Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/xYDqTi5pxPxGlD6Gv3wtvOjaUTk.roa
File: xYDqTi5pxPxGlD6Gv3wtvOjaUTk.roa (raw, json)
Hash identifier: TqodVlcLU4lGMJDEP8TPLR/qW6pyubMb+TnDJdNAkF8=
Subject key identifier: C5:80:EA:4E:2E:69:C4:FC:46:94:3E:86:BF:7C:2D:BC:E8:DA:51:39
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 0186930BBD9FCB018E30336DF7AC8DF7FEA0
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/xYDqTi5pxPxGlD6Gv3wtvOjaUTk.roa
Signing time: Mon 27 Feb 2023 13:24:25 +0000
ROA not before: Mon 27 Feb 2023 13:24:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.186.216.0/22 maxlen: 24
178.253.22.0/23 maxlen: 24
83.147.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Apr 2023 11:17:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:93:0b:bd:9f:cb:01:8e:30:33:6d:f7:ac:8d:f7:fe:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Feb 27 13:24:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c580ea4e2e69c4fc46943e86bf7c2dbce8da5139
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:c8:97:5e:bb:09:c4:84:f2:93:fc:58:1f:1d:
a1:95:28:58:2b:31:7c:54:85:81:e1:66:9c:d4:ff:
1d:19:4e:a3:97:33:ee:75:ac:e5:b8:07:2b:5e:e9:
41:e7:82:b8:47:a0:a2:ec:34:fb:a8:74:3c:16:93:
8b:d0:66:8d:a5:a9:d4:78:4a:b4:d8:bc:6c:fd:af:
05:8f:ea:22:d5:96:11:17:bd:9c:53:f2:38:e3:02:
ba:68:31:35:a5:73:c5:a2:59:e3:55:3b:ca:ba:41:
70:fa:1c:3d:0d:3c:69:19:5b:4a:69:7e:d2:17:39:
4b:48:5a:72:49:56:6c:6d:19:05:46:88:38:b5:4b:
b1:4d:5e:25:df:5d:f0:49:85:5a:da:13:9d:6a:89:
1b:67:41:d8:5b:74:81:0d:61:d6:a7:d5:0d:d6:a2:
ad:46:fb:48:9f:6f:8f:fa:3d:ef:74:b0:d3:01:e9:
ff:23:a9:b3:d4:39:16:11:4d:0a:11:cd:91:36:33:
98:f2:bf:6b:f2:93:d4:b9:c4:16:4b:92:66:84:76:
76:62:60:40:61:89:18:f1:5f:ee:a3:b5:0a:5b:c7:
16:61:7d:e8:bc:86:ba:1a:02:a8:d5:06:b0:7e:ba:
f7:66:a4:72:27:bd:b4:c8:5a:ba:e1:86:79:96:6b:
10:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:80:EA:4E:2E:69:C4:FC:46:94:3E:86:BF:7C:2D:BC:E8:DA:51:39
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/xYDqTi5pxPxGlD6Gv3wtvOjaUTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.252.0/22
91.186.216.0/22
178.253.22.0/23
Signature Algorithm: sha256WithRSAEncryption
32:65:51:92:10:69:c7:f6:26:ef:ae:28:72:ab:92:63:02:7c:
63:a8:1a:a9:33:05:de:09:26:09:48:c7:d6:50:ed:86:72:13:
9c:dc:21:8e:66:0a:2a:99:ce:ae:e3:06:52:49:3f:1a:ab:c6:
71:6b:88:3d:f7:f4:6d:0e:f3:b6:6f:1a:7c:b9:a4:76:55:83:
a3:03:ac:d6:0e:e7:ca:17:b1:02:82:c3:33:c7:40:2d:45:20:
5f:81:33:48:ae:1e:01:ff:cd:b2:65:2c:15:5a:52:1e:cd:20:
c7:bc:9e:23:40:ce:6a:da:c0:70:16:e1:d5:8a:89:74:68:84:
4f:46:c9:ac:26:a6:f7:b8:7f:c3:79:89:f0:18:64:1b:41:1c:
75:77:58:89:aa:cd:c2:98:4f:26:a8:2c:9b:6f:22:bc:3e:07:
8c:99:51:f3:48:7c:a6:81:e5:08:5e:ba:63:2a:37:20:59:a9:
f8:d5:32:6b:96:22:8e:be:8e:76:b0:89:b4:0e:b7:ea:c1:23:
3e:ad:f6:cd:1a:4d:6b:54:33:9a:66:e7:17:99:27:70:db:7a:
4b:8b:17:54:bd:2c:0f:73:ff:c2:da:e5:b0:0a:dd:d7:b2:2a:
52:17:d8:21:c8:64:f5:77:34:45:c5:2d:96:c8:37:36:21:98:
6c:2b:e1:71
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYaTC72fywGOMDNt96yN9/6gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwMjI3MTMyNDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTgwZWE0ZTJlNjljNGZjNDY5NDNlODZiZjdjMmRiY2U4ZGE1MTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1MiXXrsJxITyk/xYHx2hlShYKzF8
VIWB4Wac1P8dGU6jlzPudazluAcrXulB54K4R6Ci7DT7qHQ8FpOL0GaNpanUeEq0
2Lxs/a8Fj+oi1ZYRF72cU/I44wK6aDE1pXPFolnjVTvKukFw+hw9DTxpGVtKaX7S
FzlLSFpySVZsbRkFRog4tUuxTV4l313wSYVa2hOdaokbZ0HYW3SBDWHWp9UN1qKt
RvtIn2+P+j3vdLDTAen/I6mz1DkWEU0KEc2RNjOY8r9r8pPUucQWS5JmhHZ2YmBA
YYkY8V/uo7UKW8cWYX3ovIa6GgKo1Qawfrr3ZqRyJ720yFq64YZ5lmsQAwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMWA6k4uacT8RpQ+hr98Lbzo2lE5MB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEveFlEcVRpNXB4UHhHbEQ2R3Yzd3R2T2phVVRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCU5P8AwQC
W7rYAwQBsv0WMA0GCSqGSIb3DQEBCwUAA4IBAQAyZVGSEGnH9ibvrihyq5JjAnxj
qBqpMwXeCSYJSMfWUO2GchOc3CGOZgoqmc6u4wZSST8aq8Zxa4g99/RtDvO2bxp8
uaR2VYOjA6zWDufKF7ECgsMzx0AtRSBfgTNIrh4B/82yZSwVWlIezSDHvJ4jQM5q
2sBwFuHViol0aIRPRsmsJqb3uH/DeYnwGGQbQRx1d1iJqs3CmE8mqCybbyK8PgeM
mVHzSHymgeUIXrpjKjcgWan41TJrliKOvo52sIm0DrfqwSM+rfbNGk1rVDOaZucX
mSdw23pLixdUvSwPc//C2uWwCt3XsipSF9ghyGT1dzRFxS2WyDc2IZhsK+Fx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:20 2024 by rpki-client on console-ams.rpki-client.org