Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wYLM1DD_LpIH7E2rzSn1Dbh_MrQ.roa
File: wYLM1DD_LpIH7E2rzSn1Dbh_MrQ.roa (raw, json)
Hash identifier: 4XW1RZtv+BNsS7+3CJgLMq1nk/l9rXNyMUZzl9mqSm0=
Subject key identifier: C1:82:CC:D4:30:FF:2E:92:07:EC:4D:AB:CD:29:F5:0D:B8:7F:32:B4
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018E6BB20BA0AAB3D0048A087E6102A87E68
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wYLM1DD_LpIH7E2rzSn1Dbh_MrQ.roa
Signing time: Sat 23 Mar 2024 14:23:34 +0000
ROA not before: Sat 23 Mar 2024 14:23:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.244.0/22 maxlen: 24
91.186.204.0/22 maxlen: 24
94.241.168.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 27 Mar 2024 08:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:6b:b2:0b:a0:aa:b3:d0:04:8a:08:7e:61:02:a8:7e:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Mar 23 14:23:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c182ccd430ff2e9207ec4dabcd29f50db87f32b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:57:53:db:07:6d:65:f9:53:ff:e5:58:2f:35:
a8:38:31:33:29:b2:ac:56:25:a0:8e:96:10:aa:39:
ca:61:d3:90:e6:d4:84:30:92:dc:6f:25:55:6e:2b:
8d:23:2f:dc:40:db:ed:7f:fd:cd:ef:bb:1d:27:80:
92:40:5f:eb:81:3d:01:69:fe:a8:92:78:76:89:27:
c4:07:b4:73:89:80:86:ac:06:db:84:74:8b:9e:fa:
3e:39:5a:4b:49:ca:fe:8f:c1:33:25:6b:9e:c7:8f:
6f:69:84:e0:fe:64:ec:ae:fa:82:3d:aa:49:2d:e3:
76:37:4a:d3:d2:69:64:76:46:70:00:4d:87:90:6b:
c1:94:28:e4:26:6b:eb:b2:14:64:de:63:70:c6:ef:
0e:97:56:14:6d:5b:9b:2f:a8:68:14:72:9d:5f:71:
6a:04:1a:c2:41:e6:3c:80:2c:c1:18:90:44:0e:bb:
e1:61:3d:8c:6c:3a:af:09:07:16:a2:c1:95:f9:3e:
fd:3f:d6:44:ea:d0:7e:3e:b6:d9:e7:54:be:98:bc:
58:31:af:79:54:02:96:59:1c:53:26:d2:d2:ee:37:
7d:82:5e:98:e9:ae:11:fa:35:48:bd:b8:59:e9:6f:
65:19:f5:3a:68:8a:9b:dd:64:9a:d5:53:bc:54:e5:
1f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:82:CC:D4:30:FF:2E:92:07:EC:4D:AB:CD:29:F5:0D:B8:7F:32:B4
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wYLM1DD_LpIH7E2rzSn1Dbh_MrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.244.0/22
91.186.204.0/22
94.241.168.0/21
Signature Algorithm: sha256WithRSAEncryption
3a:28:25:6f:7c:c0:83:ff:e2:9c:a9:63:8d:b9:1d:b4:ba:c1:
2f:92:48:31:a7:1d:1d:31:84:3f:38:2f:e9:12:4c:79:73:1a:
f7:c4:17:e1:24:0d:e2:d4:66:49:f5:7a:0f:a0:6a:93:e4:f7:
1d:a0:1a:6b:b1:a9:14:d5:78:49:db:39:7b:f1:3f:eb:03:92:
e8:50:ff:45:31:87:3b:55:88:8e:0c:87:85:88:f1:c3:8a:25:
a6:58:2b:58:72:b0:6b:8d:14:22:a6:a9:26:c0:16:5e:57:cc:
c7:35:31:a9:c5:59:08:bc:ca:bc:ca:5a:12:50:ae:b8:09:a9:
b8:30:31:81:79:26:ee:9f:22:58:60:ca:c3:66:6e:c7:9e:f6:
9f:bb:b0:df:de:ea:2f:5d:5b:38:1d:95:88:87:a2:e1:b6:35:
7d:91:8f:00:ff:2c:0e:b7:0a:58:46:b5:fa:f7:64:c5:33:47:
94:2d:25:21:a1:c4:25:41:62:42:4e:b2:3f:da:c1:ec:14:14:
e4:e3:df:6b:2a:04:ab:1a:51:5c:7b:5f:01:b3:a4:18:96:c1:
f4:5d:46:9f:bb:ff:b7:b7:4b:2d:5a:4e:8d:d2:c3:cb:45:d2:
52:6a:cd:f5:76:fd:ae:cc:33:7f:ff:00:0c:96:f6:6c:36:14:
83:37:34:3e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY5rsgugqrPQBIoIfmECqH5oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwMzIzMTQyMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTgyY2NkNDMwZmYyZTkyMDdlYzRkYWJjZDI5ZjUwZGI4N2YzMmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8VdT2wdtZflT/+VYLzWoODEzKbKs
ViWgjpYQqjnKYdOQ5tSEMJLcbyVVbiuNIy/cQNvtf/3N77sdJ4CSQF/rgT0Baf6o
knh2iSfEB7RziYCGrAbbhHSLnvo+OVpLScr+j8EzJWuex49vaYTg/mTsrvqCPapJ
LeN2N0rT0mlkdkZwAE2HkGvBlCjkJmvrshRk3mNwxu8Ol1YUbVubL6hoFHKdX3Fq
BBrCQeY8gCzBGJBEDrvhYT2MbDqvCQcWosGV+T79P9ZE6tB+PrbZ51S+mLxYMa95
VAKWWRxTJtLS7jd9gl6Y6a4R+jVIvbhZ6W9lGfU6aIqb3WSa1VO8VOUfKQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMGCzNQw/y6SB+xNq80p9Q24fzK0MB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvd1lMTTFERF9McElIN0UycnpTbjFEYmhfTXJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCU5P0AwQC
W7rMAwQDXvGoMA0GCSqGSIb3DQEBCwUAA4IBAQA6KCVvfMCD/+KcqWONuR20usEv
kkgxpx0dMYQ/OC/pEkx5cxr3xBfhJA3i1GZJ9XoPoGqT5PcdoBprsakU1XhJ2zl7
8T/rA5LoUP9FMYc7VYiODIeFiPHDiiWmWCtYcrBrjRQipqkmwBZeV8zHNTGpxVkI
vMq8yloSUK64Cam4MDGBeSbunyJYYMrDZm7Hnvafu7Df3uovXVs4HZWIh6LhtjV9
kY8A/ywOtwpYRrX692TFM0eULSUhocQlQWJCTrI/2sHsFBTk499rKgSrGlFce18B
s6QYlsH0XUafu/+3t0stWk6N0sPLRdJSas31dv2uzDN//wAMlvZsNhSDNzQ+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:10 2024 by rpki-client on console-fra.rpki-client.org