Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/OHcec7C-qGwNK6jsjcB8IgJfK98.roa
File: OHcec7C-qGwNK6jsjcB8IgJfK98.roa (raw, json)
Hash identifier: n07dej3zljXKeLjSYzJHTGzstjhgOR3pvf4hzTJUVY0=
Subject key identifier: 38:77:1E:73:B0:BE:A8:6C:0D:2B:A8:EC:8D:C0:7C:22:02:5F:2B:DF
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 0190DB367A59213E60B8310AA7710F791DB3
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/OHcec7C-qGwNK6jsjcB8IgJfK98.roa
Signing time: Mon 22 Jul 2024 16:11:38 +0000
ROA not before: Mon 22 Jul 2024 16:11:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.0.0/22 maxlen: 24
83.147.16.0/22 maxlen: 24
83.147.21.0/24 maxlen: 24
83.147.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jul 2024 22:10:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:db:36:7a:59:21:3e:60:b8:31:0a:a7:71:0f:79:1d:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Jul 22 16:11:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38771e73b0bea86c0d2ba8ec8dc07c22025f2bdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:80:1e:dc:7e:01:99:25:3f:b7:9b:f2:1d:b6:
ca:0f:00:09:5f:59:c6:36:97:eb:4c:08:49:a4:74:
62:b1:11:8c:6b:41:b0:ce:93:6d:49:c7:65:3c:01:
2c:8f:a6:83:df:e5:d4:b6:a2:f2:3f:23:2d:43:3c:
c5:b5:9e:40:f4:f5:9e:02:44:32:8b:12:ef:89:58:
a1:13:ef:2d:75:dd:39:7b:b7:77:8c:79:a2:23:87:
45:f4:a6:2c:37:e0:33:f1:22:e9:7d:90:63:3a:c1:
48:95:75:6f:cc:2c:1d:9f:ed:c4:9b:cc:db:f9:69:
f7:4f:a5:49:66:c2:c8:46:26:70:f4:ed:26:b1:01:
24:e2:af:ca:b2:7e:93:4d:b7:3a:7b:03:f7:b3:d3:
02:a0:a0:60:e0:d7:b1:6a:00:b1:91:6f:de:76:68:
41:91:be:dc:17:a1:67:28:05:4f:41:59:43:9a:1a:
16:fd:3e:81:03:b8:19:0c:5a:df:a3:f4:69:fb:f0:
5d:02:de:ed:ee:6c:7a:e2:cd:77:af:19:6b:f8:1b:
14:4e:b7:90:55:3c:85:f2:65:aa:27:6a:02:f8:20:
16:a0:b9:a7:f1:68:ab:85:47:27:80:e7:b0:36:eb:
6c:e2:c6:bb:49:01:4b:ab:25:86:a9:3d:4f:c8:28:
b9:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:77:1E:73:B0:BE:A8:6C:0D:2B:A8:EC:8D:C0:7C:22:02:5F:2B:DF
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/OHcec7C-qGwNK6jsjcB8IgJfK98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.0.0/22
83.147.16.0/22
83.147.21.0/24
83.147.28.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:05:bb:35:35:31:76:ae:0c:11:34:33:43:90:20:19:44:0d:
e8:00:07:59:43:3a:82:6a:ed:21:a4:bf:75:36:30:dc:c9:b2:
d4:21:76:4b:c0:3d:0a:f0:fd:69:b8:7e:9d:e4:b9:62:39:12:
5e:fc:30:e6:fa:7b:9f:72:d2:e5:a1:fe:87:1f:ce:ca:0d:e8:
c3:37:e1:be:5b:7c:e1:8b:40:2a:87:e9:cd:9c:6f:ed:aa:6c:
19:37:62:57:24:36:03:55:6d:1e:90:9b:df:b9:4a:a6:8b:3e:
df:e9:d4:ad:59:d1:d2:c1:5d:b3:b7:57:2d:1c:84:bb:0b:a2:
2b:0e:98:d7:88:bf:70:e8:80:74:07:00:e6:c0:1a:63:f5:f7:
de:37:d3:f5:84:3c:33:4b:b0:dd:57:42:85:af:d3:5f:7f:53:
b6:cc:3d:bb:6f:72:0e:f0:c8:b0:16:30:98:2e:5f:b2:fe:2d:
5c:02:ad:7f:3d:a8:4c:85:75:0d:7d:25:21:c0:6e:e8:e2:0d:
8e:dd:4d:9d:c4:9e:63:09:93:f7:40:4b:30:83:b7:4b:fd:7f:
de:5b:91:7b:9c:8f:43:ab:73:c8:43:c5:1c:fa:26:77:60:ec:
75:96:06:70:6a:df:3c:29:56:77:74:de:af:c8:37:7d:9a:54:
54:b8:6c:a1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZDbNnpZIT5guDEKp3EPeR2zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjQwNzIyMTYxMTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODc3MWU3M2IwYmVhODZjMGQyYmE4ZWM4ZGMwN2MyMjAyNWYyYmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoAe3H4BmSU/t5vyHbbKDwAJX1nG
NpfrTAhJpHRisRGMa0GwzpNtScdlPAEsj6aD3+XUtqLyPyMtQzzFtZ5A9PWeAkQy
ixLviVihE+8tdd05e7d3jHmiI4dF9KYsN+Az8SLpfZBjOsFIlXVvzCwdn+3Em8zb
+Wn3T6VJZsLIRiZw9O0msQEk4q/Ksn6TTbc6ewP3s9MCoKBg4NexagCxkW/edmhB
kb7cF6FnKAVPQVlDmhoW/T6BA7gZDFrfo/Rp+/BdAt7t7mx64s13rxlr+BsUTreQ
VTyF8mWqJ2oC+CAWoLmn8WirhUcngOewNuts4sa7SQFLqyWGqT1PyCi5TwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDh3HnOwvqhsDSuo7I3AfCICXyvfMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvT0hjZWM3Qy1xR3dOSzZqc2pjQjhJZ0pmSzk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCU5MAAwQC
U5MQAwQAU5MVAwQAU5McMA0GCSqGSIb3DQEBCwUAA4IBAQBuBbs1NTF2rgwRNDND
kCAZRA3oAAdZQzqCau0hpL91NjDcybLUIXZLwD0K8P1puH6d5LliORJe/DDm+nuf
ctLlof6HH87KDejDN+G+W3zhi0Aqh+nNnG/tqmwZN2JXJDYDVW0ekJvfuUqmiz7f
6dStWdHSwV2zt1ctHIS7C6IrDpjXiL9w6IB0BwDmwBpj9ffeN9P1hDwzS7DdV0KF
r9Nff1O2zD27b3IO8MiwFjCYLl+y/i1cAq1/PahMhXUNfSUhwG7o4g2O3U2dxJ5j
CZP3QEswg7dL/X/eW5F7nI9Dq3PIQ8Uc+iZ3YOx1lgZwat88KVZ3dN6vyDd9mlRU
uGyh
-----END CERTIFICATE-----
Generated at Thu Aug 1 00:04:18 2024 by rpki-client on console-fra.rpki-client.org