Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/LNekP69KmWuK_qZwrpHLBQNwYAQ.roa
File: LNekP69KmWuK_qZwrpHLBQNwYAQ.roa (raw, json)
Hash identifier: /xW7CQ3pvhFjUgg0Rw8VHYajBZgmFrwd0qB22W52i9g=
Subject key identifier: 2C:D7:A4:3F:AF:4A:99:6B:8A:FE:A6:70:AE:91:CB:05:03:70:60:04
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 018AE9EDF21C64FF6FCFD94A230A8D52FD39
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/LNekP69KmWuK_qZwrpHLBQNwYAQ.roa
Signing time: Sun 01 Oct 2023 06:29:59 +0000
ROA not before: Sun 01 Oct 2023 06:29:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 83.147.40.0/22 maxlen: 24
83.147.61.0/24 maxlen: 24
83.147.4.0/22 maxlen: 24
83.147.0.0/22 maxlen: 24
83.147.11.0/24 maxlen: 24
83.147.9.0/24 maxlen: 24
83.147.14.0/24 maxlen: 24
83.147.20.0/23 maxlen: 24
83.147.23.0/24 maxlen: 24
83.147.28.0/22 maxlen: 24
83.147.26.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 01 Oct 2023 17:57:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e9:ed:f2:1c:64:ff:6f:cf:d9:4a:23:0a:8d:52:fd:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Oct 1 06:29:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2cd7a43faf4a996b8afea670ae91cb0503706004
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:dd:df:f2:98:c5:22:87:d2:19:39:8e:a6:1a:
ab:82:70:d3:86:76:43:d4:71:2d:cc:03:14:a0:43:
4e:00:cb:be:e2:7a:c7:70:85:86:98:b9:9a:09:10:
5b:89:15:a0:e2:06:4e:78:43:11:23:cb:b4:66:69:
35:6b:e4:a7:1b:35:cf:a3:79:62:e9:04:1e:49:38:
d3:fb:68:90:44:c2:57:33:62:88:c2:0e:d5:71:d7:
b2:e6:c2:84:82:5c:d5:87:46:73:85:f4:c7:ec:4c:
de:bd:87:6b:bf:fa:a0:b0:dc:5e:f0:5e:2d:d9:21:
6f:e1:56:2f:43:af:3a:5d:9a:73:d0:bf:8d:92:96:
ee:18:28:71:b1:e2:ac:e0:d5:9c:2f:55:98:5a:3a:
dc:58:d1:d9:7a:33:4e:9e:ff:1b:d4:ef:fe:d5:f3:
75:31:a2:33:32:da:96:a6:11:9f:6e:66:f3:18:c9:
c0:bd:03:67:fa:e0:17:78:8e:ed:19:0c:30:52:1c:
de:96:f8:6c:4a:46:5a:cc:87:15:fb:c1:ef:5e:ea:
00:38:ae:dc:b4:4c:cd:04:0f:f9:71:c6:17:5d:3e:
f5:79:7c:b1:eb:6e:3a:ca:01:4c:0d:ef:c9:da:fe:
fd:03:92:5f:8e:15:3c:2e:f2:18:fc:c7:c4:d1:0b:
44:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:D7:A4:3F:AF:4A:99:6B:8A:FE:A6:70:AE:91:CB:05:03:70:60:04
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/LNekP69KmWuK_qZwrpHLBQNwYAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.0.0/21
83.147.9.0/24
83.147.11.0/24
83.147.14.0/24
83.147.20.0/23
83.147.23.0/24
83.147.26.0-83.147.31.255
83.147.40.0/22
83.147.61.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:3b:b6:bb:ea:04:19:40:68:8b:dd:b5:b9:82:54:7b:81:9d:
78:99:0e:8a:5b:bf:e0:d9:51:ff:02:b1:39:21:52:f5:cd:7e:
22:82:c9:6a:a6:c8:e5:63:d4:8c:61:a4:ba:ac:76:60:20:e9:
2c:da:cb:02:1e:2c:43:c7:46:52:b0:d3:b5:7f:9b:c9:97:49:
1b:a6:f5:53:d7:f9:53:c0:e4:ca:e6:b3:5e:e9:c2:e9:fe:8d:
8d:b8:e2:90:9e:eb:18:66:e2:15:45:19:42:c7:eb:59:c0:b9:
37:42:3a:b7:f9:2c:03:07:57:ab:9a:a9:8f:49:56:b0:11:47:
6d:52:2c:be:e6:2a:ca:35:75:e8:64:0c:4a:79:30:48:b8:2f:
ae:2b:e6:40:07:ee:69:e6:cd:85:e6:91:b0:12:8b:0d:a4:4f:
af:cc:f0:35:75:ac:9d:54:83:28:20:65:ed:fd:d5:79:0b:11:
20:2f:e6:24:eb:6d:e7:9c:e0:26:1f:00:81:7e:e2:75:23:5d:
32:ad:6c:8e:ca:3c:04:41:3f:88:dd:52:7b:4a:a8:6e:24:e9:
75:17:4b:65:6d:9a:4c:9b:43:d8:fa:f4:14:fe:f8:da:e6:98:
ee:2e:79:10:c4:87:ab:7d:36:58:c4:87:b8:41:82:0c:26:6e:
bc:e2:ca:11
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYrp7fIcZP9vz9lKIwqNUv05MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjMxMDAxMDYyOTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2Q3YTQzZmFmNGE5OTZiOGFmZWE2NzBhZTkxY2IwNTAzNzA2MDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvN3f8pjFIofSGTmOphqrgnDThnZD
1HEtzAMUoENOAMu+4nrHcIWGmLmaCRBbiRWg4gZOeEMRI8u0Zmk1a+SnGzXPo3li
6QQeSTjT+2iQRMJXM2KIwg7Vcdey5sKEglzVh0ZzhfTH7EzevYdrv/qgsNxe8F4t
2SFv4VYvQ686XZpz0L+NkpbuGChxseKs4NWcL1WYWjrcWNHZejNOnv8b1O/+1fN1
MaIzMtqWphGfbmbzGMnAvQNn+uAXeI7tGQwwUhzelvhsSkZazIcV+8HvXuoAOK7c
tEzNBA/5ccYXXT71eXyx6246ygFMDe/J2v79A5JfjhU8LvIY/MfE0QtEuQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFCzXpD+vSplriv6mcK6RywUDcGAEMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvTE5la1A2OUttV3VLX3Fad3JwSExCUU53WUFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQDU5MAAwQA
U5MJAwQAU5MLAwQAU5MOAwQBU5MUAwQAU5MXMAwDBAFTkxoDBAVTkwADBAJTkygD
BABTkz0wDQYJKoZIhvcNAQELBQADggEBABs7trvqBBlAaIvdtbmCVHuBnXiZDopb
v+DZUf8CsTkhUvXNfiKCyWqmyOVj1IxhpLqsdmAg6SzaywIeLEPHRlKw07V/m8mX
SRum9VPX+VPA5Mrms17pwun+jY244pCe6xhm4hVFGULH61nAuTdCOrf5LAMHV6ua
qY9JVrARR21SLL7mKso1dehkDEp5MEi4L64r5kAH7mnmzYXmkbASiw2kT6/M8DV1
rJ1UgyggZe391XkLESAv5iTrbeec4CYfAIF+4nUjXTKtbI7KPARBP4jdUntKqG4k
6XUXS2VtmkybQ9j69BT++NrmmO4ueRDEh6t9NljEh7hBggwmbrziyhE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:50 2024 by rpki-client on console-fra.rpki-client.org