Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/z34XUuRhzrCeT2oyqmw7QR1eIBw.roa
File: z34XUuRhzrCeT2oyqmw7QR1eIBw.roa (raw, json)
Hash identifier: ITPm2xRNZHpNNgFzS5LFKtX845e/P3WeDUYnF/l+YlQ=
Subject key identifier: CF:7E:17:52:E4:61:CE:B0:9E:4F:6A:32:AA:6C:3B:41:1D:5E:20:1C
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018FF19CF9D512853B0F7A968E05637CE204
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/z34XUuRhzrCeT2oyqmw7QR1eIBw.roa
Signing time: Fri 07 Jun 2024 07:32:27 +0000
ROA not before: Fri 07 Jun 2024 07:32:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.244.0/22 maxlen: 24
83.147.252.0/22 maxlen: 22
91.186.200.0/22 maxlen: 24
91.186.204.0/22 maxlen: 24
91.186.216.0/23 maxlen: 24
94.241.168.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Jun 2024 12:45:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f1:9c:f9:d5:12:85:3b:0f:7a:96:8e:05:63:7c:e2:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jun 7 07:32:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf7e1752e461ceb09e4f6a32aa6c3b411d5e201c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:22:b3:7d:03:30:e5:bf:e3:94:d3:ba:71:74:
ad:76:46:26:fc:df:e9:13:51:d1:d4:2b:58:5f:1b:
ef:37:9c:02:f7:8f:6b:a8:75:ef:ae:34:e8:d9:0d:
fc:bf:f5:d5:c3:aa:2b:b1:5d:1f:3a:21:5d:5e:a9:
b1:0a:aa:cf:8b:1f:c2:46:b5:d2:30:0f:dc:1c:d9:
6e:32:98:2b:19:94:ef:c4:17:42:eb:30:ec:5d:d5:
94:29:ee:fa:81:50:e4:27:72:43:87:b4:e5:5d:26:
98:e9:c2:02:7c:29:11:e7:d9:f7:53:68:0f:48:f1:
6a:e1:d9:aa:e6:8e:8e:67:a9:a4:d5:a4:9e:6c:f1:
f8:dc:78:db:c7:33:46:fe:b9:08:0c:9f:42:90:5d:
f1:d1:5a:c1:ce:7c:9c:d8:e3:df:68:29:c2:0b:55:
d8:e4:55:85:e8:de:1d:fe:05:16:ab:b9:7c:24:ab:
b3:0e:29:f6:a8:cf:ed:59:d7:2b:19:19:11:60:52:
da:69:dc:56:1d:bc:47:a2:bb:ee:cb:82:71:ad:e0:
c2:11:4e:72:e2:9c:2d:70:e6:87:3a:ee:66:3e:e2:
8e:a6:30:87:6f:8a:9b:d9:b5:f6:cc:90:95:15:81:
a0:bc:fc:87:d0:ec:74:1b:b1:15:21:09:dc:75:3f:
5f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:7E:17:52:E4:61:CE:B0:9E:4F:6A:32:AA:6C:3B:41:1D:5E:20:1C
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/z34XUuRhzrCeT2oyqmw7QR1eIBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.244.0/22
83.147.252.0/22
91.186.200.0/21
91.186.216.0/23
94.241.168.0/21
Signature Algorithm: sha256WithRSAEncryption
19:33:65:e9:f1:0d:1c:53:96:e6:1c:15:95:d3:72:91:14:d4:
37:13:23:99:d6:1a:2e:88:01:39:37:77:d3:e2:b7:9d:f8:a5:
ad:de:e1:6b:86:cb:df:1e:7c:51:55:9b:44:b2:7e:c9:c2:b3:
3d:45:5f:d5:6d:af:8e:b1:d2:ff:b1:d0:66:e6:4c:fe:19:0d:
d2:fb:b5:a7:88:5e:c5:3e:df:9f:f8:7c:bc:91:7d:b7:22:ea:
c3:6a:1e:69:e4:81:0f:b5:99:50:db:57:99:a7:24:1c:f9:88:
3a:c9:7e:37:b9:a5:5c:95:b8:db:05:75:ff:e0:69:f1:e9:27:
ba:9e:f1:37:10:bf:36:b5:e2:dc:2d:49:63:d1:ea:41:3e:31:
a6:d8:b6:51:04:f4:92:ca:0b:02:f8:88:5c:5b:7e:f7:1f:c5:
db:a8:0f:27:cb:fc:7d:0d:ee:ae:f0:ac:1a:98:48:33:16:3b:
51:4e:cc:01:e2:71:92:54:c6:d4:4c:d4:66:5b:f3:c6:2f:87:
99:4b:05:4a:4f:ec:46:61:24:ae:f8:96:58:3d:7d:de:f1:44:
6f:8d:26:bc:6b:79:91:f5:10:4a:85:46:c4:ec:91:1b:79:32:
21:f6:c5:99:ff:6f:1a:a5:b7:64:a6:93:77:5c:fe:77:09:31:
ab:6e:73:04
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY/xnPnVEoU7D3qWjgVjfOIEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwNjA3MDczMjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjdlMTc1MmU0NjFjZWIwOWU0ZjZhMzJhYTZjM2I0MTFkNWUyMDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSKzfQMw5b/jlNO6cXStdkYm/N/p
E1HR1CtYXxvvN5wC949rqHXvrjTo2Q38v/XVw6orsV0fOiFdXqmxCqrPix/CRrXS
MA/cHNluMpgrGZTvxBdC6zDsXdWUKe76gVDkJ3JDh7TlXSaY6cICfCkR59n3U2gP
SPFq4dmq5o6OZ6mk1aSebPH43HjbxzNG/rkIDJ9CkF3x0VrBznyc2OPfaCnCC1XY
5FWF6N4d/gUWq7l8JKuzDin2qM/tWdcrGRkRYFLaadxWHbxHorvuy4JxreDCEU5y
4pwtcOaHOu5mPuKOpjCHb4qb2bX2zJCVFYGgvPyH0Ox0G7EVIQncdT9fhwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFM9+F1LkYc6wnk9qMqpsO0EdXiAcMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvejM0WFV1Umh6ckNlVDJveXFtdzdRUjFlSUJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCU5P0AwQC
U5P8AwQDW7rIAwQBW7rYAwQDXvGoMA0GCSqGSIb3DQEBCwUAA4IBAQAZM2Xp8Q0c
U5bmHBWV03KRFNQ3EyOZ1houiAE5N3fT4red+KWt3uFrhsvfHnxRVZtEsn7JwrM9
RV/Vba+OsdL/sdBm5kz+GQ3S+7WniF7FPt+f+Hy8kX23IurDah5p5IEPtZlQ21eZ
pyQc+Yg6yX43uaVclbjbBXX/4Gnx6Se6nvE3EL82teLcLUlj0epBPjGm2LZRBPSS
ygsC+IhcW373H8XbqA8ny/x9De6u8KwamEgzFjtRTswB4nGSVMbUTNRmW/PGL4eZ
SwVKT+xGYSSu+JZYPX3e8URvjSa8a3mR9RBKhUbE7JEbeTIh9sWZ/28apbdkppN3
XP53CTGrbnME
-----END CERTIFICATE-----
Generated at Mon Jun 10 18:28:29 2024 by rpki-client on console-ams.rpki-client.org