Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/9ki52xzynA40mwXXNdSJjjOpJ4w.roa
File: 9ki52xzynA40mwXXNdSJjjOpJ4w.roa (raw, json)
Hash identifier: YjnmbObx7bnnvVKIKza2uos90f4LbkOnbqJqvt8mAlA=
Subject key identifier: F6:48:B9:DB:1C:F2:9C:0E:34:9B:05:D7:35:D4:89:8E:33:A9:27:8C
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 018BBCF72C08E5013A673BF42EDC0FB45AF2
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/9ki52xzynA40mwXXNdSJjjOpJ4w.roa
Signing time: Sat 11 Nov 2023 05:59:57 +0000
ROA not before: Sat 11 Nov 2023 05:59:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 83.147.40.0/22 maxlen: 24
83.147.52.0/22 maxlen: 24
83.147.61.0/24 maxlen: 24
83.147.8.0/22 maxlen: 24
83.147.12.0/22 maxlen: 24
83.147.20.0/23 maxlen: 24
83.147.23.0/24 maxlen: 24
83.147.28.0/22 maxlen: 24
83.147.26.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 19 Nov 2023 14:23:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:bc:f7:2c:08:e5:01:3a:67:3b:f4:2e:dc:0f:b4:5a:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Nov 11 05:59:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f648b9db1cf29c0e349b05d735d4898e33a9278c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:77:48:f4:42:ea:70:a7:5c:9c:00:42:f0:18:
ed:69:2b:e0:6e:9d:0e:45:20:cc:5d:1a:13:4d:d1:
25:59:21:94:21:67:4c:9a:ee:e1:ee:0c:1f:ca:78:
68:bd:78:5a:64:6d:5b:de:99:a5:4b:26:7f:bb:5d:
43:eb:f1:1b:e8:c2:f5:c6:88:48:98:ef:38:23:d3:
6e:c7:46:e7:33:76:ff:b8:fd:88:fd:c2:ba:05:05:
c7:7c:8f:20:a8:b9:85:db:45:3f:b5:9d:d3:33:34:
59:d3:2b:71:2a:19:84:e7:1c:39:c8:92:04:da:c2:
49:6c:aa:65:e5:9a:86:be:fc:95:31:5c:15:68:f7:
6c:7b:c0:cf:3e:63:4d:0a:d9:4c:84:97:41:f7:d6:
4d:39:c2:40:b4:bf:e3:7e:97:94:09:ec:83:b1:06:
7a:f1:e2:e1:70:2b:bd:4c:d8:76:61:af:da:4b:e9:
05:ec:b3:a3:54:c1:4f:3e:57:3c:28:7f:0f:27:f7:
b5:79:d9:df:67:24:3d:e6:f6:f9:28:d6:18:6b:71:
73:17:52:e5:fd:ff:6e:b6:62:3b:23:2f:6c:ad:0d:
47:3d:09:12:2e:59:ae:15:b3:70:5d:6a:6c:8d:bf:
4c:25:bf:15:e1:d3:cf:95:43:69:83:17:49:75:7c:
2e:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:48:B9:DB:1C:F2:9C:0E:34:9B:05:D7:35:D4:89:8E:33:A9:27:8C
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/9ki52xzynA40mwXXNdSJjjOpJ4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.8.0/21
83.147.20.0/23
83.147.23.0/24
83.147.26.0-83.147.31.255
83.147.40.0/22
83.147.52.0/22
83.147.61.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:32:03:58:b8:54:39:16:3b:a8:0a:9c:8e:36:02:bf:31:16:
3f:13:56:0a:d2:a0:e4:65:5d:f5:f5:11:f4:00:ce:67:ca:46:
dc:17:a5:c7:24:1f:49:7a:52:27:96:6c:0f:26:d6:e9:a0:4c:
1e:17:7a:6c:04:cb:eb:54:27:4e:b9:13:b9:75:c3:a8:d0:e8:
11:86:0c:62:b6:2c:86:c8:f4:d0:82:6f:5e:b3:35:08:be:bf:
31:30:d0:a6:bc:98:52:1d:14:23:4f:21:c7:31:29:94:70:65:
57:34:ab:33:ec:21:78:1b:b2:20:57:ab:1d:32:ad:15:86:05:
a8:a6:6d:ed:d1:f8:88:cc:f7:fe:1c:92:43:19:64:f1:2d:a9:
75:4e:c9:9b:75:7d:8d:76:7d:a6:6a:79:fb:97:2e:48:c5:0e:
a8:f7:9a:f8:24:a0:b7:1e:fa:41:b4:3f:06:a0:6c:bc:d8:65:
b8:16:95:1c:97:13:35:92:cb:d6:e1:db:a1:73:e5:ac:65:3e:
cc:78:37:fe:9f:32:25:4d:4a:18:dd:00:c8:b0:73:f1:29:3e:
f2:1d:a1:06:2b:51:a1:9d:57:a0:55:86:bd:a8:ac:01:94:16:
40:85:94:5e:45:e5:b3:5d:21:68:21:3a:ef:fc:0c:0d:44:17:
a7:4d:3e:c1
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYu89ywI5QE6Zzv0LtwPtFryMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjMxMTExMDU1OTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjQ4YjlkYjFjZjI5YzBlMzQ5YjA1ZDczNWQ0ODk4ZTMzYTkyNzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXdI9ELqcKdcnABC8BjtaSvgbp0O
RSDMXRoTTdElWSGUIWdMmu7h7gwfynhovXhaZG1b3pmlSyZ/u11D6/Eb6ML1xohI
mO84I9Nux0bnM3b/uP2I/cK6BQXHfI8gqLmF20U/tZ3TMzRZ0ytxKhmE5xw5yJIE
2sJJbKpl5ZqGvvyVMVwVaPdse8DPPmNNCtlMhJdB99ZNOcJAtL/jfpeUCeyDsQZ6
8eLhcCu9TNh2Ya/aS+kF7LOjVMFPPlc8KH8PJ/e1ednfZyQ95vb5KNYYa3FzF1Ll
/f9utmI7Iy9srQ1HPQkSLlmuFbNwXWpsjb9MJb8V4dPPlUNpgxdJdXwu1wIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFPZIudsc8pwONJsF1zXUiY4zqSeMMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvOWtpNTJ4enluQTQwbXdYWE5kU0pqak9wSjR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQDU5MIAwQB
U5MUAwQAU5MXMAwDBAFTkxoDBAVTkwADBAJTkygDBAJTkzQDBABTkz0wDQYJKoZI
hvcNAQELBQADggEBAF0yA1i4VDkWO6gKnI42Ar8xFj8TVgrSoORlXfX1EfQAzmfK
RtwXpcckH0l6UieWbA8m1umgTB4XemwEy+tUJ065E7l1w6jQ6BGGDGK2LIbI9NCC
b16zNQi+vzEw0Ka8mFIdFCNPIccxKZRwZVc0qzPsIXgbsiBXqx0yrRWGBaimbe3R
+IjM9/4ckkMZZPEtqXVOyZt1fY12faZqefuXLkjFDqj3mvgkoLce+kG0PwagbLzY
ZbgWlRyXEzWSy9bh26Fz5axlPsx4N/6fMiVNShjdAMiwc/EpPvIdoQYrUaGdV6BV
hr2orAGUFkCFlF5F5bNdIWghOu/8DA1EF6dNPsE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:01 2024 by rpki-client on console-ams.rpki-client.org