Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/TH0fk7aQ4G2lBxJ6W23eSd3euIQ.roa
File: TH0fk7aQ4G2lBxJ6W23eSd3euIQ.roa (raw, json)
Hash identifier: 5g53EBqYrb9ofy4HOgOMaL90UKIrirZI24jTS2bojYE=
Subject key identifier: 4C:7D:1F:93:B6:90:E0:6D:A5:07:12:7A:5B:6D:DE:49:DD:DE:B8:84
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 0192F08A7FE421602D1CCDB3BBF2D4DD0E4F
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/TH0fk7aQ4G2lBxJ6W23eSd3euIQ.roa
Signing time: Sun 03 Nov 2024 05:41:01 +0000
ROA not before: Sun 03 Nov 2024 05:41:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.16.0/22 maxlen: 24
83.147.20.0/24 maxlen: 24
83.147.21.0/24 maxlen: 24
83.147.26.0/23 maxlen: 24
83.147.28.0/24 maxlen: 24
83.147.40.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Nov 2024 08:54:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f0:8a:7f:e4:21:60:2d:1c:cd:b3:bb:f2:d4:dd:0e:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Nov 3 05:41:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c7d1f93b690e06da507127a5b6dde49dddeb884
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e6:46:c2:1f:25:3c:01:51:4e:b1:94:a3:27:
60:d5:04:27:dd:6b:b8:d6:b6:e9:5b:87:4b:a5:04:
49:b6:5a:7e:a3:24:07:95:22:0d:4a:ca:dc:8a:5b:
b7:fe:81:2f:f2:a9:9e:0b:54:a1:00:52:f0:c7:25:
30:65:d3:bb:ca:20:e2:90:1b:77:c5:e3:c4:a9:ac:
76:8c:b8:cf:09:ee:e5:a9:ad:7f:94:82:e4:b6:09:
fc:95:83:9c:5c:bf:ba:62:b0:ef:3d:d4:7b:5e:0c:
e4:d1:7d:b7:9f:c9:fd:84:be:6b:5d:31:a9:6f:1f:
87:4a:c3:98:fb:ca:55:f8:c8:7c:3e:46:5a:00:9b:
03:9c:0d:68:d2:03:d3:15:f1:b0:1b:55:24:64:e7:
52:41:f3:7d:72:00:be:a7:05:52:bf:ac:d0:e2:a9:
3d:88:40:cd:0a:d7:e5:c4:bf:34:f0:a6:e4:7b:21:
d8:23:57:67:21:78:e8:8a:52:e5:3c:d0:a8:0e:9d:
6a:f4:b1:92:26:51:f0:83:59:cd:d0:9f:24:8c:c5:
a3:73:d1:60:1e:05:2f:74:98:e0:fa:91:9c:e4:53:
bc:f4:2d:3a:bc:e6:e6:6f:3e:60:25:37:12:7a:c4:
11:4c:2e:9d:ff:49:71:44:11:18:b2:0f:b7:29:d7:
c4:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:7D:1F:93:B6:90:E0:6D:A5:07:12:7A:5B:6D:DE:49:DD:DE:B8:84
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/TH0fk7aQ4G2lBxJ6W23eSd3euIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.16.0-83.147.21.255
83.147.26.0-83.147.28.255
83.147.40.0/22
Signature Algorithm: sha256WithRSAEncryption
86:98:eb:89:cf:8d:4e:18:1b:83:43:97:d5:71:73:09:4b:99:
aa:63:33:05:b1:e7:84:65:4c:85:83:91:d3:3f:c2:73:b6:16:
79:0a:ee:ee:ef:ec:67:94:93:9a:77:b6:a7:1e:bb:68:67:2f:
6b:4d:00:a7:d7:02:d3:ac:f9:52:b6:95:ff:25:3e:46:eb:3c:
fd:56:ec:b7:28:cd:3e:ed:28:d1:c4:07:90:ab:59:f5:47:e3:
7d:05:00:4a:f2:6b:64:40:73:a9:0d:f3:54:74:be:0e:e7:a0:
a5:bd:17:e8:60:e1:c5:30:80:76:4d:69:6a:8f:6e:a6:8f:51:
9a:a1:d4:a8:4e:dd:b3:64:ee:5c:ae:ac:b8:09:7f:3a:b9:25:
8c:c8:f3:9d:25:07:84:e8:89:05:8a:f4:f0:b0:4b:c9:2a:59:
0c:cf:1a:85:98:5c:26:c3:41:81:b3:b2:1e:ed:04:cb:88:95:
44:43:0a:c1:4f:f6:62:88:c3:92:bc:ae:c1:22:22:9c:51:48:
a3:3d:37:09:f3:ce:13:1c:d0:90:33:7a:f4:71:8f:f6:d3:2d:
f3:8b:fd:b4:ef:e5:95:2f:c6:71:de:40:37:62:36:90:be:9d:
36:b7:d6:14:75:2d:b9:24:7d:92:f7:fb:50:04:85:c3:4f:df:
8a:15:45:0a
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZLwin/kIWAtHM2zu/LU3Q5PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjQxMTAzMDU0MTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzdkMWY5M2I2OTBlMDZkYTUwNzEyN2E1YjZkZGU0OWRkZGViODg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+ZGwh8lPAFRTrGUoydg1QQn3Wu4
1rbpW4dLpQRJtlp+oyQHlSINSsrcilu3/oEv8qmeC1ShAFLwxyUwZdO7yiDikBt3
xePEqax2jLjPCe7lqa1/lILktgn8lYOcXL+6YrDvPdR7Xgzk0X23n8n9hL5rXTGp
bx+HSsOY+8pV+Mh8PkZaAJsDnA1o0gPTFfGwG1UkZOdSQfN9cgC+pwVSv6zQ4qk9
iEDNCtflxL808KbkeyHYI1dnIXjoilLlPNCoDp1q9LGSJlHwg1nN0J8kjMWjc9Fg
HgUvdJjg+pGc5FO89C06vObmbz5gJTcSesQRTC6d/0lxRBEYsg+3KdfElQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFEx9H5O2kOBtpQcSeltt3knd3riEMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvVEgwZms3YVE0RzJsQnhKNlcyM2VTZDNldUlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBARTkxAD
BAFTkxQwDAMEAVOTGgMEAFOTHAMEAlOTKDANBgkqhkiG9w0BAQsFAAOCAQEAhpjr
ic+NThgbg0OX1XFzCUuZqmMzBbHnhGVMhYOR0z/Cc7YWeQru7u/sZ5STmne2px67
aGcva00Ap9cC06z5UraV/yU+Rus8/VbstyjNPu0o0cQHkKtZ9UfjfQUASvJrZEBz
qQ3zVHS+Duegpb0X6GDhxTCAdk1pao9upo9RmqHUqE7ds2TuXK6suAl/OrkljMjz
nSUHhOiJBYr08LBLySpZDM8ahZhcJsNBgbOyHu0Ey4iVREMKwU/2YojDkryuwSIi
nFFIoz03CfPOExzQkDN69HGP9tMt84v9tO/llS/Gcd5AN2I2kL6dNrfWFHUtuSR9
kvf7UASFw0/fihVFCg==
-----END CERTIFICATE-----
Generated at Wed Nov 6 10:12:03 2024 by rpki-client on console-fra.rpki-client.org