Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/g__NNftXxefd9DI_p-LEVd0F-F4.roa
File: g__NNftXxefd9DI_p-LEVd0F-F4.roa (raw, json)
Hash identifier: iB9spjZdhBRzuMUfCaazz8evSkjSYp5o05fKYxsKfLE=
Subject key identifier: 83:FF:CD:35:FB:57:C5:E7:DD:F4:32:3F:A7:E2:C4:55:DD:05:F8:5E
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018B6BA4F223D04793CFF4DA0F77B7F6342E
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/g__NNftXxefd9DI_p-LEVd0F-F4.roa
Signing time: Thu 26 Oct 2023 11:00:53 +0000
ROA not before: Thu 26 Oct 2023 11:00:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137409
IP address blocks: 83.137.155.0/24 maxlen: 24
88.209.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6b:a4:f2:23:d0:47:93:cf:f4:da:0f:77:b7:f6:34:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Oct 26 11:00:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83ffcd35fb57c5e7ddf4323fa7e2c455dd05f85e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:34:bb:07:15:21:13:5f:a3:49:50:d7:1b:6e:
81:a1:0d:7a:be:46:ce:3c:98:94:fd:fc:8f:db:3d:
4c:fe:18:0c:c4:f6:3d:4e:c7:30:43:9f:d2:38:84:
87:6b:bb:70:14:c7:1c:5d:17:21:91:9d:7c:1b:46:
34:a2:10:48:0b:5e:03:fa:91:1d:aa:0a:fb:dc:f3:
e9:3c:04:8a:26:1b:41:a7:a8:3a:81:c0:cf:aa:d4:
d7:99:7e:eb:b1:e2:c4:d9:f7:2a:75:1e:ee:56:c6:
db:83:72:87:8b:70:dd:2a:6e:27:f9:49:02:58:8f:
1f:6e:52:09:76:11:94:b4:40:f5:cf:1d:40:fe:a8:
e7:d5:d9:f0:c3:a9:9f:5b:40:1d:8f:22:18:1f:b3:
bf:bb:4b:95:43:f6:86:e1:20:9f:80:ea:8e:bf:f5:
f4:2d:d2:56:bc:30:44:38:bf:5d:5b:ac:38:5e:07:
60:dc:86:15:a9:20:c7:f1:74:7f:bb:6e:0e:a3:dd:
0f:3c:eb:6d:a0:63:3a:11:48:1b:82:2e:c4:ec:bc:
94:ee:a3:43:83:7e:7c:84:2d:c8:45:65:32:ad:f8:
70:28:cf:e7:1e:60:7f:69:bf:e8:1c:a6:bc:70:a7:
69:59:4d:0e:55:63:c7:ce:a6:fd:70:19:4d:70:25:
0f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:FF:CD:35:FB:57:C5:E7:DD:F4:32:3F:A7:E2:C4:55:DD:05:F8:5E
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/g__NNftXxefd9DI_p-LEVd0F-F4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.137.155.0/24
88.209.202.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:84:ec:97:b9:d2:e2:75:2a:81:2b:8d:b2:63:3c:94:d2:e4:
ca:d9:ce:1f:0a:e3:c2:6c:74:95:d2:a7:05:9b:70:dc:62:b9:
bb:f2:d5:e5:ac:2e:4c:ae:b8:8d:4b:f9:77:22:05:42:a2:68:
fe:5d:3b:c2:b5:47:00:37:2a:f3:fd:72:b1:45:70:16:93:4d:
ec:3c:3f:46:05:ed:73:fc:ba:2d:11:0b:60:e4:2f:12:1a:37:
a6:4b:a8:49:06:0f:63:1c:12:fa:1b:84:fd:c4:7f:23:41:f6:
9f:cf:2b:d6:43:a1:16:e3:ea:a1:01:96:89:25:1a:1f:49:ed:
f4:df:55:c2:d8:08:7b:87:f7:48:2e:aa:38:69:44:15:21:68:
f9:1c:00:77:3e:ef:f3:70:a0:07:0f:50:32:82:98:b5:11:b4:
6d:72:20:38:ef:f0:92:07:bf:58:23:3b:dc:f4:50:57:3b:0d:
13:64:74:aa:ad:5c:5d:e6:c3:9c:47:d2:f7:de:dc:ef:a5:80:
71:c7:46:97:52:51:5b:49:8d:1a:e4:04:1a:8a:35:fc:b2:c8:
a7:0a:12:90:9d:b2:93:eb:f3:43:c6:f4:da:c1:3c:41:d8:a1:
66:b6:32:9c:aa:bf:ec:98:4a:5c:23:01:14:6c:a1:4d:1b:6d:
d9:a8:c5:98
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYtrpPIj0EeTz/TaD3e39jQuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMxMDI2MTEwMDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2ZmY2QzNWZiNTdjNWU3ZGRmNDMyM2ZhN2UyYzQ1NWRkMDVmODVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijS7BxUhE1+jSVDXG26BoQ16vkbO
PJiU/fyP2z1M/hgMxPY9TscwQ5/SOISHa7twFMccXRchkZ18G0Y0ohBIC14D+pEd
qgr73PPpPASKJhtBp6g6gcDPqtTXmX7rseLE2fcqdR7uVsbbg3KHi3DdKm4n+UkC
WI8fblIJdhGUtED1zx1A/qjn1dnww6mfW0AdjyIYH7O/u0uVQ/aG4SCfgOqOv/X0
LdJWvDBEOL9dW6w4Xgdg3IYVqSDH8XR/u24Oo90PPOttoGM6EUgbgi7E7LyU7qND
g358hC3IRWUyrfhwKM/nHmB/ab/oHKa8cKdpWU0OVWPHzqb9cBlNcCUPKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIP/zTX7V8Xn3fQyP6fixFXdBfheMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvZ19fTk5mdFh4ZWZkOURJX3AtTEVWZDBGLUY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAU4mbAwQA
WNHKMA0GCSqGSIb3DQEBCwUAA4IBAQBKhOyXudLidSqBK42yYzyU0uTK2c4fCuPC
bHSV0qcFm3DcYrm78tXlrC5MrriNS/l3IgVComj+XTvCtUcANyrz/XKxRXAWk03s
PD9GBe1z/LotEQtg5C8SGjemS6hJBg9jHBL6G4T9xH8jQfafzyvWQ6EW4+qhAZaJ
JRofSe3031XC2Ah7h/dILqo4aUQVIWj5HAB3Pu/zcKAHD1Aygpi1EbRtciA47/CS
B79YIzvc9FBXOw0TZHSqrVxd5sOcR9L33tzvpYBxx0aXUlFbSY0a5AQaijX8ssin
ChKQnbKT6/NDxvTawTxB2KFmtjKcqr/smEpcIwEUbKFNG23ZqMWY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:56 2024 by rpki-client on console-ams.rpki-client.org