Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/YQmMmvNvkCuhi0vNVjlaYBySSKs.roa
File: YQmMmvNvkCuhi0vNVjlaYBySSKs.roa (raw, json)
Hash identifier: xtKV8nJOu31t5UJi3Jds9iENW00YLoWRxC7MnfD+yLo=
Subject key identifier: 61:09:8C:9A:F3:6F:90:2B:A1:8B:4B:CD:56:39:5A:60:1C:92:48:AB
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 018D53C07A8D819B6EB671914CD832A224EB
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/YQmMmvNvkCuhi0vNVjlaYBySSKs.roa
Signing time: Mon 29 Jan 2024 05:45:39 +0000
ROA not before: Mon 29 Jan 2024 05:45:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.0.0/22 maxlen: 24
83.147.21.0/24 maxlen: 24
83.147.36.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jan 2024 07:12:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:53:c0:7a:8d:81:9b:6e:b6:71:91:4c:d8:32:a2:24:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Jan 29 05:45:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61098c9af36f902ba18b4bcd56395a601c9248ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b3:78:87:5f:6e:69:4c:e0:89:ed:ee:9b:f3:
13:cc:13:c3:3f:a0:ef:fd:fe:5f:25:e6:c7:b3:0e:
20:0a:5e:b2:d2:c7:23:f5:fa:f8:9d:60:c7:79:90:
c3:31:46:0e:5a:09:7c:e3:fa:bb:96:c8:02:2b:5c:
31:ae:c6:e3:9e:ec:ec:28:98:b8:fb:34:3d:d5:28:
a7:56:10:f3:f5:25:87:b0:3a:c1:cd:0d:6a:b4:40:
e8:08:9f:39:1d:5a:b4:d1:ce:29:01:11:ff:ee:70:
f3:2b:cb:4d:b1:c3:a2:28:ae:83:88:fe:32:27:cb:
aa:af:bc:84:63:29:25:c8:df:c8:2a:48:a0:fa:84:
f7:eb:33:3a:fe:3c:1d:28:a1:96:f9:9a:99:e8:61:
bd:95:31:4f:70:c6:8b:4c:c3:26:4c:42:14:e4:ad:
f7:4c:24:8a:a1:1f:a8:55:d0:df:b4:8c:fd:19:3b:
3a:de:a0:0a:31:51:d9:45:ba:d2:08:9a:f6:69:21:
10:05:f5:84:66:70:fc:12:b0:a7:40:26:5d:d7:b0:
43:80:d0:43:00:98:83:02:cf:88:8b:41:18:c6:c8:
2c:2c:1f:95:e4:4a:47:0a:bf:ad:cf:fa:ce:e3:0f:
9d:fb:58:86:75:20:1c:b4:64:a7:ee:2d:15:43:69:
53:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:09:8C:9A:F3:6F:90:2B:A1:8B:4B:CD:56:39:5A:60:1C:92:48:AB
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/YQmMmvNvkCuhi0vNVjlaYBySSKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.0.0/22
83.147.21.0/24
83.147.36.0/22
Signature Algorithm: sha256WithRSAEncryption
46:7a:43:d5:21:16:36:65:7e:71:fa:19:de:e0:54:c1:e1:50:
fa:9a:99:e4:55:da:16:11:56:c1:d0:b7:44:ca:14:83:a4:89:
d6:13:c0:de:5d:d3:1d:dd:8c:92:b7:d2:df:37:0f:04:b9:e4:
e6:be:c8:87:3a:4b:c5:88:20:0f:d3:aa:e3:b6:c6:97:db:84:
51:40:e4:8a:66:e4:2e:66:05:3d:83:2d:a9:1f:d9:9e:20:1a:
16:2c:90:8d:b7:79:2c:48:80:96:cf:00:f0:71:6e:73:ff:e3:
e6:5f:12:a8:3c:1e:49:6a:22:a1:f2:9f:41:62:83:35:6d:f9:
af:cc:ab:92:1f:fe:d8:1f:13:e3:c9:a6:8f:0a:99:d9:25:f2:
29:cd:ac:b5:fb:18:2a:17:67:5c:68:03:6c:7a:ac:5e:19:8f:
77:cf:f3:ca:39:ce:89:57:30:9f:00:bc:fc:fa:79:38:eb:3e:
83:1e:22:ca:de:84:24:51:6d:22:b9:30:38:6a:67:dd:0b:f2:
43:52:f4:dc:61:a4:dc:0c:64:e6:b5:05:fe:45:24:a7:42:84:
73:e1:3c:98:6d:a2:0b:08:9e:f8:8f:2a:d0:c6:b5:b3:6c:64:
b1:0d:2e:28:48:cf:d5:e0:3f:17:f8:e8:43:4c:ec:a8:fa:0f:
4e:7e:df:a6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1TwHqNgZtutnGRTNgyoiTrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjQwMTI5MDU0NTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTA5OGM5YWYzNmY5MDJiYTE4YjRiY2Q1NjM5NWE2MDFjOTI0OGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLN4h19uaUzgie3um/MTzBPDP6Dv
/f5fJebHsw4gCl6y0scj9fr4nWDHeZDDMUYOWgl84/q7lsgCK1wxrsbjnuzsKJi4
+zQ91SinVhDz9SWHsDrBzQ1qtEDoCJ85HVq00c4pARH/7nDzK8tNscOiKK6DiP4y
J8uqr7yEYyklyN/IKkig+oT36zM6/jwdKKGW+ZqZ6GG9lTFPcMaLTMMmTEIU5K33
TCSKoR+oVdDftIz9GTs63qAKMVHZRbrSCJr2aSEQBfWEZnD8ErCnQCZd17BDgNBD
AJiDAs+Ii0EYxsgsLB+V5EpHCr+tz/rO4w+d+1iGdSActGSn7i0VQ2lTHwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGEJjJrzb5AroYtLzVY5WmAckkirMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvWVFtTW12TnZrQ3VoaTB2TlZqbGFZQnlTU0tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCU5MAAwQA
U5MVAwQCU5MkMA0GCSqGSIb3DQEBCwUAA4IBAQBGekPVIRY2ZX5x+hne4FTB4VD6
mpnkVdoWEVbB0LdEyhSDpInWE8DeXdMd3YySt9LfNw8EueTmvsiHOkvFiCAP06rj
tsaX24RRQOSKZuQuZgU9gy2pH9meIBoWLJCNt3ksSICWzwDwcW5z/+PmXxKoPB5J
aiKh8p9BYoM1bfmvzKuSH/7YHxPjyaaPCpnZJfIpzay1+xgqF2dcaANseqxeGY93
z/PKOc6JVzCfALz8+nk46z6DHiLK3oQkUW0iuTA4amfdC/JDUvTcYaTcDGTmtQX+
RSSnQoRz4TyYbaILCJ74jyrQxrWzbGSxDS4oSM/V4D8X+OhDTOyo+g9Oft+m
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:01 2024 by rpki-client on console-ams.rpki-client.org