Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/zyvkeGerG9dTseEQb6pZGPwm0ko.roa
File: zyvkeGerG9dTseEQb6pZGPwm0ko.roa (raw, json)
Hash identifier: 9TXQj7BZjUE+nNvVrzMmkOQYDj1Hy7jsRJehgvHe8E4=
Subject key identifier: CF:2B:E4:78:67:AB:1B:D7:53:B1:E1:10:6F:AA:59:18:FC:26:D2:4A
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 0191C97DFCDC934D7CE78695CBC628A40024
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/zyvkeGerG9dTseEQb6pZGPwm0ko.roa
Signing time: Fri 06 Sep 2024 22:39:22 +0000
ROA not before: Fri 06 Sep 2024 22:39:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5065
IP address blocks: 83.147.223.0/24 maxlen: 24
83.147.248.0/22 maxlen: 24
83.147.252.0/22 maxlen: 24
94.241.136.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 28 Sep 2024 07:27:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c9:7d:fc:dc:93:4d:7c:e7:86:95:cb:c6:28:a4:00:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Sep 6 22:39:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf2be47867ab1bd753b1e1106faa5918fc26d24a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:47:a6:7a:7e:62:42:2b:b7:68:bf:dc:5f:45:
f3:92:5b:ea:8f:6f:33:0d:3a:5e:d9:4a:dd:db:84:
ef:d8:2e:97:2e:c3:ea:d1:ed:02:aa:db:38:fa:93:
90:db:21:fb:49:5d:e5:9a:bd:0f:9f:43:b5:da:72:
19:ed:88:98:b6:6d:38:1e:43:73:3c:84:b9:0e:cc:
32:7f:69:db:1e:6f:4c:14:f8:db:eb:93:5f:57:48:
a7:7a:08:bd:3a:12:e9:21:21:0e:ee:17:c7:dd:d9:
99:c0:11:07:05:d9:f0:b1:56:a7:28:2e:bb:7a:79:
d0:1a:85:ef:3f:9e:5c:9c:84:f4:37:a4:cc:5c:7d:
e3:40:b1:80:4e:b3:50:72:4d:a6:80:7b:71:22:27:
2c:d8:03:5c:b0:85:da:62:51:f4:61:a2:ef:60:7a:
86:93:ee:92:54:e6:22:fa:01:50:78:2e:b8:d7:41:
ae:b8:1b:83:4c:45:a6:f7:b8:fb:26:6b:24:ec:96:
26:68:01:c0:eb:2d:f6:4e:05:4b:ab:53:69:e2:63:
62:4b:44:65:b8:bc:e8:85:05:0c:8f:82:d9:57:35:
ee:d6:c7:ca:b9:31:2b:1b:3e:8a:a4:7a:8b:cb:2e:
fc:f9:ed:be:7d:06:ad:e1:7d:44:f1:63:07:2f:cb:
4c:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:2B:E4:78:67:AB:1B:D7:53:B1:E1:10:6F:AA:59:18:FC:26:D2:4A
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/zyvkeGerG9dTseEQb6pZGPwm0ko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.223.0/24
83.147.248.0/21
94.241.136.0/23
Signature Algorithm: sha256WithRSAEncryption
06:33:1d:86:31:55:18:48:5b:60:e0:4f:c4:a8:68:bc:69:88:
11:07:8b:5a:60:3b:b6:2d:a3:d6:2f:14:ad:2a:c0:1a:d9:37:
c0:e0:6e:ff:cc:f2:5e:bf:b8:8d:73:6e:69:cf:86:b0:f1:35:
3c:2f:39:d8:94:81:36:d1:76:e4:e1:53:44:5f:95:ce:50:83:
cd:db:10:db:f5:88:a3:10:86:88:06:53:21:3e:48:9b:83:ab:
8f:d7:99:94:83:ed:b0:03:9d:e3:96:26:25:f2:f7:1d:82:1f:
3c:b5:e8:b9:bb:32:f5:8d:85:6d:bc:64:fa:32:2b:38:e9:b0:
71:e1:9d:ef:d0:53:f7:ab:99:e0:b9:d4:96:7e:69:31:5d:76:
4c:e8:cf:4d:d4:df:a9:2c:f1:05:d1:8e:fe:c2:66:5d:49:49:
fd:07:5a:be:42:ee:46:ec:7b:75:1f:e6:14:b1:fb:1e:62:c4:
3b:77:70:52:24:78:e9:8e:4b:07:18:ac:40:91:1c:57:21:90:
90:59:d3:73:c9:6b:af:fe:ae:37:c6:ce:ec:92:9c:f2:a5:21:
fd:f5:11:06:c5:1e:da:e8:00:d0:f8:45:a8:ad:53:c5:84:9d:
fd:81:79:10:f9:c3:07:ce:2c:69:d8:6d:62:eb:bc:f8:3b:30:
e3:ca:40:11
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZHJffzck01854aVy8YopAAkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwOTA2MjIzOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjJiZTQ3ODY3YWIxYmQ3NTNiMWUxMTA2ZmFhNTkxOGZjMjZkMjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzkemen5iQiu3aL/cX0Xzklvqj28z
DTpe2Urd24Tv2C6XLsPq0e0Cqts4+pOQ2yH7SV3lmr0Pn0O12nIZ7YiYtm04HkNz
PIS5Dswyf2nbHm9MFPjb65NfV0inegi9OhLpISEO7hfH3dmZwBEHBdnwsVanKC67
ennQGoXvP55cnIT0N6TMXH3jQLGATrNQck2mgHtxIics2ANcsIXaYlH0YaLvYHqG
k+6SVOYi+gFQeC6410GuuBuDTEWm97j7Jmsk7JYmaAHA6y32TgVLq1Np4mNiS0Rl
uLzohQUMj4LZVzXu1sfKuTErGz6KpHqLyy78+e2+fQat4X1E8WMHL8tMKwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM8r5HhnqxvXU7HhEG+qWRj8JtJKMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvenl2a2VHZXJHOWRUc2VFUWI2cFpHUHdtMGtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAU5PfAwQD
U5P4AwQBXvGIMA0GCSqGSIb3DQEBCwUAA4IBAQAGMx2GMVUYSFtg4E/EqGi8aYgR
B4taYDu2LaPWLxStKsAa2TfA4G7/zPJev7iNc25pz4aw8TU8LznYlIE20Xbk4VNE
X5XOUIPN2xDb9YijEIaIBlMhPkibg6uP15mUg+2wA53jliYl8vcdgh88tei5uzL1
jYVtvGT6Mis46bBx4Z3v0FP3q5ngudSWfmkxXXZM6M9N1N+pLPEF0Y7+wmZdSUn9
B1q+Qu5G7Ht1H+YUsfseYsQ7d3BSJHjpjksHGKxAkRxXIZCQWdNzyWuv/q43xs7s
kpzypSH99REGxR7a6ADQ+EWorVPFhJ39gXkQ+cMHzixp2G1i67z4OzDjykAR
-----END CERTIFICATE-----
Generated at Sat Sep 28 09:32:11 2024 by rpki-client on console-fra.rpki-client.org