Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/O7tBonWVEzwjKbf7X3LqjLqGL5g.roa
File: O7tBonWVEzwjKbf7X3LqjLqGL5g.roa (raw, json)
Hash identifier: SYsqKah4IxUGtxZezFSVSH1VCiCJrGQR59P2ufvT0Ac=
Subject key identifier: 3B:BB:41:A2:75:95:13:3C:23:29:B7:FB:5F:72:EA:8C:BA:86:2F:98
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 018B8436F446407C3853F6F2AA25FE3BA7C5
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/O7tBonWVEzwjKbf7X3LqjLqGL5g.roa
Signing time: Tue 31 Oct 2023 05:31:15 +0000
ROA not before: Tue 31 Oct 2023 05:31:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 83.147.44.0/22 maxlen: 24
83.147.40.0/22 maxlen: 24
83.147.61.0/24 maxlen: 24
83.147.0.0/22 maxlen: 24
83.147.20.0/23 maxlen: 24
83.147.23.0/24 maxlen: 24
83.147.28.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Nov 2023 05:38:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:84:36:f4:46:40:7c:38:53:f6:f2:aa:25:fe:3b:a7:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Oct 31 05:31:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bbb41a27595133c2329b7fb5f72ea8cba862f98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:50:4e:ca:ea:46:38:1c:18:77:3e:31:6e:26:
c7:3d:d7:a8:f8:a3:54:be:e8:7c:56:3d:e5:67:e7:
3b:eb:91:46:97:14:8b:b1:10:94:00:68:8a:83:c0:
66:5b:5e:fb:1f:c0:b0:62:b9:8d:e1:8a:0d:09:c3:
13:52:11:f7:06:05:00:86:86:0e:09:cb:14:2d:25:
8c:6a:29:5c:19:c9:17:f2:d4:d2:7e:58:b0:13:2a:
58:d0:71:41:ca:7d:50:50:d0:67:27:82:95:9d:7d:
63:34:ca:a6:e2:df:43:d4:d2:a9:c6:02:7e:20:1f:
37:34:a1:d7:85:c0:eb:e1:f9:81:d0:f8:e6:23:97:
e5:ed:a3:61:46:98:29:65:64:49:b7:59:a1:ab:6b:
2e:4f:90:aa:cb:89:32:c2:8b:58:c5:19:48:d3:71:
28:ad:06:45:95:40:9d:b8:61:4f:98:c0:50:68:09:
93:d1:1d:af:6e:8f:99:72:f3:63:70:0f:20:cd:80:
0e:06:52:bd:e3:4d:96:ac:e9:f8:8b:c6:fa:65:2f:
2f:7c:e0:ab:aa:76:0d:39:5d:99:73:ca:2a:80:42:
00:f4:bb:0d:ec:02:fa:c9:ca:00:ab:54:92:3f:83:
1d:a9:41:1d:1e:07:26:c0:72:df:cb:8d:da:b9:07:
dc:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:BB:41:A2:75:95:13:3C:23:29:B7:FB:5F:72:EA:8C:BA:86:2F:98
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/O7tBonWVEzwjKbf7X3LqjLqGL5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.0.0/22
83.147.20.0/23
83.147.23.0/24
83.147.28.0/22
83.147.40.0/21
83.147.61.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:14:be:57:a3:9a:0b:d0:31:94:ca:76:62:5d:5c:df:a4:d8:
8f:c3:f5:61:3e:0c:36:8f:3b:37:92:a8:a7:4e:4d:97:77:13:
f2:19:72:00:64:1d:7a:99:ca:e1:53:3f:f4:e5:9c:86:c3:38:
fc:01:f5:e1:d7:83:a6:07:c5:6c:e3:db:c5:3c:92:a5:66:d5:
76:b3:4a:fb:82:6b:e0:cd:ac:a5:12:ed:f2:3d:2a:17:94:b7:
e5:50:7e:f3:ec:ea:9a:f4:95:cb:03:56:e6:5f:77:24:b7:1c:
dc:73:d0:d6:54:a3:e0:99:e1:d7:df:3d:13:a9:31:6f:56:95:
6b:75:23:ab:be:87:35:35:cd:de:28:28:2e:e0:7e:fa:9e:a3:
70:86:3b:a4:7c:11:7e:db:eb:c1:7b:52:5b:0c:29:83:37:6d:
11:2c:86:c3:40:2b:09:51:48:44:e6:15:a8:04:e8:9d:31:05:
f2:03:81:45:e4:18:80:f8:fa:75:d3:68:27:0a:f8:a3:24:f3:
2b:b7:d6:49:a6:ca:4f:d6:1f:4a:96:08:9e:6f:a5:35:cd:14:
e7:9f:61:1a:5b:9c:63:2b:9f:fa:a8:43:3e:33:96:7a:7e:a1:
67:24:49:ac:0f:ee:9e:c6:5e:69:00:8b:8d:b9:27:5d:db:22:
32:31:2c:09
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYuENvRGQHw4U/byqiX+O6fFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjMxMDMxMDUzMTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmJiNDFhMjc1OTUxMzNjMjMyOWI3ZmI1ZjcyZWE4Y2JhODYyZjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2lBOyupGOBwYdz4xbibHPdeo+KNU
vuh8Vj3lZ+c765FGlxSLsRCUAGiKg8BmW177H8CwYrmN4YoNCcMTUhH3BgUAhoYO
CcsULSWMailcGckX8tTSfliwEypY0HFByn1QUNBnJ4KVnX1jNMqm4t9D1NKpxgJ+
IB83NKHXhcDr4fmB0PjmI5fl7aNhRpgpZWRJt1mhq2suT5Cqy4kywotYxRlI03Eo
rQZFlUCduGFPmMBQaAmT0R2vbo+ZcvNjcA8gzYAOBlK9402WrOn4i8b6ZS8vfOCr
qnYNOV2Zc8oqgEIA9LsN7AL6ycoAq1SSP4MdqUEdHgcmwHLfy43auQfc9wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDu7QaJ1lRM8Iym3+19y6oy6hi+YMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvTzd0Qm9uV1ZFendqS2JmN1gzTHFqTHFHTDVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCU5MAAwQB
U5MUAwQAU5MXAwQCU5McAwQDU5MoAwQAU5M9MA0GCSqGSIb3DQEBCwUAA4IBAQCP
FL5Xo5oL0DGUynZiXVzfpNiPw/VhPgw2jzs3kqinTk2XdxPyGXIAZB16mcrhUz/0
5ZyGwzj8AfXh14OmB8Vs49vFPJKlZtV2s0r7gmvgzaylEu3yPSoXlLflUH7z7Oqa
9JXLA1bmX3cktxzcc9DWVKPgmeHX3z0TqTFvVpVrdSOrvoc1Nc3eKCgu4H76nqNw
hjukfBF+2+vBe1JbDCmDN20RLIbDQCsJUUhE5hWoBOidMQXyA4FF5BiA+Pp102gn
CvijJPMrt9ZJpspP1h9Klgieb6U1zRTnn2EaW5xjK5/6qEM+M5Z6fqFnJEmsD+6e
xl5pAIuNuSdd2yIyMSwJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:01 2024 by rpki-client on console-ams.rpki-client.org