Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/81719d-467c-4af7-a824-46a0df774fe1/1/sPyJNHpOpbpxdJkiQLkgLm0wOXA.roa
File: sPyJNHpOpbpxdJkiQLkgLm0wOXA.roa (raw, json)
Hash identifier: 7KS55nVT8vsJiCJ1OQPmSSQJEZ3wvuqcqcOaZ1L/QWI=
Subject key identifier: B0:FC:89:34:7A:4E:A5:BA:71:74:99:22:40:B9:20:2E:6D:30:39:70
Certificate issuer: /CN=89b332d57ce14fab1ebd746817dd701062c74a88
Certificate serial: 018C5E75C7E1C63A015FCA5D470422E17475
Authority key identifier: 89:B3:32:D5:7C:E1:4F:AB:1E:BD:74:68:17:DD:70:10:62:C7:4A:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ibMy1XzhT6sevXRoF91wEGLHSog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/81719d-467c-4af7-a824-46a0df774fe1/1/sPyJNHpOpbpxdJkiQLkgLm0wOXA.roa
Signing time: Tue 12 Dec 2023 14:37:06 +0000
ROA not before: Tue 12 Dec 2023 14:37:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34572
IP address blocks: 83.173.72.0/21 maxlen: 21
83.173.80.0/21 maxlen: 21
83.173.88.0/21 maxlen: 24
83.173.96.0/21 maxlen: 21
83.173.112.0/22 maxlen: 24
83.173.115.0/24 maxlen: 24
185.170.150.0/24 maxlen: 24
185.170.151.0/24 maxlen: 24
83.173.64.0/21 maxlen: 21
83.173.64.0/19 maxlen: 19
2a02:6100::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5e:75:c7:e1:c6:3a:01:5f:ca:5d:47:04:22:e1:74:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89b332d57ce14fab1ebd746817dd701062c74a88
Validity
Not Before: Dec 12 14:37:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b0fc89347a4ea5ba7174992240b9202e6d303970
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:5b:79:b5:6f:d3:dc:35:b5:31:df:22:2c:c8:
89:a5:c2:c0:4b:06:c5:06:2b:11:28:0c:bc:ec:7d:
a0:70:3e:59:e7:c1:15:3f:c8:1b:90:4b:4b:d5:70:
d6:bd:80:f9:12:61:e3:d9:e4:37:92:5d:04:a4:2f:
ee:ae:d2:99:de:e8:e3:cc:3e:bc:0c:aa:38:41:a8:
d1:c9:80:30:af:a3:5c:a2:1a:2b:ca:fa:61:02:fc:
7e:0a:41:79:49:96:8c:41:13:77:3f:a3:ed:90:3b:
37:10:1b:fe:86:14:98:a7:9c:e3:7d:24:69:1c:ba:
10:50:ec:44:7a:2a:3d:81:a2:3e:3a:c2:b0:56:40:
c6:c0:bf:f2:66:89:85:9c:de:c6:ed:0d:1f:80:5b:
a0:0c:ee:e1:ba:6b:bb:05:4a:05:d6:94:ed:d2:90:
c6:d6:eb:12:0a:a8:1c:a0:6c:01:e5:32:8e:6b:50:
0f:11:db:16:44:7a:fe:29:16:eb:05:59:19:16:d3:
22:84:7b:c3:fc:70:be:44:26:31:dd:fd:5f:a8:8d:
b7:db:a3:55:62:51:a8:f5:66:87:ef:89:05:94:05:
93:6d:4f:ae:a8:b6:7e:77:87:73:38:6e:6b:73:5e:
05:41:40:65:2c:72:cd:53:41:b8:5a:a9:3d:1b:dd:
08:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:FC:89:34:7A:4E:A5:BA:71:74:99:22:40:B9:20:2E:6D:30:39:70
X509v3 Authority Key Identifier:
keyid:89:B3:32:D5:7C:E1:4F:AB:1E:BD:74:68:17:DD:70:10:62:C7:4A:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ibMy1XzhT6sevXRoF91wEGLHSog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/81719d-467c-4af7-a824-46a0df774fe1/1/sPyJNHpOpbpxdJkiQLkgLm0wOXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/81719d-467c-4af7-a824-46a0df774fe1/1/ibMy1XzhT6sevXRoF91wEGLHSog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.173.64.0-83.173.103.255
