Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/ipOLf49D0W0dBT1naFlRQlxVaVE.roa
File: ipOLf49D0W0dBT1naFlRQlxVaVE.roa (raw, json)
Hash identifier: OJCK92vPko4w8nT+YC9s1Rt1JM6jgGQSVoVCXPrGozk=
Subject key identifier: 8A:93:8B:7F:8F:43:D1:6D:1D:05:3D:67:68:59:51:42:5C:55:69:51
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 018BFFD8D1A954965C7746E8B44A8BF62FB9
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/ipOLf49D0W0dBT1naFlRQlxVaVE.roa
Signing time: Fri 24 Nov 2023 05:41:21 +0000
ROA not before: Fri 24 Nov 2023 05:41:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 83.147.52.0/22 maxlen: 24
83.147.12.0/22 maxlen: 24
83.147.20.0/23 maxlen: 24
83.147.28.0/22 maxlen: 24
83.147.26.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Nov 2023 06:17:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ff:d8:d1:a9:54:96:5c:77:46:e8:b4:4a:8b:f6:2f:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Nov 24 05:41:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a938b7f8f43d16d1d053d67685951425c556951
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a9:54:eb:cf:d4:21:82:41:1f:2e:f3:10:6a:
98:c8:e9:e4:cc:9a:a0:37:2c:98:e4:02:da:4e:43:
f1:02:bb:5b:00:07:b8:30:62:b2:a8:4a:ea:a5:25:
6e:12:b7:71:b1:3f:bc:15:86:48:e4:77:30:20:b1:
ee:6e:31:85:c1:e9:7f:a4:e8:c4:ee:70:3a:34:d9:
91:0f:db:1d:0c:ae:bb:b8:c9:a2:6f:e8:ff:4f:2c:
1e:b7:76:36:66:71:ee:6f:27:e2:17:cd:c8:d2:ea:
e5:48:6f:e2:68:0d:3a:43:8f:6b:b7:a3:c3:7f:98:
db:0e:fe:a0:ee:d6:ef:9a:2b:06:97:5b:3d:35:58:
10:bb:0b:79:37:9e:ff:41:05:2f:e6:5f:fb:6b:5b:
81:37:3d:48:95:0e:76:0e:c7:51:48:fd:6c:a5:4a:
d9:4e:c0:97:b3:a4:c4:4f:4d:7b:84:23:a0:c8:26:
c5:db:af:d6:ee:51:ad:d9:07:0e:d1:c4:0b:8a:08:
23:bb:66:3e:52:96:cd:a4:5d:10:92:b9:7f:8b:a7:
d5:95:70:2f:8b:fa:de:ca:fe:a6:9a:7b:27:1b:7f:
f5:32:a6:5c:31:03:25:9e:73:30:3d:3e:98:45:7f:
0a:48:08:5f:ea:4e:fd:ae:03:6d:b0:38:63:20:09:
e5:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:93:8B:7F:8F:43:D1:6D:1D:05:3D:67:68:59:51:42:5C:55:69:51
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/ipOLf49D0W0dBT1naFlRQlxVaVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.12.0/22
83.147.20.0/23
83.147.26.0-83.147.31.255
83.147.52.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:d5:5e:9c:5c:90:45:01:f5:3d:fb:2e:f1:bb:4f:2b:9e:6c:
4e:5e:64:4d:e5:da:c1:ea:71:3b:9c:db:0d:b7:0e:5c:f0:95:
d9:f2:4a:7c:f1:dc:c6:c7:f7:23:8e:25:4b:f0:fc:46:bb:4a:
3a:ef:a3:63:d7:9c:10:bb:15:ea:b9:a6:b0:96:29:3e:d5:59:
09:94:40:e5:0e:63:81:d4:6e:0c:d0:84:54:15:32:27:00:f6:
39:58:74:e8:f7:ea:95:4f:5a:d7:a2:fa:85:90:51:74:fb:42:
15:11:81:61:9c:57:62:ac:2c:07:6b:b7:7e:44:94:c2:c9:67:
63:41:18:18:c5:45:21:9f:a0:a2:9c:73:e7:64:95:ab:8c:ef:
f0:4e:a9:90:56:3f:5d:da:5b:e8:48:04:3f:61:8d:48:26:35:
65:d2:d0:e8:5e:48:d8:a5:0d:83:3c:93:16:b3:74:ae:22:75:
4f:2f:6d:88:1b:39:4b:ed:61:67:86:ed:39:c8:05:95:8f:a9:
58:e9:60:97:de:88:18:8f:ea:8a:52:23:0c:90:ef:bf:d3:fe:
99:2b:27:f6:5f:be:4b:48:fc:e5:15:df:39:26:15:36:fe:92:
10:04:a1:aa:76:a9:82:38:fe:42:ae:37:07:0a:4c:77:28:fb:
04:c6:e1:4f
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYv/2NGpVJZcd0botEqL9i+5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjMxMTI0MDU0MTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTkzOGI3ZjhmNDNkMTZkMWQwNTNkNjc2ODU5NTE0MjVjNTU2OTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtalU68/UIYJBHy7zEGqYyOnkzJqg
NyyY5ALaTkPxArtbAAe4MGKyqErqpSVuErdxsT+8FYZI5HcwILHubjGFwel/pOjE
7nA6NNmRD9sdDK67uMmib+j/Tywet3Y2ZnHubyfiF83I0urlSG/iaA06Q49rt6PD
f5jbDv6g7tbvmisGl1s9NVgQuwt5N57/QQUv5l/7a1uBNz1IlQ52DsdRSP1spUrZ
TsCXs6TET017hCOgyCbF26/W7lGt2QcO0cQLiggju2Y+UpbNpF0Qkrl/i6fVlXAv
i/reyv6mmnsnG3/1MqZcMQMlnnMwPT6YRX8KSAhf6k79rgNtsDhjIAnlowIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIqTi3+PQ9FtHQU9Z2hZUUJcVWlRMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvaXBPTGY0OUQwVzBkQlQxbmFGbFJRbHhWYVZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCU5MMAwQB
U5MUMAwDBAFTkxoDBAVTkwADBAJTkzQwDQYJKoZIhvcNAQELBQADggEBAArVXpxc
kEUB9T37LvG7TyuebE5eZE3l2sHqcTuc2w23DlzwldnySnzx3MbH9yOOJUvw/Ea7
Sjrvo2PXnBC7Feq5prCWKT7VWQmUQOUOY4HUbgzQhFQVMicA9jlYdOj36pVPWtei
+oWQUXT7QhURgWGcV2KsLAdrt35ElMLJZ2NBGBjFRSGfoKKcc+dklauM7/BOqZBW
P13aW+hIBD9hjUgmNWXS0OheSNilDYM8kxazdK4idU8vbYgbOUvtYWeG7TnIBZWP
qVjpYJfeiBiP6opSIwyQ77/T/pkrJ/ZfvktI/OUV3zkmFTb+khAEoap2qYI4/kKu
NwcKTHco+wTG4U8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:01 2024 by rpki-client on console-ams.rpki-client.org