Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/ZRhYep04cXZeJmpvq4U2ykhKpa4.roa
File: ZRhYep04cXZeJmpvq4U2ykhKpa4.roa (raw, json)
Hash identifier: 02S4htL/BWqjoTGecbGTSK+I1PnCbHLgkLc0T6+2QSc=
Subject key identifier: 65:18:58:7A:9D:38:71:76:5E:26:6A:6F:AB:85:36:CA:48:4A:A5:AE
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 0190A535F2D1DD73416C203F47A381E80A9A
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/ZRhYep04cXZeJmpvq4U2ykhKpa4.roa
Signing time: Fri 12 Jul 2024 04:31:34 +0000
ROA not before: Fri 12 Jul 2024 04:31:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.0.0/22 maxlen: 24
83.147.16.0/22 maxlen: 24
83.147.21.0/24 maxlen: 24
83.147.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jul 2024 03:44:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a5:35:f2:d1:dd:73:41:6c:20:3f:47:a3:81:e8:0a:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Jul 12 04:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6518587a9d3871765e266a6fab8536ca484aa5ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d6:47:b1:30:4a:ed:41:ed:9a:0d:c5:5e:c8:
8a:ec:92:ec:1a:56:5e:02:36:97:bc:ff:aa:eb:e7:
00:18:13:50:1b:01:90:8c:0d:65:79:28:92:fb:29:
80:8d:b7:ab:9a:fb:3c:d7:eb:51:82:3d:1a:0a:7d:
d6:b0:f2:a4:ef:be:e4:ce:24:e3:ff:67:fc:4e:10:
04:53:1b:8d:08:7b:4e:3b:30:11:21:26:c8:34:d1:
5c:55:c7:6b:c7:d5:1a:bd:7b:ca:87:1f:4d:76:64:
b3:68:e9:0e:34:1d:64:34:23:db:d5:76:65:5f:ed:
9f:57:19:74:e7:13:df:af:a9:9c:84:df:5d:9d:31:
87:e9:b9:34:2a:6a:e9:07:80:ac:67:e9:6f:50:30:
8f:24:93:e9:52:f9:98:66:34:6f:da:37:40:e1:1b:
b8:3d:cd:a1:ff:81:cc:23:2d:0f:67:7c:6e:51:12:
70:78:fc:d5:c4:15:79:e2:0c:d3:05:a2:e0:2b:e3:
0d:86:52:91:76:54:8e:8d:7e:fd:6c:94:e6:a8:29:
c8:1c:f8:9a:5e:a2:d8:39:af:33:7d:ff:89:27:48:
d4:a2:8b:6e:52:40:08:c3:1c:b8:c1:8d:ed:ab:bc:
31:f2:3f:2c:d4:7f:46:9c:c3:2d:bf:07:45:df:06:
a8:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:18:58:7A:9D:38:71:76:5E:26:6A:6F:AB:85:36:CA:48:4A:A5:AE
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/ZRhYep04cXZeJmpvq4U2ykhKpa4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.0.0/22
83.147.16.0/22
83.147.21.0/24
83.147.28.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:94:f8:81:3c:25:38:10:b0:65:73:c3:50:5e:35:c9:fc:27:
71:83:fd:71:b7:8c:f8:5c:92:6b:e0:98:47:c1:b1:4c:15:22:
70:33:ff:f0:38:48:cc:2b:3f:ae:52:ce:ef:a1:49:1d:0d:a1:
96:6a:2b:23:53:fb:be:82:cb:91:d7:cd:74:d7:fd:30:e4:c6:
8a:fc:35:17:1b:fe:98:83:15:f7:8e:6b:40:21:08:16:06:d7:
2e:c7:9c:31:59:df:04:d0:89:1c:51:38:a5:5e:1a:67:ce:17:
6a:f0:d6:8e:c3:36:02:5c:63:85:ac:35:28:dc:e4:d3:69:55:
ee:c7:f7:72:62:db:2d:a6:23:b0:07:be:87:c8:09:8d:e6:6e:
ac:fa:3a:2b:bd:32:fe:3d:7b:2b:ea:b6:01:7e:0b:4d:cb:4d:
7e:c6:82:d9:6a:62:11:0e:78:97:9f:3f:0e:cc:d9:01:e7:b4:
69:7b:66:df:70:46:b5:13:73:b3:cd:fa:ff:0c:40:07:e9:4d:
35:d1:59:81:cb:6a:7b:9e:bf:ab:3e:85:db:44:27:ac:14:2d:
ff:39:93:df:7f:03:1a:03:f8:7b:0b:64:4f:b4:bc:72:48:fd:
10:cb:33:a2:e3:9c:9a:f5:89:a5:17:ff:3d:f2:95:ef:c5:77:
99:29:82:20
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZClNfLR3XNBbCA/R6OB6AqaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjQwNzEyMDQzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTE4NTg3YTlkMzg3MTc2NWUyNjZhNmZhYjg1MzZjYTQ4NGFhNWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9ZHsTBK7UHtmg3FXsiK7JLsGlZe
AjaXvP+q6+cAGBNQGwGQjA1leSiS+ymAjbermvs81+tRgj0aCn3WsPKk777kziTj
/2f8ThAEUxuNCHtOOzARISbINNFcVcdrx9UavXvKhx9NdmSzaOkONB1kNCPb1XZl
X+2fVxl05xPfr6mchN9dnTGH6bk0KmrpB4CsZ+lvUDCPJJPpUvmYZjRv2jdA4Ru4
Pc2h/4HMIy0PZ3xuURJwePzVxBV54gzTBaLgK+MNhlKRdlSOjX79bJTmqCnIHPia
XqLYOa8zff+JJ0jUootuUkAIwxy4wY3tq7wx8j8s1H9GnMMtvwdF3waoXwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGUYWHqdOHF2XiZqb6uFNspISqWuMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvWlJoWWVwMDRjWFplSm1wdnE0VTJ5a2hLcGE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCU5MAAwQC
U5MQAwQAU5MVAwQAU5McMA0GCSqGSIb3DQEBCwUAA4IBAQCplPiBPCU4ELBlc8NQ
XjXJ/Cdxg/1xt4z4XJJr4JhHwbFMFSJwM//wOEjMKz+uUs7voUkdDaGWaisjU/u+
gsuR18101/0w5MaK/DUXG/6YgxX3jmtAIQgWBtcux5wxWd8E0IkcUTilXhpnzhdq
8NaOwzYCXGOFrDUo3OTTaVXux/dyYtstpiOwB76HyAmN5m6s+jorvTL+PXsr6rYB
fgtNy01+xoLZamIRDniXnz8OzNkB57Rpe2bfcEa1E3Ozzfr/DEAH6U010VmBy2p7
nr+rPoXbRCesFC3/OZPffwMaA/h7C2RPtLxySP0QyzOi45ya9YmlF/898pXvxXeZ
KYIg
Generated at Mon Jul 22 07:23:45 2024 by rpki-client on console-fra.rpki-client.org