Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/Xb0wZExpleSTGaGxFwMDCBxSzO8.roa
File: Xb0wZExpleSTGaGxFwMDCBxSzO8.roa (raw, json)
Hash identifier: n1zilihqah9hlbNPuUgXtH4TLfeK6WnBt+Mc1bZwMnE=
Subject key identifier: 5D:BD:30:64:4C:69:95:E4:93:19:A1:B1:17:03:03:08:1C:52:CC:EF
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 0189C92603043D3F41DCA1EA0F9B7EE6889B
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/Xb0wZExpleSTGaGxFwMDCBxSzO8.roa
Signing time: Sun 06 Aug 2023 04:40:58 +0000
ROA not before: Sun 06 Aug 2023 04:40:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 83.147.44.0/22 maxlen: 24
83.147.61.0/24 maxlen: 24
83.147.62.0/24 maxlen: 24
83.147.0.0/22 maxlen: 24
83.147.11.0/24 maxlen: 24
83.147.9.0/24 maxlen: 24
83.147.14.0/24 maxlen: 24
83.147.23.0/24 maxlen: 24
83.147.28.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Aug 2023 04:55:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c9:26:03:04:3d:3f:41:dc:a1:ea:0f:9b:7e:e6:88:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Aug 6 04:40:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5dbd30644c6995e49319a1b1170303081c52ccef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:35:75:49:be:3a:d1:3d:32:bd:58:14:31:ea:
be:23:68:1b:17:b3:d5:a4:d6:32:25:2e:a7:a8:7b:
30:f3:a5:d6:19:c3:63:32:7f:b6:7a:b9:a6:ae:03:
f3:66:c5:a8:92:23:a3:75:35:20:32:b0:61:a7:63:
31:cb:03:24:67:e3:d2:fb:83:94:2d:86:ae:5e:a3:
d4:c3:63:e6:e3:aa:cb:9c:08:ac:c7:61:ee:3c:3d:
96:da:35:25:81:64:e4:4b:9c:49:f0:69:f2:73:7f:
3e:6e:ad:39:ce:ba:4a:2b:e3:41:e7:08:b8:82:bb:
1f:aa:89:14:5f:ae:56:e2:f0:fe:2c:95:d4:b8:04:
77:a4:9f:eb:0e:be:77:6f:f5:52:f9:b7:6b:8e:b5:
2f:52:8c:d3:78:db:21:6c:d2:c5:6f:8b:65:dd:55:
cc:e7:4d:40:79:51:f2:40:76:21:fb:5a:63:4b:db:
a3:0a:13:f4:fb:c6:24:28:05:29:da:a6:de:0e:62:
25:6f:67:c2:50:d1:38:dd:9d:b2:38:fc:7d:7b:42:
9a:bf:44:a4:00:e7:12:1b:d6:dd:cf:3f:e7:b7:72:
58:46:8f:d6:1f:56:3e:13:18:66:fb:a1:cb:49:12:
45:7a:18:76:64:5b:df:47:5d:b4:b5:fc:cc:b8:12:
de:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:BD:30:64:4C:69:95:E4:93:19:A1:B1:17:03:03:08:1C:52:CC:EF
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/Xb0wZExpleSTGaGxFwMDCBxSzO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.0.0/22
83.147.9.0/24
83.147.11.0/24
83.147.14.0/24
83.147.23.0/24
83.147.28.0/22
83.147.44.0/22
83.147.61.0-83.147.62.255
Signature Algorithm: sha256WithRSAEncryption
12:28:2d:d5:ce:f8:14:70:de:47:73:0e:b0:7f:7e:a0:1d:37:
03:ea:5d:d0:12:4b:d5:59:d4:e8:5b:bd:d1:43:9e:7f:9c:41:
8e:87:b2:9b:f4:5e:cc:a5:c1:ba:c4:03:38:b9:de:3a:aa:f0:
e4:56:e1:83:90:c6:91:aa:2c:7d:d1:8d:ca:4d:da:d6:74:6e:
8b:a5:b3:99:a9:bb:d1:32:e6:a2:f9:0e:86:5e:1e:80:4c:10:
b6:17:77:06:c1:c1:e4:0a:1d:77:fd:be:fc:6a:b0:94:4b:37:
de:a1:1c:1d:95:2f:86:f8:f4:ad:fc:59:62:74:d7:04:62:3f:
46:79:02:52:7e:97:3f:71:25:af:6c:72:bd:12:d5:d9:0a:db:
84:11:de:b6:b7:98:71:4f:4a:44:90:b0:13:16:be:8e:9e:e8:
c0:76:35:99:af:39:2e:b2:d1:81:9e:5a:0d:f3:9d:ee:12:8e:
f5:10:1d:16:7f:3f:8d:f7:c1:7c:af:ca:e1:7e:2e:5e:18:5b:
5d:a8:54:39:98:09:8e:1d:70:a9:ca:81:1a:46:2b:2d:be:fd:
f1:b6:2a:09:34:ce:8c:55:12:42:d4:53:bf:e2:f4:99:90:0b:
99:f5:83:92:ac:18:1f:58:00:a1:a8:a5:6f:4e:d8:5d:91:28:
fc:4f:c4:78
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYnJJgMEPT9B3KHqD5t+5oibMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjMwODA2MDQ0MDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGJkMzA2NDRjNjk5NWU0OTMxOWExYjExNzAzMDMwODFjNTJjY2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDV1Sb460T0yvVgUMeq+I2gbF7PV
pNYyJS6nqHsw86XWGcNjMn+2ermmrgPzZsWokiOjdTUgMrBhp2MxywMkZ+PS+4OU
LYauXqPUw2Pm46rLnAisx2HuPD2W2jUlgWTkS5xJ8Gnyc38+bq05zrpKK+NB5wi4
grsfqokUX65W4vD+LJXUuAR3pJ/rDr53b/VS+bdrjrUvUozTeNshbNLFb4tl3VXM
501AeVHyQHYh+1pjS9ujChP0+8YkKAUp2qbeDmIlb2fCUNE43Z2yOPx9e0Kav0Sk
AOcSG9bdzz/nt3JYRo/WH1Y+Exhm+6HLSRJFehh2ZFvfR120tfzMuBLeiwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFF29MGRMaZXkkxmhsRcDAwgcUszvMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvWGIwd1pFeHBsZVNUR2FHeEZ3TURDQnhTek84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQCU5MAAwQA
U5MJAwQAU5MLAwQAU5MOAwQAU5MXAwQCU5McAwQCU5MsMAwDBABTkz0DBABTkz4w
DQYJKoZIhvcNAQELBQADggEBABIoLdXO+BRw3kdzDrB/fqAdNwPqXdASS9VZ1Ohb
vdFDnn+cQY6Hspv0XsylwbrEAzi53jqq8ORW4YOQxpGqLH3RjcpN2tZ0bouls5mp
u9Ey5qL5DoZeHoBMELYXdwbBweQKHXf9vvxqsJRLN96hHB2VL4b49K38WWJ01wRi
P0Z5AlJ+lz9xJa9scr0S1dkK24QR3ra3mHFPSkSQsBMWvo6e6MB2NZmvOS6y0YGe
Wg3zne4SjvUQHRZ/P433wXyvyuF+Ll4YW12oVDmYCY4dcKnKgRpGKy2+/fG2Kgk0
zoxVEkLUU7/i9JmQC5n1g5KsGB9YAKGopW9O2F2RKPxPxHg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:01 2024 by rpki-client on console-ams.rpki-client.org