Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/yZc0WV8PO3Q4GozmD6H5C8Cw5CI.roa
File: yZc0WV8PO3Q4GozmD6H5C8Cw5CI.roa (raw, json)
Hash identifier: JJOih6P/SHjiWW4XtJLo4SZjOe/gb1kfV3g9d4naP64=
Subject key identifier: C9:97:34:59:5F:0F:3B:74:38:1A:8C:E6:0F:A1:F9:0B:C0:B0:E4:22
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018F33214111751D4D59BDE6A8E8287ED07A
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/yZc0WV8PO3Q4GozmD6H5C8Cw5CI.roa
Signing time: Wed 01 May 2024 07:49:28 +0000
ROA not before: Wed 01 May 2024 07:49:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.244.0/22 maxlen: 24
91.186.204.0/22 maxlen: 24
94.241.168.0/21 maxlen: 24
178.253.32.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 May 2024 11:24:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:33:21:41:11:75:1d:4d:59:bd:e6:a8:e8:28:7e:d0:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: May 1 07:49:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c99734595f0f3b74381a8ce60fa1f90bc0b0e422
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:27:10:52:e8:69:a3:2d:df:95:79:3c:e3:fc:
cc:bb:35:9a:ea:49:16:54:47:0c:6f:79:e6:c2:3a:
c4:d6:d5:76:ee:47:5a:91:69:a1:bc:90:83:13:c3:
a7:42:f3:6f:5d:4b:15:ba:cd:ee:fd:1f:66:ca:e9:
bb:59:79:1a:51:f6:9b:31:9d:7f:aa:28:55:c1:71:
ca:1c:8f:36:53:d3:5c:e3:03:58:cc:98:ab:e9:da:
b6:e9:b0:fb:9c:ae:9e:eb:9a:2d:d8:c3:d8:ed:4e:
5e:7a:ab:02:73:22:e3:0f:8a:22:3d:09:d6:5c:ba:
ef:b2:e4:41:0b:0e:0b:e0:32:3f:d3:f5:45:da:09:
59:6d:40:82:3b:e2:7d:1f:82:0a:b2:b6:97:24:1d:
c0:1f:1b:8d:cd:1e:94:8f:a7:b9:d3:a1:b6:4b:30:
12:d0:d4:30:8d:20:68:87:e4:e1:5c:39:2f:bd:59:
7a:71:3c:79:03:4f:2c:51:f4:0b:d3:b7:c6:11:d3:
14:52:c5:9a:0f:4f:a8:e5:95:02:02:f0:da:67:4c:
3e:c7:94:fd:29:a8:db:10:c0:33:de:ab:d0:0a:8f:
2a:4a:47:0c:9a:42:76:9f:dd:bb:e7:1a:24:3f:ba:
c2:45:15:fe:aa:83:50:11:ed:34:21:eb:eb:be:56:
10:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:97:34:59:5F:0F:3B:74:38:1A:8C:E6:0F:A1:F9:0B:C0:B0:E4:22
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/yZc0WV8PO3Q4GozmD6H5C8Cw5CI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.244.0/22
91.186.204.0/22
94.241.168.0/21
178.253.32.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:e2:82:ed:18:f5:69:3e:7d:fc:cd:f8:b9:35:c4:22:57:e1:
fa:1a:a5:cd:93:57:4b:6e:89:44:15:8d:7d:a9:4e:ed:1d:c6:
aa:b1:04:c5:21:d0:33:a4:04:9a:4f:44:1b:b8:29:5b:55:39:
3a:8e:c7:22:31:70:36:0b:95:e0:01:c8:a7:59:3a:7f:3b:12:
ce:03:95:69:62:f1:86:e7:d0:98:6b:9d:1b:4a:ed:6c:db:6c:
ce:79:8a:cc:04:c5:74:09:6b:b9:1c:0f:ee:63:90:99:1a:f3:
a0:8d:73:ba:dd:d3:3d:97:57:13:2d:c8:f0:89:c6:e3:24:be:
c8:af:c1:b8:de:44:8a:97:99:6a:46:ed:11:6b:e5:f0:b3:28:
e3:cd:92:56:b4:f8:0e:5c:67:0d:ea:ac:28:14:d6:87:49:92:
f5:02:2e:4d:e6:6e:fc:35:b3:d0:4b:45:7a:25:11:53:1e:0d:
3c:9f:55:7d:96:1c:64:5e:a5:f0:ee:ee:66:73:2f:d0:ec:af:
55:9a:0e:cc:7c:5f:72:04:95:27:50:ab:2f:ff:44:9a:46:0c:
eb:55:99:74:3c:97:bf:ff:e9:a9:67:02:2a:8f:2d:a1:48:27:
4b:31:aa:f0:42:2d:42:05:29:4b:6b:ac:4f:0e:31:31:0b:be:
5a:4b:87:15
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY8zIUERdR1NWb3mqOgoftB6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwNTAxMDc0OTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTk3MzQ1OTVmMGYzYjc0MzgxYThjZTYwZmExZjkwYmMwYjBlNDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCcQUuhpoy3flXk84/zMuzWa6kkW
VEcMb3nmwjrE1tV27kdakWmhvJCDE8OnQvNvXUsVus3u/R9myum7WXkaUfabMZ1/
qihVwXHKHI82U9Nc4wNYzJir6dq26bD7nK6e65ot2MPY7U5eeqsCcyLjD4oiPQnW
XLrvsuRBCw4L4DI/0/VF2glZbUCCO+J9H4IKsraXJB3AHxuNzR6Uj6e506G2SzAS
0NQwjSBoh+ThXDkvvVl6cTx5A08sUfQL07fGEdMUUsWaD0+o5ZUCAvDaZ0w+x5T9
KajbEMAz3qvQCo8qSkcMmkJ2n9275xokP7rCRRX+qoNQEe00IevrvlYQhQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMmXNFlfDzt0OBqM5g+h+QvAsOQiMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEveVpjMFdWOFBPM1E0R296bUQ2SDVDOEN3NUNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCU5P0AwQC
W7rMAwQDXvGoAwQAsv0gMA0GCSqGSIb3DQEBCwUAA4IBAQAP4oLtGPVpPn38zfi5
NcQiV+H6GqXNk1dLbolEFY19qU7tHcaqsQTFIdAzpASaT0QbuClbVTk6jsciMXA2
C5XgAcinWTp/OxLOA5VpYvGG59CYa50bSu1s22zOeYrMBMV0CWu5HA/uY5CZGvOg
jXO63dM9l1cTLcjwicbjJL7Ir8G43kSKl5lqRu0Ra+XwsyjjzZJWtPgOXGcN6qwo
FNaHSZL1Ai5N5m78NbPQS0V6JRFTHg08n1V9lhxkXqXw7u5mcy/Q7K9Vmg7MfF9y
BJUnUKsv/0SaRgzrVZl0PJe//+mpZwIqjy2hSCdLMarwQi1CBSlLa6xPDjExC75a
S4cV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:20 2024 by rpki-client on console-ams.rpki-client.org