Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/Us3VukMjYQAo4_3cpoTBlOQTk-U.roa
File: Us3VukMjYQAo4_3cpoTBlOQTk-U.roa (raw, json)
Hash identifier: p0hfPczmcHcvd5rR351Zvd3vX7A+pgw2Wvnq3Ud/Wpc=
Subject key identifier: 52:CD:D5:BA:43:23:61:00:28:E3:FD:DC:A6:84:C1:94:E4:13:93:E5
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 018B8ED0941EA1F4143A09E25B6002A31E6E
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/Us3VukMjYQAo4_3cpoTBlOQTk-U.roa
Signing time: Thu 02 Nov 2023 06:55:15 +0000
ROA not before: Thu 02 Nov 2023 06:55:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 83.147.44.0/22 maxlen: 24
83.147.40.0/22 maxlen: 24
83.147.61.0/24 maxlen: 24
83.147.20.0/23 maxlen: 24
83.147.23.0/24 maxlen: 24
83.147.28.0/22 maxlen: 24
83.147.26.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Nov 2023 05:20:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8e:d0:94:1e:a1:f4:14:3a:09:e2:5b:60:02:a3:1e:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Nov 2 06:55:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52cdd5ba4323610028e3fddca684c194e41393e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:83:7d:53:b1:02:5c:8d:10:af:cf:d7:e8:f0:
54:1e:b7:96:7a:86:0a:a2:9e:5c:a9:df:ad:a7:46:
50:51:20:09:b3:c2:3d:46:62:f2:3a:c5:5c:86:21:
48:0e:69:f9:93:22:a8:b4:b3:21:5b:35:9f:d9:cd:
c1:7a:56:a1:b5:23:fd:f5:2e:35:22:2e:b2:db:4e:
cd:7f:db:95:08:13:fd:0d:b2:79:18:7d:70:26:ce:
3e:59:24:a6:8e:e0:fa:22:80:cf:21:33:85:7e:4d:
a8:80:93:17:e1:a5:9d:a9:c3:71:8f:a6:85:5b:c9:
55:a6:5a:07:2a:fc:3d:0b:dd:2f:73:64:65:48:c1:
2a:b2:54:1e:5c:44:09:8a:95:2d:40:22:5a:f7:88:
36:b7:2b:d7:ba:6b:45:aa:43:78:f9:20:a0:2e:fa:
c7:5c:f8:e1:13:6f:a4:10:39:65:0e:2a:88:d0:19:
1b:c6:e0:dc:bf:53:14:0c:a0:15:e5:97:99:e2:5a:
a6:d9:a4:90:51:47:13:17:55:69:32:f3:7b:36:f2:
9b:bf:7b:80:4a:63:8f:55:75:ff:d8:40:fa:16:ae:
8f:c4:39:63:76:c7:d5:11:a3:8f:79:2a:9f:31:4e:
12:13:2d:c3:f7:f4:6d:28:2a:1b:27:b8:01:fc:69:
8b:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:CD:D5:BA:43:23:61:00:28:E3:FD:DC:A6:84:C1:94:E4:13:93:E5
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/Us3VukMjYQAo4_3cpoTBlOQTk-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.20.0/23
83.147.23.0/24
83.147.26.0-83.147.31.255
83.147.40.0/21
83.147.61.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:8e:15:ee:cc:8a:81:54:ed:3b:31:e5:c3:c9:4a:f6:2a:e6:
63:32:55:18:0e:3d:00:60:18:69:12:15:5a:8b:b7:90:f3:f5:
c2:7b:ac:15:59:de:63:76:ee:5d:4c:60:0c:14:48:6a:17:17:
31:c6:12:0c:7c:11:18:09:c3:36:02:a1:70:78:7d:fe:bd:b8:
c2:88:17:4d:ff:db:f2:11:85:8c:b9:36:cd:13:47:8f:ea:30:
d8:80:58:7d:d0:91:9e:f0:94:b5:3f:f2:45:2e:55:39:c4:d8:
df:ab:0e:b3:9f:ed:1b:43:8f:b3:6c:8f:05:fc:bb:b3:48:c6:
89:a0:41:9d:e8:5d:e2:24:1e:74:8f:b5:c7:30:16:e8:36:d9:
91:6b:29:3b:43:87:b6:a1:f9:93:ce:06:29:f3:3e:7f:2c:f5:
97:62:26:93:38:a8:9c:ce:6a:a2:3f:ac:24:3d:e1:66:5e:73:
d5:41:5b:49:48:8b:56:9c:af:6f:fc:87:98:f0:fe:b9:eb:01:
70:ec:57:e8:2b:28:17:cf:79:25:58:5c:33:d3:1b:b3:b1:14:
bb:34:79:6b:0f:43:f7:41:46:6f:a2:91:64:3b:d6:a8:79:d3:
7c:77:cd:c2:d9:26:4f:96:ed:93:0e:df:4a:cd:1e:fc:5e:a3:
c8:8b:c5:c3
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYuO0JQeofQUOgniW2ACox5uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjMxMTAyMDY1NTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmNkZDViYTQzMjM2MTAwMjhlM2ZkZGNhNjg0YzE5NGU0MTM5M2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4N9U7ECXI0Qr8/X6PBUHreWeoYK
op5cqd+tp0ZQUSAJs8I9RmLyOsVchiFIDmn5kyKotLMhWzWf2c3BelahtSP99S41
Ii6y207Nf9uVCBP9DbJ5GH1wJs4+WSSmjuD6IoDPITOFfk2ogJMX4aWdqcNxj6aF
W8lVploHKvw9C90vc2RlSMEqslQeXEQJipUtQCJa94g2tyvXumtFqkN4+SCgLvrH
XPjhE2+kEDllDiqI0BkbxuDcv1MUDKAV5ZeZ4lqm2aSQUUcTF1VpMvN7NvKbv3uA
SmOPVXX/2ED6Fq6PxDljdsfVEaOPeSqfMU4SEy3D9/RtKCobJ7gB/GmLOQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFFLN1bpDI2EAKOP93KaEwZTkE5PlMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvVXMzVnVrTWpZUUFvNF8zY3BvVEJsT1FUay1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBU5MUAwQA
U5MXMAwDBAFTkxoDBAVTkwADBANTkygDBABTkz0wDQYJKoZIhvcNAQELBQADggEB
AKuOFe7MioFU7Tsx5cPJSvYq5mMyVRgOPQBgGGkSFVqLt5Dz9cJ7rBVZ3mN27l1M
YAwUSGoXFzHGEgx8ERgJwzYCoXB4ff69uMKIF03/2/IRhYy5Ns0TR4/qMNiAWH3Q
kZ7wlLU/8kUuVTnE2N+rDrOf7RtDj7NsjwX8u7NIxomgQZ3oXeIkHnSPtccwFug2
2ZFrKTtDh7ah+ZPOBinzPn8s9ZdiJpM4qJzOaqI/rCQ94WZec9VBW0lIi1acr2/8
h5jw/rnrAXDsV+grKBfPeSVYXDPTG7OxFLs0eWsPQ/dBRm+ikWQ71qh503x3zcLZ
Jk+W7ZMO30rNHvxeo8iLxcM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:01 2024 by rpki-client on console-ams.rpki-client.org