Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/2_Cz7CfX3MRW_NewkibUwbzZJlM.roa
File: 2_Cz7CfX3MRW_NewkibUwbzZJlM.roa (raw, json)
Hash identifier: Flcm0IEZbQEMmlpHo5tvB967p5n/rMd/ku7UlTjVSLA=
Subject key identifier: DB:F0:B3:EC:27:D7:DC:C4:56:FC:D7:B0:92:26:D4:C1:BC:D9:26:53
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 0189CE5A1B938DF4371AAB66EC496DE37468
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/2_Cz7CfX3MRW_NewkibUwbzZJlM.roa
Signing time: Mon 07 Aug 2023 04:55:59 +0000
ROA not before: Mon 07 Aug 2023 04:55:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 83.147.62.0/24 maxlen: 24
83.147.12.0/24 maxlen: 24
83.147.32.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Oct 2023 04:32:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ce:5a:1b:93:8d:f4:37:1a:ab:66:ec:49:6d:e3:74:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Aug 7 04:55:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dbf0b3ec27d7dcc456fcd7b09226d4c1bcd92653
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f1:a0:35:4f:ee:32:19:38:cd:3c:c8:4d:0c:
10:34:5b:c8:33:5e:69:a3:94:a3:dc:0b:6d:12:70:
ea:b3:e3:79:db:32:fa:7a:e6:33:a0:af:1e:14:d5:
8d:05:c2:7e:72:64:c4:60:fc:5d:a6:27:de:09:d0:
67:a2:53:ff:3f:5e:ef:96:2b:c0:a9:43:ec:2e:66:
20:71:6f:be:d7:fa:92:a9:e9:e7:c5:6a:93:8b:cd:
98:b4:67:e3:a7:0d:b8:8a:1e:51:1d:b6:c5:da:44:
fe:c2:6c:34:c1:28:39:95:ca:2b:b2:c9:e5:04:ca:
07:5a:3b:1a:e7:72:9e:65:24:e5:ab:ae:a0:3d:0a:
53:a0:eb:10:ff:64:af:a7:2c:da:67:59:0f:c0:24:
1a:29:77:79:4d:d6:e8:1a:1b:ec:b9:6e:94:d4:6e:
25:c3:ae:74:f5:e1:a8:c7:21:17:19:ef:be:1f:ae:
77:f2:e9:f0:5a:0e:db:15:3b:c7:e2:2f:e2:0a:3f:
83:4b:1b:ed:c9:f9:04:23:df:12:be:49:36:7b:1d:
0e:a8:46:18:78:d5:aa:03:7c:dd:31:64:3c:34:98:
58:17:ef:7c:ac:8f:6e:57:03:57:c6:9a:c6:67:b6:
e4:be:b7:a6:3a:ae:a0:8b:07:6f:23:d6:df:b8:51:
ef:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:F0:B3:EC:27:D7:DC:C4:56:FC:D7:B0:92:26:D4:C1:BC:D9:26:53
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/2_Cz7CfX3MRW_NewkibUwbzZJlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.12.0/24
83.147.32.0/22
83.147.62.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:ea:b8:b4:aa:3d:cb:a5:bd:6e:19:e8:b5:d8:72:77:a2:91:
3b:1f:cc:8b:e3:ca:8b:3d:55:ef:38:e6:89:46:e7:b8:09:0f:
2e:7a:bf:bb:b4:6e:2c:82:6d:c0:1e:f1:61:89:b0:42:5f:e7:
02:2b:7d:5a:e9:8a:10:91:b7:55:cc:a3:fb:19:ff:c6:73:5b:
37:ab:63:42:6a:6f:6e:4e:de:75:10:d1:e4:ce:09:58:fa:d8:
c8:10:66:c3:2f:96:55:c5:29:9b:dc:9c:61:cf:5d:ae:0d:6c:
dd:f8:8d:4e:94:69:57:ae:af:21:97:c7:8a:c0:dc:44:cb:d5:
7c:85:41:ae:51:5b:61:fc:ad:c2:3d:4b:9e:4f:ab:4d:09:df:
11:6f:4c:57:2d:0e:b1:e2:91:c7:55:00:db:d9:dd:5b:bc:22:
73:08:a8:93:76:02:e1:7e:bc:c6:1c:97:f9:37:26:d7:71:bf:
05:68:b8:9a:d5:cc:87:d7:bf:fa:d2:a4:1d:31:ab:0a:59:b0:
98:76:46:bc:41:1e:b2:fd:f3:a4:c8:3f:16:6c:3e:34:bb:ee:
31:f5:78:54:8d:e4:79:99:a1:00:f4:4f:3d:f3:81:80:27:e2:
3c:c8:05:58:da:50:c6:2b:a3:69:1b:68:39:d7:a4:26:0e:85:
86:7a:d0:d1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYnOWhuTjfQ3Gqtm7Elt43RoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjMwODA3MDQ1NTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmYwYjNlYzI3ZDdkY2M0NTZmY2Q3YjA5MjI2ZDRjMWJjZDkyNjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/GgNU/uMhk4zTzITQwQNFvIM15p
o5Sj3AttEnDqs+N52zL6euYzoK8eFNWNBcJ+cmTEYPxdpifeCdBnolP/P17vlivA
qUPsLmYgcW++1/qSqennxWqTi82YtGfjpw24ih5RHbbF2kT+wmw0wSg5lcorssnl
BMoHWjsa53KeZSTlq66gPQpToOsQ/2SvpyzaZ1kPwCQaKXd5TdboGhvsuW6U1G4l
w6509eGoxyEXGe++H6538unwWg7bFTvH4i/iCj+DSxvtyfkEI98Svkk2ex0OqEYY
eNWqA3zdMWQ8NJhYF+98rI9uVwNXxprGZ7bkvremOq6giwdvI9bfuFHvMQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNvws+wn19zEVvzXsJIm1MG82SZTMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvMl9DejdDZlgzTVJXX05ld2tpYlV3YnpaSmxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAU5MMAwQC
U5MgAwQAU5M+MA0GCSqGSIb3DQEBCwUAA4IBAQAK6ri0qj3Lpb1uGei12HJ3opE7
H8yL48qLPVXvOOaJRue4CQ8uer+7tG4sgm3AHvFhibBCX+cCK31a6YoQkbdVzKP7
Gf/Gc1s3q2NCam9uTt51ENHkzglY+tjIEGbDL5ZVxSmb3Jxhz12uDWzd+I1OlGlX
rq8hl8eKwNxEy9V8hUGuUVth/K3CPUueT6tNCd8Rb0xXLQ6x4pHHVQDb2d1bvCJz
CKiTdgLhfrzGHJf5NybXcb8FaLia1cyH17/60qQdMasKWbCYdka8QR6y/fOkyD8W
bD40u+4x9XhUjeR5maEA9E8984GAJ+I8yAVY2lDGK6NpG2g516QmDoWGetDR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:01 2024 by rpki-client on console-ams.rpki-client.org