Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/1aQdoeSwYwQx9dhR2pfC8ziRbJU.roa
File: 1aQdoeSwYwQx9dhR2pfC8ziRbJU.roa (raw, json)
Hash identifier: TaCQQYj2c+CO8zRhwOYATcote0fyN2BV+GeTsOOs0sg=
Subject key identifier: D5:A4:1D:A1:E4:B0:63:04:31:F5:D8:51:DA:97:C2:F3:38:91:6C:95
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 018CCE6953EBCEB4860582E981670FCE3FA2
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/1aQdoeSwYwQx9dhR2pfC8ziRbJU.roa
Signing time: Wed 03 Jan 2024 08:20:58 +0000
ROA not before: Wed 03 Jan 2024 08:20:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.0.0/22 maxlen: 24
83.147.20.0/24 maxlen: 24
83.147.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 05 Jan 2024 12:16:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ce:69:53:eb:ce:b4:86:05:82:e9:81:67:0f:ce:3f:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Jan 3 08:20:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5a41da1e4b0630431f5d851da97c2f338916c95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ef:3c:34:4d:43:22:c6:bf:e7:71:2a:34:24:
7c:e1:c5:97:4f:6d:91:60:6b:a2:53:ca:05:03:90:
24:0e:b1:78:2f:26:02:5e:4e:53:18:07:17:37:57:
30:20:78:25:20:cf:a2:9d:c9:85:e2:ad:8b:6b:09:
5b:64:d8:7c:57:30:17:2f:cf:d0:15:b9:79:c8:35:
20:60:13:8b:f2:d3:ea:36:e5:6f:b6:51:67:8e:a7:
fc:66:38:21:1b:a3:f5:75:88:92:c4:aa:fb:47:9a:
38:1b:f5:b8:2a:d2:2a:82:18:90:40:69:5d:21:80:
38:c4:0f:42:71:34:f1:9b:bf:d3:4c:87:96:14:2e:
3e:21:88:95:3a:3f:dd:ce:e0:be:2d:91:5e:a9:30:
2a:27:cb:16:9f:0a:ab:32:5d:58:22:ee:ee:b0:3b:
75:fb:21:7c:a7:62:43:bf:0e:24:8d:08:76:9a:55:
42:88:b8:06:5f:8e:f5:06:34:60:f7:9d:54:0c:dd:
c9:76:63:aa:bf:92:5c:65:c6:d7:87:a2:f6:bc:43:
97:e4:0c:2e:22:2c:7c:56:1c:d0:57:c7:92:fd:5e:
5c:02:c1:e6:04:71:b1:88:e7:e3:af:bc:b3:09:88:
03:7b:95:5e:cd:0b:18:32:34:3c:18:22:1f:46:67:
6d:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:A4:1D:A1:E4:B0:63:04:31:F5:D8:51:DA:97:C2:F3:38:91:6C:95
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/1aQdoeSwYwQx9dhR2pfC8ziRbJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.0.0/22
83.147.20.0/23
Signature Algorithm: sha256WithRSAEncryption
2e:58:7d:8c:5f:c5:6f:6d:db:ab:87:02:5b:97:c8:01:1d:dd:
6e:8f:88:c0:22:d7:47:6b:1b:eb:1e:36:fa:6e:e3:f0:44:06:
88:3a:53:e7:a2:e3:00:c3:0f:d7:4e:f2:3e:25:19:c1:d2:59:
d2:24:a5:3a:8f:28:35:66:88:c3:2e:aa:28:93:f7:35:ed:13:
e5:b7:8d:34:3e:f4:44:76:ba:f4:a7:aa:02:f6:c3:57:28:ba:
f6:be:ed:99:70:54:75:af:ad:5a:67:6b:c6:a7:57:22:ad:7b:
05:03:53:94:1e:32:4c:b4:f2:13:7b:17:1d:4c:b7:59:89:32:
18:84:25:c8:cc:64:11:d6:6b:05:5d:84:df:bc:19:2c:de:aa:
78:c4:11:c9:09:a1:9d:a8:86:18:3a:05:41:3c:38:18:6b:b7:
2e:64:d7:a0:64:66:55:ba:79:f1:db:01:61:bf:83:12:d9:b7:
70:e2:3e:fa:af:0f:75:3a:d8:5e:c5:2c:71:ff:42:d6:6a:c7:
0f:3b:0e:98:75:28:ba:99:8e:00:53:95:2d:7d:c0:2b:f6:77:
6a:d5:58:64:8c:4a:c0:53:6f:23:44:6d:bd:e2:2a:c7:ac:39:
d3:3e:1f:d9:40:62:43:48:ff:53:de:a8:96:e7:6e:f9:30:9a:
c2:d9:81:62
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzOaVPrzrSGBYLpgWcPzj+iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjQwMTAzMDgyMDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWE0MWRhMWU0YjA2MzA0MzFmNWQ4NTFkYTk3YzJmMzM4OTE2Yzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwO88NE1DIsa/53EqNCR84cWXT22R
YGuiU8oFA5AkDrF4LyYCXk5TGAcXN1cwIHglIM+incmF4q2LawlbZNh8VzAXL8/Q
Fbl5yDUgYBOL8tPqNuVvtlFnjqf8ZjghG6P1dYiSxKr7R5o4G/W4KtIqghiQQGld
IYA4xA9CcTTxm7/TTIeWFC4+IYiVOj/dzuC+LZFeqTAqJ8sWnwqrMl1YIu7usDt1
+yF8p2JDvw4kjQh2mlVCiLgGX471BjRg951UDN3JdmOqv5JcZcbXh6L2vEOX5Awu
Iix8VhzQV8eS/V5cAsHmBHGxiOfjr7yzCYgDe5VezQsYMjQ8GCIfRmdtuwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNWkHaHksGMEMfXYUdqXwvM4kWyVMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvMWFRZG9lU3dZd1F4OWRoUjJwZkM4emlSYkpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCU5MAAwQB
U5MUMA0GCSqGSIb3DQEBCwUAA4IBAQAuWH2MX8VvbdurhwJbl8gBHd1uj4jAItdH
axvrHjb6buPwRAaIOlPnouMAww/XTvI+JRnB0lnSJKU6jyg1ZojDLqook/c17RPl
t400PvREdrr0p6oC9sNXKLr2vu2ZcFR1r61aZ2vGp1cirXsFA1OUHjJMtPITexcd
TLdZiTIYhCXIzGQR1msFXYTfvBks3qp4xBHJCaGdqIYYOgVBPDgYa7cuZNegZGZV
unnx2wFhv4MS2bdw4j76rw91OthexSxx/0LWascPOw6YdSi6mY4AU5UtfcAr9ndq
1VhkjErAU28jRG294irHrDnTPh/ZQGJDSP9T3qiW5275MJrC2YFi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:50 2024 by rpki-client on console-fra.rpki-client.org