Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/ftqdNwZLvBJlpobQte8NJkfQ9yk.roa
File: ftqdNwZLvBJlpobQte8NJkfQ9yk.roa (raw, json)
Hash identifier: oSqMEHQ0WtHeXTSiGjjbeJjSWBmszJGn1qXZQjcKfmo=
Subject key identifier: 7E:DA:9D:37:06:4B:BC:12:65:A6:86:D0:B5:EF:0D:26:47:D0:F7:29
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 018A4FB964D00E8BE76F48421CEEEA97EB69
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/ftqdNwZLvBJlpobQte8NJkfQ9yk.roa
Signing time: Fri 01 Sep 2023 07:51:04 +0000
ROA not before: Fri 01 Sep 2023 07:51:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 83.147.44.0/22 maxlen: 24
83.147.40.0/22 maxlen: 24
83.147.61.0/24 maxlen: 24
83.147.0.0/22 maxlen: 24
83.147.11.0/24 maxlen: 24
83.147.9.0/24 maxlen: 24
83.147.14.0/24 maxlen: 24
83.147.20.0/23 maxlen: 24
83.147.23.0/24 maxlen: 24
83.147.28.0/22 maxlen: 24
83.147.26.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Sep 2023 04:39:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4f:b9:64:d0:0e:8b:e7:6f:48:42:1c:ee:ea:97:eb:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Sep 1 07:51:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7eda9d37064bbc1265a686d0b5ef0d2647d0f729
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:19:bd:df:d5:5c:e7:96:c2:f1:da:d9:a9:81:
5d:63:26:4c:bb:60:30:4e:dc:ca:35:10:a3:f5:fe:
05:15:7a:2b:45:95:51:70:db:e6:89:7a:94:9b:39:
92:87:f5:ff:02:e9:1b:7d:fc:76:75:63:7f:79:83:
cf:fb:2d:f7:da:c6:fe:c0:2f:c6:6e:5b:a9:2b:17:
68:92:5b:a6:ed:c7:01:b3:a6:f1:c9:19:15:0b:3c:
a7:15:19:fe:99:bc:17:18:f9:4b:05:6c:9e:8d:96:
9d:51:d6:cd:0f:7b:68:cb:7c:c9:55:93:e5:28:7e:
d0:a6:f5:38:f6:49:ae:bf:ba:66:8e:8b:53:7e:9a:
10:5e:c4:89:e5:d7:5c:24:4f:02:57:79:51:0e:e2:
3c:aa:be:6c:56:4e:7b:ab:7c:84:0a:b6:b5:ce:20:
bb:b4:f2:35:5c:8f:8a:a3:d2:24:b3:40:59:49:28:
9a:8b:82:23:2b:80:67:e0:c8:5a:1a:c1:e0:2b:9a:
89:4d:db:2f:dd:4d:53:20:50:9c:ca:af:5f:af:42:
81:69:d7:fb:de:fa:15:35:c7:be:b3:d6:55:47:e7:
ad:95:7f:90:ec:c2:a9:58:52:c5:48:5d:32:0a:2a:
11:19:a3:29:dc:56:d6:5b:75:59:d5:ec:3c:b1:f8:
79:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:DA:9D:37:06:4B:BC:12:65:A6:86:D0:B5:EF:0D:26:47:D0:F7:29
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/ftqdNwZLvBJlpobQte8NJkfQ9yk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.0.0/22
83.147.9.0/24
83.147.11.0/24
83.147.14.0/24
83.147.20.0/23
83.147.23.0/24
83.147.26.0-83.147.31.255
83.147.40.0/21
83.147.61.0/24
Signature Algorithm: sha256WithRSAEncryption
79:ea:ea:98:a1:18:19:f1:37:54:55:41:e2:06:d8:77:13:85:
c4:c4:6e:17:93:a2:62:97:9d:1e:b0:80:6a:0b:96:1a:62:fc:
87:2c:4d:1c:7d:fc:85:04:54:8a:8a:54:83:e2:3b:7e:23:3a:
97:cd:24:5c:e6:db:5a:bf:de:17:9e:59:cb:2f:7f:e3:8d:83:
c8:5f:58:35:b0:7e:a9:22:8e:0f:b8:28:b5:f3:6f:35:00:42:
cf:4f:7e:53:32:e2:1e:cd:a8:80:07:e6:69:f8:bf:60:fb:ba:
bc:67:62:25:99:e6:44:a9:c2:1d:b6:2b:1e:63:20:eb:d9:a9:
6a:e3:de:f0:d1:46:d0:58:26:98:55:6e:a9:9d:86:2c:f9:f2:
2f:6a:0d:d6:06:b2:ec:3f:f6:57:c8:0c:37:b5:6f:2e:4c:88:
c4:80:41:f3:93:7c:2b:7a:d6:66:54:ac:8a:00:25:e4:49:54:
3f:4d:46:91:ec:c5:a1:a4:42:d2:f0:b0:71:39:ea:d3:77:9d:
54:a0:77:07:36:b8:6e:bb:42:84:13:a0:ee:7a:9d:3d:46:48:
d7:4a:2a:43:43:ae:96:eb:a9:da:0e:5f:0f:6f:c3:e5:21:c0:
3c:63:28:f3:3d:86:3b:06:22:0b:57:91:51:76:25:a4:fc:71:
17:68:9c:2d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYpPuWTQDovnb0hCHO7ql+tpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjMwOTAxMDc1MTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWRhOWQzNzA2NGJiYzEyNjVhNjg2ZDBiNWVmMGQyNjQ3ZDBmNzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRm939Vc55bC8drZqYFdYyZMu2Aw
TtzKNRCj9f4FFXorRZVRcNvmiXqUmzmSh/X/Aukbffx2dWN/eYPP+y332sb+wC/G
blupKxdoklum7ccBs6bxyRkVCzynFRn+mbwXGPlLBWyejZadUdbND3toy3zJVZPl
KH7QpvU49kmuv7pmjotTfpoQXsSJ5ddcJE8CV3lRDuI8qr5sVk57q3yECra1ziC7
tPI1XI+Ko9Iks0BZSSiai4IjK4Bn4MhaGsHgK5qJTdsv3U1TIFCcyq9fr0KBadf7
3voVNce+s9ZVR+etlX+Q7MKpWFLFSF0yCioRGaMp3FbWW3VZ1ew8sfh5KwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFH7anTcGS7wSZaaG0LXvDSZH0PcpMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvZnRxZE53Wkx2QkpscG9iUXRlOE5Ka2ZROXlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQCU5MAAwQA
U5MJAwQAU5MLAwQAU5MOAwQBU5MUAwQAU5MXMAwDBAFTkxoDBAVTkwADBANTkygD
BABTkz0wDQYJKoZIhvcNAQELBQADggEBAHnq6pihGBnxN1RVQeIG2HcThcTEbheT
omKXnR6wgGoLlhpi/IcsTRx9/IUEVIqKVIPiO34jOpfNJFzm21q/3heeWcsvf+ON
g8hfWDWwfqkijg+4KLXzbzUAQs9PflMy4h7NqIAH5mn4v2D7urxnYiWZ5kSpwh22
Kx5jIOvZqWrj3vDRRtBYJphVbqmdhiz58i9qDdYGsuw/9lfIDDe1by5MiMSAQfOT
fCt61mZUrIoAJeRJVD9NRpHsxaGkQtLwsHE56tN3nVSgdwc2uG67QoQToO56nT1G
SNdKKkNDrpbrqdoOXw9vw+UhwDxjKPM9hjsGIgtXkVF2JaT8cRdonC0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:50 2024 by rpki-client on console-fra.rpki-client.org