Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/DynYdC8lY8nRGO3Kb-GMybT0IEc.roa
File: DynYdC8lY8nRGO3Kb-GMybT0IEc.roa (raw, json)
Hash identifier: KlHnyTju4NOleIiCzUGmuyjh2G1teDQpgfRfuwxwfoI=
Subject key identifier: 0F:29:D8:74:2F:25:63:C9:D1:18:ED:CA:6F:E1:8C:C9:B4:F4:20:47
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 01878E30E6C9572314365AD57B60E207A1B5
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/DynYdC8lY8nRGO3Kb-GMybT0IEc.roa
Signing time: Mon 17 Apr 2023 07:49:42 +0000
ROA not before: Mon 17 Apr 2023 07:49:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 83.147.44.0/22 maxlen: 24
83.147.40.0/22 maxlen: 24
83.147.28.0/22 maxlen: 24
83.147.32.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Apr 2023 04:36:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8e:30:e6:c9:57:23:14:36:5a:d5:7b:60:e2:07:a1:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Apr 17 07:49:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f29d8742f2563c9d118edca6fe18cc9b4f42047
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:24:00:f4:92:3b:a4:31:22:2d:c1:db:1c:d7:
f9:f4:c4:66:ea:2c:b8:97:bf:84:df:0f:6a:4f:55:
6c:ad:f8:31:9c:eb:29:7e:b7:cc:ac:5d:79:b1:94:
e9:86:4b:32:9e:9c:e3:2c:67:1a:e4:0a:ae:7b:0e:
37:89:d2:4d:fc:41:dc:f7:dd:68:7d:68:e6:29:92:
24:05:bc:a0:a5:d9:67:fa:1d:7a:c1:76:4f:63:e0:
56:d1:d2:5b:01:dd:3a:cd:a9:da:16:e9:4f:4e:db:
94:1c:07:5f:ef:ef:2e:19:5a:f4:07:09:55:63:ca:
7b:0c:9e:8e:f4:24:05:12:9f:5c:a4:9e:7d:7e:e6:
4b:88:eb:ba:ff:31:d9:b6:20:0f:85:ea:2f:0b:48:
87:44:e7:bf:f1:13:8b:ab:6d:e1:56:68:4b:8d:9e:
e0:13:dc:16:46:54:4c:72:79:66:eb:f1:21:bc:3d:
96:d1:13:ba:ed:d9:77:d3:f6:d9:ab:c3:46:db:97:
64:36:1e:f6:da:5a:d6:40:03:9e:16:5f:f2:f2:58:
82:d0:71:a4:23:63:8f:9a:88:eb:40:c9:82:13:08:
68:22:ff:a5:df:d1:f7:cd:9d:1f:f5:60:8f:5c:56:
ca:e4:66:df:6e:ae:3f:9d:a1:af:7c:38:cb:92:90:
79:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:29:D8:74:2F:25:63:C9:D1:18:ED:CA:6F:E1:8C:C9:B4:F4:20:47
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/DynYdC8lY8nRGO3Kb-GMybT0IEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.28.0-83.147.35.255
83.147.40.0/21
Signature Algorithm: sha256WithRSAEncryption
62:9e:4b:e2:77:c9:a4:26:17:fa:a2:68:cc:f9:9a:a1:d0:d7:
be:b2:5f:e0:c8:b0:e4:4e:5e:82:d7:0a:2b:b4:48:51:9c:07:
5b:ae:d5:b7:e0:20:fa:cf:31:4f:21:c4:82:d6:91:e0:cc:07:
71:a8:d0:38:5f:58:71:2e:05:06:be:8d:32:87:a2:aa:9a:79:
dc:98:87:ae:ba:36:b9:14:1c:44:08:cf:36:a2:da:89:23:2b:
bb:29:72:17:d9:c4:46:6f:9f:9c:2d:fe:25:c1:20:0d:a9:9f:
ef:cb:3a:0d:29:43:a5:96:1d:41:d4:93:19:7e:e1:ef:46:3a:
a8:ab:83:74:93:95:d5:94:bc:ca:5c:2a:69:e7:62:a2:f0:2d:
07:79:96:86:61:96:b2:5a:20:0a:bc:24:18:05:01:68:d7:9f:
20:f3:92:b1:5d:1c:9c:b8:69:51:ad:51:2f:e7:bd:a0:a1:1c:
c7:43:45:97:2a:cd:03:93:f8:9f:a5:7e:0f:6f:27:1e:44:d6:
c2:f6:c4:f0:ca:67:98:02:10:1f:80:d4:cb:30:4d:9e:0c:1c:
8f:99:35:33:4f:1d:9e:04:d6:87:04:b0:7f:17:34:c5:18:37:
b0:12:bf:71:25:0b:45:f5:11:d9:eb:c3:cf:fe:08:7b:84:fc:
31:c3:f3:a2
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYeOMObJVyMUNlrVe2DiB6G1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjMwNDE3MDc0OTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjI5ZDg3NDJmMjU2M2M5ZDExOGVkY2E2ZmUxOGNjOWI0ZjQyMDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSQA9JI7pDEiLcHbHNf59MRm6iy4
l7+E3w9qT1VsrfgxnOspfrfMrF15sZTphksynpzjLGca5Aquew43idJN/EHc991o
fWjmKZIkBbygpdln+h16wXZPY+BW0dJbAd06zanaFulPTtuUHAdf7+8uGVr0BwlV
Y8p7DJ6O9CQFEp9cpJ59fuZLiOu6/zHZtiAPheovC0iHROe/8ROLq23hVmhLjZ7g
E9wWRlRMcnlm6/EhvD2W0RO67dl30/bZq8NG25dkNh722lrWQAOeFl/y8liC0HGk
I2OPmojrQMmCEwhoIv+l39H3zZ0f9WCPXFbK5Gbfbq4/naGvfDjLkpB5PwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFA8p2HQvJWPJ0Rjtym/hjMm09CBHMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvRHluWWRDOGxZOG5SR08zS2ItR015YlQwSUVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAJTkxwD
BAJTkyADBANTkygwDQYJKoZIhvcNAQELBQADggEBAGKeS+J3yaQmF/qiaMz5mqHQ
176yX+DIsOROXoLXCiu0SFGcB1uu1bfgIPrPMU8hxILWkeDMB3Go0DhfWHEuBQa+
jTKHoqqaedyYh666NrkUHEQIzzai2okjK7spchfZxEZvn5wt/iXBIA2pn+/LOg0p
Q6WWHUHUkxl+4e9GOqirg3STldWUvMpcKmnnYqLwLQd5loZhlrJaIAq8JBgFAWjX
nyDzkrFdHJy4aVGtUS/nvaChHMdDRZcqzQOT+J+lfg9vJx5E1sL2xPDKZ5gCEB+A
1MswTZ4MHI+ZNTNPHZ4E1ocEsH8XNMUYN7ASv3ElC0X1Ednrw8/+CHuE/DHD86I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:50 2024 by rpki-client on console-fra.rpki-client.org