Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/zYo6ujs-_HfHQgn3rweRx4togvw.roa
File: zYo6ujs-_HfHQgn3rweRx4togvw.roa (raw, json)
Hash identifier: 959ayiNs0/JGS4wqljd6JxAIsLG0NwLmo02Nj1PzeWs=
Subject key identifier: CD:8A:3A:BA:3B:3E:FC:77:C7:42:09:F7:AF:07:91:C7:8B:68:82:FC
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018D1B367BA7836D2DB7AE527E0C5690707A
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/zYo6ujs-_HfHQgn3rweRx4togvw.roa
Signing time: Thu 18 Jan 2024 06:16:11 +0000
ROA not before: Thu 18 Jan 2024 06:16:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 83.147.232.0/22 maxlen: 24
83.147.252.0/22 maxlen: 24
91.186.216.0/22 maxlen: 24
94.241.160.0/22 maxlen: 24
178.253.26.0/23 maxlen: 24
178.253.26.0/24 maxlen: 24
178.253.27.0/24 maxlen: 24
178.253.44.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 20 Jan 2024 06:35:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1b:36:7b:a7:83:6d:2d:b7:ae:52:7e:0c:56:90:70:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jan 18 06:16:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd8a3aba3b3efc77c74209f7af0791c78b6882fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ee:db:88:42:b7:e0:6d:8d:52:82:8e:95:b2:
a2:63:77:e8:b9:1f:5a:29:fe:82:ac:7b:c5:d0:02:
05:c4:b1:48:62:e9:73:03:1f:ae:c8:49:bb:17:b2:
ba:a1:39:ed:a8:09:b7:d5:b8:80:47:a4:d1:1c:73:
c0:92:2d:81:f9:3a:b5:6a:69:bd:ba:b2:e6:b3:c0:
37:11:49:fb:69:4f:c6:d2:d0:ff:65:8e:89:44:e9:
1d:c7:62:5f:72:18:b9:6c:e9:b8:5d:94:45:2c:61:
7d:82:a6:b0:af:67:9c:5c:0e:30:2b:2d:de:6e:c5:
0d:ef:33:f7:e0:dd:95:d2:fb:29:ed:d5:46:16:42:
c0:8d:71:87:df:eb:d8:8d:ef:af:42:b4:b3:51:bf:
14:48:fd:c0:67:67:d9:47:9a:54:0a:59:05:d1:02:
ea:08:17:4b:72:88:a2:5d:9d:26:f5:27:43:a4:01:
83:70:49:5a:25:7b:cd:a4:da:9d:4c:58:69:43:a6:
0d:5c:9c:91:42:0b:62:58:3c:d4:d8:c0:21:2c:bf:
af:4a:a4:6b:87:c4:c7:db:05:fa:9e:cc:7b:fa:db:
da:48:4b:9d:ad:a0:b0:c9:f0:68:7a:c8:4b:ee:96:
d8:8b:b3:55:66:69:f6:be:49:ce:64:d3:6b:ac:61:
b1:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:8A:3A:BA:3B:3E:FC:77:C7:42:09:F7:AF:07:91:C7:8B:68:82:FC
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/zYo6ujs-_HfHQgn3rweRx4togvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.232.0/22
83.147.252.0/22
91.186.216.0/22
94.241.160.0/22
178.253.26.0/23
178.253.44.0/23
Signature Algorithm: sha256WithRSAEncryption
23:5d:d0:9e:46:d5:69:0c:4f:b7:4b:cf:e2:0c:a0:c4:75:8c:
db:12:7f:d4:6e:76:e0:ce:6e:74:e2:51:a0:cc:5b:65:d5:ca:
e6:ba:e0:1d:a6:58:0f:5d:c1:1b:c7:cb:c1:d8:1f:be:fc:bb:
f2:8a:5b:af:87:14:c7:f3:bb:b5:d3:fd:d0:33:91:4b:b7:cf:
1b:d4:0b:06:73:1e:42:2e:f7:cf:4b:4e:70:e8:87:52:ac:23:
11:8c:68:d9:fe:43:73:99:da:97:c2:ef:73:8c:58:b1:e5:28:
70:ba:54:bc:be:6e:22:df:b3:6e:41:32:da:06:60:a9:dc:48:
3a:7d:90:46:11:79:22:65:5e:9c:37:2d:9b:7b:8a:94:0c:e5:
5a:f6:1e:5e:3a:07:cb:3d:00:c3:00:42:f6:47:a5:79:93:64:
65:2a:74:af:d2:14:c3:76:a0:32:b2:48:d2:f2:a1:e7:8b:1f:
a8:30:5e:a0:d7:91:7c:39:3c:3e:d9:f6:a5:32:4e:44:9e:9f:
52:e8:14:31:7e:d7:3e:ee:65:80:16:92:03:ed:d7:f0:00:78:
3c:88:f6:59:5f:e5:25:02:c4:49:fa:bd:22:7f:ba:b7:b6:ad:
d5:48:4a:0b:f9:85:16:71:d7:67:43:da:15:b3:75:f7:be:3e:
7c:ce:56:e9
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY0bNnung20tt65SfgxWkHB6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwMTE4MDYxNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDhhM2FiYTNiM2VmYzc3Yzc0MjA5ZjdhZjA3OTFjNzhiNjg4MmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxu7biEK34G2NUoKOlbKiY3fouR9a
Kf6CrHvF0AIFxLFIYulzAx+uyEm7F7K6oTntqAm31biAR6TRHHPAki2B+Tq1amm9
urLms8A3EUn7aU/G0tD/ZY6JROkdx2Jfchi5bOm4XZRFLGF9gqawr2ecXA4wKy3e
bsUN7zP34N2V0vsp7dVGFkLAjXGH3+vYje+vQrSzUb8USP3AZ2fZR5pUClkF0QLq
CBdLcoiiXZ0m9SdDpAGDcElaJXvNpNqdTFhpQ6YNXJyRQgtiWDzU2MAhLL+vSqRr
h8TH2wX6nsx7+tvaSEudraCwyfBoeshL7pbYi7NVZmn2vknOZNNrrGGxrwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFM2KOro7Pvx3x0IJ968HkceLaIL8MB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvellvNnVqcy1fSGZIUWduM3J3ZVJ4NHRvZ3Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCU5PoAwQC
U5P8AwQCW7rYAwQCXvGgAwQBsv0aAwQBsv0sMA0GCSqGSIb3DQEBCwUAA4IBAQAj
XdCeRtVpDE+3S8/iDKDEdYzbEn/Ubnbgzm504lGgzFtl1crmuuAdplgPXcEbx8vB
2B++/LvyiluvhxTH87u10/3QM5FLt88b1AsGcx5CLvfPS05w6IdSrCMRjGjZ/kNz
mdqXwu9zjFix5ShwulS8vm4i37NuQTLaBmCp3Eg6fZBGEXkiZV6cNy2be4qUDOVa
9h5eOgfLPQDDAEL2R6V5k2RlKnSv0hTDdqAyskjS8qHnix+oMF6g15F8OTw+2fal
Mk5Enp9S6BQxftc+7mWAFpID7dfwAHg8iPZZX+UlAsRJ+r0if7q3tq3VSEoL+YUW
cddnQ9oVs3X3vj58zlbp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:20 2024 by rpki-client on console-ams.rpki-client.org