Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/_xmLnMEoEnUcR7kppkoAVvAyLbM.roa
File: _xmLnMEoEnUcR7kppkoAVvAyLbM.roa (raw, json)
Hash identifier: 8DzpI25LX50ImUhZobB9mtPtKQ2yrjzngss3pa2AuA0=
Subject key identifier: FF:19:8B:9C:C1:28:12:75:1C:47:B9:29:A6:4A:00:56:F0:32:2D:B3
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 01915ABDEF0710D5AEFECA9ACB63D6117682
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/_xmLnMEoEnUcR7kppkoAVvAyLbM.roa
Signing time: Fri 16 Aug 2024 10:31:22 +0000
ROA not before: Fri 16 Aug 2024 10:31:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.0.0/22 maxlen: 24
83.147.16.0/22 maxlen: 24
83.147.21.0/24 maxlen: 24
83.147.26.0/23 maxlen: 24
83.147.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Aug 2024 04:08:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:5a:bd:ef:07:10:d5:ae:fe:ca:9a:cb:63:d6:11:76:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Aug 16 10:31:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff198b9cc12812751c47b929a64a0056f0322db3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:68:f9:6e:3f:22:f9:20:16:59:97:ee:50:20:
48:13:f8:39:04:73:52:7f:ca:54:ce:ab:48:b7:21:
ea:04:ea:5c:d3:32:59:ad:b9:19:69:a2:1c:c4:3a:
9d:fc:b8:83:62:d8:47:c6:0f:f7:ca:13:68:1c:e3:
0b:cb:37:56:b3:b5:27:d3:a1:5a:d6:f9:a4:ce:00:
86:10:2f:4d:29:5a:7b:8f:17:9f:64:28:90:cf:6a:
d4:91:9b:db:a4:ed:1f:82:14:b4:72:fb:c4:a4:5d:
cf:0a:23:42:90:04:cd:aa:df:cd:c5:69:de:e8:3a:
a8:bb:7b:d0:6e:74:3a:b3:dd:98:0b:67:aa:81:65:
a6:21:8a:7b:b8:ef:f7:43:5a:52:b1:0c:3c:b0:7d:
fb:d3:57:5c:66:26:00:f7:7e:37:b8:35:2d:bd:86:
48:fc:14:ed:3c:f5:0e:25:b8:1b:c5:5b:ee:80:a0:
12:9c:17:37:62:08:e6:71:58:5b:86:bb:0a:b9:54:
5a:90:a4:26:74:6a:c7:a2:8c:48:43:aa:64:34:50:
ae:da:84:c7:06:ad:72:8f:cc:b2:98:87:38:6b:9b:
cd:44:11:10:99:a8:65:50:5a:36:b2:8d:b0:46:56:
f0:b0:9f:4d:68:92:5f:48:37:e8:cf:52:95:2b:f3:
22:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:19:8B:9C:C1:28:12:75:1C:47:B9:29:A6:4A:00:56:F0:32:2D:B3
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/_xmLnMEoEnUcR7kppkoAVvAyLbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.0.0/22
83.147.16.0/22
83.147.21.0/24
83.147.26.0-83.147.28.255
Signature Algorithm: sha256WithRSAEncryption
26:8a:af:6d:ed:3d:9b:fd:18:04:89:be:53:68:36:aa:e9:86:
c1:24:fd:15:5c:19:17:d3:84:71:39:f1:a2:4b:e2:0f:f3:c5:
13:34:fa:ab:86:d1:fb:e9:5a:66:6f:38:1c:33:4a:d2:e4:57:
d5:6b:d6:e4:16:a2:12:c1:6d:64:79:ab:18:ed:ea:30:17:02:
11:d1:8e:86:41:98:35:32:35:a5:f3:7d:68:22:49:b5:99:56:
b0:c1:ce:a3:bc:02:ed:f3:e4:56:42:8d:c9:65:ea:11:ad:d3:
da:a2:00:19:a7:26:43:f1:24:57:5c:78:e3:7f:3c:86:99:38:
0c:99:e2:c8:b7:2f:00:20:34:fa:ee:47:fe:15:f7:c6:db:df:
2b:6f:a4:00:cb:19:2d:56:c3:a2:05:f2:2f:12:df:39:c4:22:
5b:39:cc:c3:d4:21:b3:1e:d8:72:a7:0a:fc:e0:3f:cb:10:66:
86:6a:38:92:ac:1a:ac:f6:95:bb:5b:24:4d:1c:14:8c:65:3d:
88:fd:db:e4:f2:ca:9b:d3:f6:f4:34:dd:63:10:4d:21:cd:d9:
45:43:08:2c:66:4f:92:14:6f:24:1e:2c:cf:cf:da:c9:c8:26:
98:5b:5b:cb:5f:ba:a1:c9:d2:ed:83:61:dd:95:5b:2c:e2:bb:
f9:4d:c2:df
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZFave8HENWu/sqay2PWEXaCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjQwODE2MTAzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjE5OGI5Y2MxMjgxMjc1MWM0N2I5MjlhNjRhMDA1NmYwMzIyZGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Wj5bj8i+SAWWZfuUCBIE/g5BHNS
f8pUzqtItyHqBOpc0zJZrbkZaaIcxDqd/LiDYthHxg/3yhNoHOMLyzdWs7Un06Fa
1vmkzgCGEC9NKVp7jxefZCiQz2rUkZvbpO0fghS0cvvEpF3PCiNCkATNqt/NxWne
6Dqou3vQbnQ6s92YC2eqgWWmIYp7uO/3Q1pSsQw8sH3701dcZiYA9343uDUtvYZI
/BTtPPUOJbgbxVvugKASnBc3YgjmcVhbhrsKuVRakKQmdGrHooxIQ6pkNFCu2oTH
Bq1yj8yymIc4a5vNRBEQmahlUFo2so2wRlbwsJ9NaJJfSDfoz1KVK/MirQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFP8Zi5zBKBJ1HEe5KaZKAFbwMi2zMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvX3htTG5NRW9FblVjUjdrcHBrb0FWdkF5TGJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCU5MAAwQC
U5MQAwQAU5MVMAwDBAFTkxoDBABTkxwwDQYJKoZIhvcNAQELBQADggEBACaKr23t
PZv9GASJvlNoNqrphsEk/RVcGRfThHE58aJL4g/zxRM0+quG0fvpWmZvOBwzStLk
V9Vr1uQWohLBbWR5qxjt6jAXAhHRjoZBmDUyNaXzfWgiSbWZVrDBzqO8Au3z5FZC
jcll6hGt09qiABmnJkPxJFdceON/PIaZOAyZ4si3LwAgNPruR/4V98bb3ytvpADL
GS1Ww6IF8i8S3znEIls5zMPUIbMe2HKnCvzgP8sQZoZqOJKsGqz2lbtbJE0cFIxl
PYj92+TyypvT9vQ03WMQTSHN2UVDCCxmT5IUbyQeLM/P2snIJphbW8tfuqHJ0u2D
Yd2VWyziu/lNwt8=
-----END CERTIFICATE-----
Generated at Wed Aug 21 05:41:59 2024 by rpki-client on console-ams.rpki-client.org