Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/NROqfqG7JlHmDQeT2hqpWbBvf_U.roa
File: NROqfqG7JlHmDQeT2hqpWbBvf_U.roa (raw, json)
Hash identifier: coKHFciaUYrYxqLRLIhrhbh6SUb9SDdX5S3qOZrh4Vo=
Subject key identifier: 35:13:AA:7E:A1:BB:26:51:E6:0D:07:93:DA:1A:A9:59:B0:6F:7F:F5
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 019300AE473158C0DBF28E1EE6CC1EDA8624
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/NROqfqG7JlHmDQeT2hqpWbBvf_U.roa
Signing time: Wed 06 Nov 2024 08:54:01 +0000
ROA not before: Wed 06 Nov 2024 08:54:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.16.0/22 maxlen: 24
83.147.20.0/24 maxlen: 24
83.147.21.0/24 maxlen: 24
83.147.26.0/23 maxlen: 24
83.147.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Nov 2024 08:41:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:00:ae:47:31:58:c0:db:f2:8e:1e:e6:cc:1e:da:86:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Nov 6 08:54:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3513aa7ea1bb2651e60d0793da1aa959b06f7ff5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:97:b6:2c:4a:f4:b4:5d:da:02:17:a8:7f:09:
0a:c3:86:6e:14:2a:5a:c0:11:3a:33:75:1b:a4:7e:
94:ff:91:23:d3:80:4c:33:5e:24:d1:6e:5b:c1:ed:
19:12:89:06:e3:04:43:40:85:0d:33:bb:88:f7:ac:
09:1e:e0:c0:07:40:b1:3d:06:6c:d7:09:7f:cf:4e:
11:91:8c:dc:9b:79:1c:2c:fd:54:e4:50:c5:90:11:
ee:75:1b:4c:c6:c4:b8:03:70:4c:92:a0:cc:37:a4:
08:32:aa:30:3e:33:4d:2c:de:21:fa:d7:20:d5:13:
44:b8:91:0c:5e:a8:21:11:24:61:a1:8a:f1:61:fb:
5f:10:76:10:59:10:8e:04:c4:ee:24:43:ed:47:05:
34:fc:b4:85:0a:69:59:cd:f6:46:86:41:7c:a8:7e:
12:3c:8f:1b:6a:86:95:cc:f4:e1:92:0d:d4:c1:e2:
54:d5:21:ce:5d:04:4e:ae:37:dd:3a:48:7f:2b:a1:
1b:2d:eb:84:67:8a:15:60:c5:f4:50:b4:ae:2c:dc:
64:86:ed:ae:27:ee:54:b4:71:45:6d:a9:21:8a:20:
9a:0f:9f:8a:bb:44:a6:32:ae:59:8b:7a:f8:88:07:
59:f6:59:db:ec:ac:d3:40:98:20:2e:d9:7a:1e:22:
c4:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:13:AA:7E:A1:BB:26:51:E6:0D:07:93:DA:1A:A9:59:B0:6F:7F:F5
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/NROqfqG7JlHmDQeT2hqpWbBvf_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.16.0-83.147.21.255
83.147.26.0-83.147.28.255
Signature Algorithm: sha256WithRSAEncryption
c3:51:66:a7:96:91:ee:41:2f:58:69:a0:cd:59:61:1e:10:6e:
f4:e4:95:1b:f6:db:97:bb:c5:eb:91:94:11:a0:88:12:1f:c5:
4e:a6:79:07:c9:93:0f:e0:29:44:9c:47:81:17:8c:52:a6:34:
bf:59:c3:72:14:de:65:7f:55:7d:8a:25:e2:c9:61:53:01:5e:
6f:a0:a5:bb:f8:9e:1f:0c:d0:19:ea:72:46:80:0a:48:bb:46:
4f:74:d0:c6:50:3f:56:55:39:45:e2:51:31:de:05:1e:af:f5:
01:40:8a:bd:a6:21:2e:5b:2b:1f:80:86:c4:02:47:6b:d6:f3:
e0:0d:ab:c3:19:3c:26:e6:d8:3a:66:71:97:5c:7e:2c:61:ef:
17:c4:78:94:00:85:a4:45:7c:ed:40:a8:ad:f0:42:b1:b7:3a:
50:59:5d:eb:fb:45:36:6a:89:8a:d6:80:4a:97:84:86:f6:1d:
66:c4:da:80:6f:d1:02:c7:93:59:33:12:f6:65:74:fc:26:09:
8e:86:9a:09:a5:a3:47:29:f6:7f:26:44:69:ab:10:c5:db:9c:
76:82:33:49:72:57:30:10:96:d8:30:41:84:36:b8:8e:a5:8c:
4e:ec:0d:50:96:cc:23:4d:8f:d2:9d:ad:ba:9b:43:27:2b:93:
10:9e:4c:c1
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZMArkcxWMDb8o4e5swe2oYkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjQxMTA2MDg1NDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTEzYWE3ZWExYmIyNjUxZTYwZDA3OTNkYTFhYTk1OWIwNmY3ZmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5e2LEr0tF3aAheofwkKw4ZuFCpa
wBE6M3UbpH6U/5Ej04BMM14k0W5bwe0ZEokG4wRDQIUNM7uI96wJHuDAB0CxPQZs
1wl/z04RkYzcm3kcLP1U5FDFkBHudRtMxsS4A3BMkqDMN6QIMqowPjNNLN4h+tcg
1RNEuJEMXqghESRhoYrxYftfEHYQWRCOBMTuJEPtRwU0/LSFCmlZzfZGhkF8qH4S
PI8baoaVzPThkg3UweJU1SHOXQROrjfdOkh/K6EbLeuEZ4oVYMX0ULSuLNxkhu2u
J+5UtHFFbakhiiCaD5+Ku0SmMq5Zi3r4iAdZ9lnb7KzTQJggLtl6HiLEQQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFDUTqn6huyZR5g0Hk9oaqVmwb3/1MB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvTlJPcWZxRzdKbEhtRFFlVDJocXBXYkJ2Zl9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBARTkxAD
BAFTkxQwDAMEAVOTGgMEAFOTHDANBgkqhkiG9w0BAQsFAAOCAQEAw1Fmp5aR7kEv
WGmgzVlhHhBu9OSVG/bbl7vF65GUEaCIEh/FTqZ5B8mTD+ApRJxHgReMUqY0v1nD
chTeZX9VfYol4slhUwFeb6Clu/ieHwzQGepyRoAKSLtGT3TQxlA/VlU5ReJRMd4F
Hq/1AUCKvaYhLlsrH4CGxAJHa9bz4A2rwxk8JubYOmZxl1x+LGHvF8R4lACFpEV8
7UCorfBCsbc6UFld6/tFNmqJitaASpeEhvYdZsTagG/RAseTWTMS9mV0/CYJjoaa
CaWjRyn2fyZEaasQxducdoIzSXJXMBCW2DBBhDa4jqWMTuwNUJbMI02P0p2tuptD
JyuTEJ5MwQ==
-----END CERTIFICATE-----
Generated at Thu Nov 7 13:09:04 2024 by rpki-client on console-fra.rpki-client.org