Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/HVjZz7TCDbnBvS9nlWH5kfEPq30.roa
File: HVjZz7TCDbnBvS9nlWH5kfEPq30.roa (raw, json)
Hash identifier: MxehqU7+I6QO+5H7qhvWMxQsIGrDnJs2/y5rtcr+aUQ=
Subject key identifier: 1D:58:D9:CF:B4:C2:0D:B9:C1:BD:2F:67:95:61:F9:91:F1:0F:AB:7D
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 01878E30E646865CCAB68E4E353491D17580
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/HVjZz7TCDbnBvS9nlWH5kfEPq30.roa
Signing time: Mon 17 Apr 2023 07:49:41 +0000
ROA not before: Mon 17 Apr 2023 07:49:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 83.147.61.0/24 maxlen: 24
83.147.9.0/24 maxlen: 24
83.147.27.0/24 maxlen: 24
83.147.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Apr 2023 03:15:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8e:30:e6:46:86:5c:ca:b6:8e:4e:35:34:91:d1:75:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Apr 17 07:49:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d58d9cfb4c20db9c1bd2f679561f991f10fab7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a0:be:15:99:57:f3:19:8c:c5:18:33:7c:71:
0e:a4:8d:ba:c7:5f:da:07:05:71:d0:0e:16:27:3d:
8e:0e:1d:a5:bb:58:84:28:88:70:b3:6d:66:84:3c:
87:2a:a3:20:4b:c0:ff:fb:cb:6a:d5:66:48:1d:f7:
81:3c:c2:65:6e:76:71:6a:1b:16:6f:5a:d5:7a:f1:
e2:37:b5:69:6b:9c:e1:b6:d4:99:fb:7e:d9:75:57:
47:96:38:0a:3e:26:61:98:86:98:4d:c9:f6:6a:3e:
e3:ec:c7:b0:ae:40:b6:43:ca:6b:2d:65:5a:e0:75:
1b:98:ec:ed:3e:ad:65:c1:67:8e:b5:9f:c0:2a:66:
de:b6:64:23:94:fd:79:11:2c:51:d3:e4:e8:d5:1a:
dd:39:7f:fe:cb:99:09:4f:ab:ec:1b:34:40:98:1b:
b2:53:e0:b8:5a:6e:44:d9:fb:f3:34:fa:92:b5:3e:
9e:24:36:b2:96:40:e8:84:f8:af:d9:89:7d:82:65:
c3:33:9e:31:32:49:56:28:d7:43:39:8f:41:1b:66:
45:42:23:35:da:48:52:43:17:8d:1e:ee:f1:fe:dc:
7c:76:c6:f8:c3:da:85:56:a8:81:88:aa:6c:a3:5b:
65:51:d1:64:37:31:4d:57:cf:20:a1:1b:fe:8a:f1:
79:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:58:D9:CF:B4:C2:0D:B9:C1:BD:2F:67:95:61:F9:91:F1:0F:AB:7D
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/HVjZz7TCDbnBvS9nlWH5kfEPq30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.9.0/24
83.147.25.0/24
83.147.27.0/24
83.147.61.0/24
Signature Algorithm: sha256WithRSAEncryption
47:09:2f:55:c9:78:d0:6f:5b:1f:02:f6:bb:7d:de:95:d1:50:
91:80:65:87:68:55:24:9d:2b:80:16:fd:f2:67:c3:77:d6:64:
d4:45:13:be:4a:8e:ee:51:f7:d1:2d:71:a6:19:35:16:8d:84:
3b:ac:d1:78:e6:df:ac:0e:2f:7a:64:93:32:4f:2f:38:3e:14:
e2:95:90:3d:af:5c:14:e1:a3:00:eb:db:55:47:31:f0:fd:da:
5a:18:3d:35:84:6c:c2:8d:82:03:35:1b:98:3d:e5:33:e7:98:
83:fd:aa:88:f9:d4:91:80:d6:b7:f4:5c:88:ee:ec:12:e8:e1:
2a:ce:40:52:3a:bb:4b:d3:53:db:b2:29:d4:a9:91:ee:46:07:
a5:db:3e:eb:06:b5:87:86:0f:3a:a2:0e:33:47:98:c0:07:07:
bd:00:4e:cd:99:1a:f8:df:e7:37:c6:92:34:4c:b1:47:1a:21:
16:42:15:85:fe:d0:8f:ea:20:24:aa:01:19:ce:ad:16:a2:21:
bd:c2:35:61:f0:2c:ab:61:d6:2c:e3:51:07:97:91:5f:a7:34:
a5:82:6f:7b:35:e5:7a:f6:9e:2a:b2:e9:a8:5f:d1:f2:55:9e:
3a:ee:cc:aa:89:9e:66:6c:3f:6e:7d:ab:17:96:53:a2:0b:59:
42:e8:4e:08
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYeOMOZGhlzKto5ONTSR0XWAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjMwNDE3MDc0OTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDU4ZDljZmI0YzIwZGI5YzFiZDJmNjc5NTYxZjk5MWYxMGZhYjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqC+FZlX8xmMxRgzfHEOpI26x1/a
BwVx0A4WJz2ODh2lu1iEKIhws21mhDyHKqMgS8D/+8tq1WZIHfeBPMJlbnZxahsW
b1rVevHiN7Vpa5zhttSZ+37ZdVdHljgKPiZhmIaYTcn2aj7j7MewrkC2Q8prLWVa
4HUbmOztPq1lwWeOtZ/AKmbetmQjlP15ESxR0+To1RrdOX/+y5kJT6vsGzRAmBuy
U+C4Wm5E2fvzNPqStT6eJDaylkDohPiv2Yl9gmXDM54xMklWKNdDOY9BG2ZFQiM1
2khSQxeNHu7x/tx8dsb4w9qFVqiBiKpso1tlUdFkNzFNV88goRv+ivF5iQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFB1Y2c+0wg25wb0vZ5Vh+ZHxD6t9MB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvSFZqWno3VENEYm5CdlM5bmxXSDVrZkVQcTMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAU5MJAwQA
U5MZAwQAU5MbAwQAU5M9MA0GCSqGSIb3DQEBCwUAA4IBAQBHCS9VyXjQb1sfAva7
fd6V0VCRgGWHaFUknSuAFv3yZ8N31mTURRO+So7uUffRLXGmGTUWjYQ7rNF45t+s
Di96ZJMyTy84PhTilZA9r1wU4aMA69tVRzHw/dpaGD01hGzCjYIDNRuYPeUz55iD
/aqI+dSRgNa39FyI7uwS6OEqzkBSOrtL01PbsinUqZHuRgel2z7rBrWHhg86og4z
R5jABwe9AE7NmRr43+c3xpI0TLFHGiEWQhWF/tCP6iAkqgEZzq0WoiG9wjVh8Cyr
YdYs41EHl5FfpzSlgm97NeV69p4qsumoX9HyVZ467syqiZ5mbD9ufasXllOiC1lC
6E4I
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:01 2024 by rpki-client on console-ams.rpki-client.org