:28:E4:B9:45:78
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/vWsSZ-DfVZNmJXD5zSj-KOS5RXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.216.0/23
83.147.232.0/22
91.186.200.0/22
91.186.214.0/23
178.253.12.0/23
178.253.31.0/24
178.253.52.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:17:8a:34:aa:21:c2:6d:a0:0b:12:ba:ab:63:e8:65:37:07:
0f:51:dd:31:de:ce:76:5b:55:54:cd:74:07:d9:81:9c:df:ca:
69:fb:28:6a:e0:7e:eb:b0:b0:d5:98:57:0c:23:92:5a:e4:11:
66:fd:dc:04:a5:a2:3a:70:ca:1b:be:b7:42:cc:b7:7f:95:ea:
df:36:fa:35:f9:77:c0:aa:31:6a:12:cc:9c:bb:0e:12:b9:6d:
6b:b1:fe:e9:45:e4:16:b5:91:38:38:c4:a8:bf:dd:bf:a3:8d:
cf:1c:0d:d8:34:93:be:d0:c4:6d:df:2e:92:93:3b:02:2c:01:
b4:cf:c4:7d:2d:87:e4:7b:74:1e:19:07:42:46:1c:42:ea:fc:
38:94:1a:72:16:b2:6c:41:fb:81:de:de:4b:22:9b:45:84:b8:
d4:4e:53:f2:62:06:61:51:30:39:ea:d0:b0:35:cd:79:5e:21:
a1:4e:d9:f4:79:a7:ee:89:19:13:00:e4:7f:75:9d:86:0a:46:
b5:bf:4c:2c:2b:73:14:0d:af:90:de:b3:35:db:c9:24:21:61:
00:40:ef:13:f1:d4:3e:38:4b:9a:6b:08:ae:9a:6d:6b:92:fe:
8d:49:65:43:05:41:0d:e8:7c:80:ea:88:8f:2c:78:8b:8b:c6:
a2:2a:1d:7a
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYsjkIcaHtRfuxKfvc5bbjBiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMxMDEyMTEwNTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDZiMTI2N2UwZGY1NTkzNjYyNTcwZjljZDI4ZmUyOGU0Yjk0NTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNCUFz1pEXlm2lmYlDpqIKAYe8CP
ZqIWN795IMzN0AUkTi67hLf5ccmQ9RLyBXA41KdluvY4rMwMNd+rv6fpUOeQ45xu
xa34cuDFdIpWllX95z5x3BMN0HebeDRyHSKlmhvdG5y0O+UHV6h09JqDfjryHzTb
SWTOWa4+IMO9tAJi67Ej5QxNbD0tGehApB37pFCoAcyftzWBeErp+YtzaHYRqDvx
viYJM28XNy2RCRgnI98agszAu41HvrqVsQdz+Fy6vSyNiwXnD33WsVDQ0gMwMvAZ
1xs2RAkl9r2GwLMxP1Lv76W9NTN/uaXE1zSikvPrNrZY9nkleng2owO0cQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFL1rEmfg31WTZiVw+c0o/ijkuUV4MB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvdldzU1otRGZWWk5tSlhENXpTai1LT1M1UlhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBU5PYAwQC
U5PoAwQCW7rIAwQBW7rWAwQBsv0MAwQAsv0fAwQBsv00MA0GCSqGSIb3DQEBCwUA
A4IBAQCaF4o0qiHCbaALErqrY+hlNwcPUd0x3s52W1VUzXQH2YGc38pp+yhq4H7r
sLDVmFcMI5Ja5BFm/dwEpaI6cMobvrdCzLd/lerfNvo1+XfAqjFqEsycuw4SuW1r
sf7pReQWtZE4OMSov92/o43PHA3YNJO+0MRt3y6SkzsCLAG0z8R9LYfke3QeGQdC
RhxC6vw4lBpyFrJsQfuB3t5LIptFhLjUTlPyYgZhUTA56tCwNc15XiGhTtn0eafu
iRkTAOR/dZ2GCka1v0wsK3MUDa+Q3rM128kkIWEAQO8T8dQ+OEuaawiumm1rkv6N
SWVDBUEN6HyA6oiPLHiLi8aiKh16
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:37:28 2024 by rpki-client on console-fra.rpki-client.org