83.173.112.0/22
185.170.150.0/23
IPv6:
2a02:6100::/32
Signature Algorithm: sha256WithRSAEncryption
52:6f:90:67:18:82:3a:1e:54:c2:95:73:e2:3f:af:4c:08:38:
60:54:5b:4e:39:66:33:e2:e3:9a:86:d6:57:41:9d:a3:ba:b0:
8a:0d:9d:9e:a5:d2:19:9e:e2:80:c2:c9:0e:e9:15:db:f2:46:
2f:c7:31:60:e4:ca:fc:19:f6:4b:a4:39:1f:49:1e:88:5e:f1:
34:ce:64:fe:c6:38:80:bb:d6:31:5d:79:2d:89:9d:a7:58:b6:
e9:87:09:27:64:69:e7:4c:5a:2c:7a:4b:79:72:cd:db:53:5e:
f2:3b:54:fe:50:df:4f:d9:a0:d9:24:ff:7f:0e:ff:1e:45:ae:
4d:38:9e:77:00:8c:cd:a0:34:43:98:b1:fc:6c:3a:75:0c:5a:
14:46:d3:af:77:b0:79:e2:21:cb:60:4c:56:77:a1:e5:50:40:
01:42:d1:51:0c:43:f9:40:bc:ee:3b:4a:d0:4d:26:f5:0b:51:
fb:30:b3:7f:d8:b9:e8:36:18:9f:15:09:ca:4d:76:5f:8d:bf:
b7:bb:73:f5:b9:11:f7:a5:46:1a:68:51:fd:cd:13:da:78:39:
76:ae:af:0f:22:0f:15:6f:a3:8c:d3:e7:1f:88:fc:41:9e:35:
e1:cf:75:e2:ea:47:95:f2:c0:15:6b:bc:cb:65:93:0c:42:08:
d3:95:7d:0b
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYxedcfhxjoBX8pdRwQi4XR1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YjMzMmQ1N2NlMTRmYWIxZWJkNzQ2ODE3ZGQ3MDEwNjJj
NzRhODgwHhcNMjMxMjEyMTQzNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGZjODkzNDdhNGVhNWJhNzE3NDk5MjI0MGI5MjAyZTZkMzAzOTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzlt5tW/T3DW1Md8iLMiJpcLASwbF
BisRKAy87H2gcD5Z58EVP8gbkEtL1XDWvYD5EmHj2eQ3kl0EpC/urtKZ3ujjzD68
DKo4QajRyYAwr6NcohoryvphAvx+CkF5SZaMQRN3P6PtkDs3EBv+hhSYp5zjfSRp
HLoQUOxEeio9gaI+OsKwVkDGwL/yZomFnN7G7Q0fgFugDO7humu7BUoF1pTt0pDG
1usSCqgcoGwB5TKOa1APEdsWRHr+KRbrBVkZFtMihHvD/HC+RCYx3f1fqI2326NV
YlGo9WaH74kFlAWTbU+uqLZ+d4dzOG5rc14FQUBlLHLNU0G4Wqk9G90IdwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFLD8iTR6TqW6cXSZIkC5IC5tMDlwMB8GA1UdIwQY
MBaAFImzMtV84U+rHr10aBfdcBBix0qIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWJNeTFYemhUNnNldlhSb0Y5MXdFR0xIU29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC84MTcxOWQtNDY3Yy00YWY3LWE4MjQt
NDZhMGRmNzc0ZmUxLzEvc1B5Sk5IcE9wYnB4ZEpraVFMa2dMbTB3T1hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC84MTcxOWQtNDY3Yy00YWY3LWE4MjQtNDZhMGRmNzc0ZmUx
LzEvaWJNeTFYemhUNnNldlhSb0Y5MXdFR0xIU29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaMAwDBAZTrUAD
BANTrWADBAJTrXADBAG5qpYwDQQCAAIwBwMFACoCYQAwDQYJKoZIhvcNAQELBQAD
ggEBAFJvkGcYgjoeVMKVc+I/r0wIOGBUW045ZjPi45qG1ldBnaO6sIoNnZ6l0hme
4oDCyQ7pFdvyRi/HMWDkyvwZ9kukOR9JHohe8TTOZP7GOIC71jFdeS2JnadYtumH
CSdkaedMWix6S3lyzdtTXvI7VP5Q30/ZoNkk/38O/x5Frk04nncAjM2gNEOYsfxs
OnUMWhRG0693sHniIctgTFZ3oeVQQAFC0VEMQ/lAvO47StBNJvULUfsws3/Yueg2
GJ8VCcpNdl+Nv7e7c/W5EfelRhpoUf3NE9p4OXaurw8iDxVvo4zT5x+I/EGeNeHP
deLqR5XywBVrvMtlkwxCCNOVfQs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:53 2024 by rpki-client on console-fra.rpki-client.org