Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/kfFUemQXLLkPmiYILPxiRGtzYqs.roa
File: kfFUemQXLLkPmiYILPxiRGtzYqs.roa (raw, json)
Hash identifier: laFbie5jKIjzi+r08ObQwu1S1afqEtxSIvQh3LwYyXE=
Subject key identifier: 91:F1:54:7A:64:17:2C:B9:0F:9A:26:08:2C:FC:62:44:6B:73:62:AB
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 019022487E100EB4F155D49023B4A9CC0450
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/kfFUemQXLLkPmiYILPxiRGtzYqs.roa
Signing time: Sun 16 Jun 2024 18:21:34 +0000
ROA not before: Sun 16 Jun 2024 18:21:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.0.0/22 maxlen: 24
83.147.16.0/22 maxlen: 24
83.147.21.0/24 maxlen: 24
83.147.28.0/24 maxlen: 24
83.147.48.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jul 2024 20:35:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:22:48:7e:10:0e:b4:f1:55:d4:90:23:b4:a9:cc:04:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Jun 16 18:21:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91f1547a64172cb90f9a26082cfc62446b7362ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:33:b8:af:f6:5d:bd:48:c6:88:2e:fe:ca:bb:
dc:3f:eb:9d:49:a2:88:ee:77:1f:e7:25:94:74:9b:
58:fd:ee:61:17:56:0f:50:d8:09:16:54:35:20:03:
d3:8e:58:59:5c:46:7b:ea:17:5a:c1:ed:29:a8:1c:
35:a9:b2:0c:3f:07:9e:95:79:96:95:40:a2:86:e1:
39:e3:35:95:f2:2d:ab:04:b6:41:ca:de:cb:c3:fb:
67:ea:67:94:c7:42:a4:d3:17:a9:90:27:6c:e4:a6:
ab:72:7e:c2:f4:f6:5b:c0:1a:35:cf:ca:b9:ab:32:
41:b6:c9:66:7a:3e:a2:74:b9:0a:04:6c:08:45:05:
03:25:c6:62:00:b5:69:5f:88:c2:2b:00:42:84:43:
19:ed:1b:4a:45:65:ba:ee:a4:55:45:c7:42:c1:08:
68:08:f7:91:31:34:82:ff:6b:d0:91:5c:89:d0:c6:
fb:7b:57:38:cd:bc:17:ab:6d:d8:c7:83:4e:c4:88:
63:ce:74:ac:74:b4:e0:3d:eb:e2:e3:fc:b9:5f:cf:
aa:cb:70:97:64:55:bd:e2:5c:1d:f9:2e:09:8a:26:
13:9d:54:49:1e:b3:75:1d:f4:b5:75:90:07:d0:24:
1e:b8:2e:51:d9:87:b5:86:ce:ee:3c:7e:e1:9e:ad:
ed:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:F1:54:7A:64:17:2C:B9:0F:9A:26:08:2C:FC:62:44:6B:73:62:AB
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/kfFUemQXLLkPmiYILPxiRGtzYqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.0.0/22
83.147.16.0/22
83.147.21.0/24
83.147.28.0/24
83.147.48.0/22
Signature Algorithm: sha256WithRSAEncryption
97:0f:61:1a:7c:1a:1f:fb:24:f8:ff:d1:13:8b:19:49:71:d4:
bd:5c:21:34:f5:7c:77:d1:27:51:94:a7:46:9e:8e:09:ab:94:
b1:ef:80:57:3a:92:a0:e3:60:92:ea:91:ec:d1:a0:4c:6d:8c:
58:e3:56:62:31:f5:ff:dd:ff:89:c0:4e:aa:08:5e:94:04:6f:
4f:0d:55:f8:d5:a5:c9:a0:eb:00:1e:07:56:12:3a:ce:51:26:
90:97:75:ac:93:20:ab:ce:b5:38:69:8e:2a:81:8c:63:30:db:
b6:a7:02:8b:2a:09:bb:d8:81:5d:ed:90:70:cc:e4:61:d3:6e:
91:ea:9e:58:96:40:eb:af:04:b0:59:b8:9e:0e:61:e1:39:6f:
c0:2e:88:12:7b:a7:49:a4:8d:11:bc:0b:f5:6e:b0:79:96:fc:
ff:c6:3f:a9:84:e2:41:25:e8:39:a9:29:f7:dd:3f:ac:c6:2d:
55:a6:75:5a:6e:a9:0b:f2:90:95:52:2c:9c:8c:28:c4:0a:ff:
09:4f:0b:e1:97:40:b4:ed:5e:ea:82:db:be:61:af:3e:f5:27:
31:d1:3f:70:0b:3e:f4:c0:ad:38:77:4b:86:03:a7:16:a3:15:
39:38:76:74:b8:ac:9b:14:00:50:1b:db:85:ef:c5:6f:07:52:
68:9c:63:c0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZAiSH4QDrTxVdSQI7SpzARQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjQwNjE2MTgyMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWYxNTQ3YTY0MTcyY2I5MGY5YTI2MDgyY2ZjNjI0NDZiNzM2MmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4DO4r/ZdvUjGiC7+yrvcP+udSaKI
7ncf5yWUdJtY/e5hF1YPUNgJFlQ1IAPTjlhZXEZ76hdawe0pqBw1qbIMPweelXmW
lUCihuE54zWV8i2rBLZByt7Lw/tn6meUx0Kk0xepkCds5Karcn7C9PZbwBo1z8q5
qzJBtslmej6idLkKBGwIRQUDJcZiALVpX4jCKwBChEMZ7RtKRWW67qRVRcdCwQho
CPeRMTSC/2vQkVyJ0Mb7e1c4zbwXq23Yx4NOxIhjznSsdLTgPevi4/y5X8+qy3CX
ZFW94lwd+S4JiiYTnVRJHrN1HfS1dZAH0CQeuC5R2Ye1hs7uPH7hnq3txwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJHxVHpkFyy5D5omCCz8YkRrc2KrMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEva2ZGVWVtUVhMTGtQbWlZSUxQeGlSR3R6WXFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCU5MAAwQC
U5MQAwQAU5MVAwQAU5McAwQCU5MwMA0GCSqGSIb3DQEBCwUAA4IBAQCXD2EafBof
+yT4/9ETixlJcdS9XCE09Xx30SdRlKdGno4Jq5Sx74BXOpKg42CS6pHs0aBMbYxY
41ZiMfX/3f+JwE6qCF6UBG9PDVX41aXJoOsAHgdWEjrOUSaQl3WskyCrzrU4aY4q
gYxjMNu2pwKLKgm72IFd7ZBwzORh026R6p5YlkDrrwSwWbieDmHhOW/ALogSe6dJ
pI0RvAv1brB5lvz/xj+phOJBJeg5qSn33T+sxi1VpnVabqkL8pCVUiycjCjECv8J
Twvhl0C07V7qgtu+Ya8+9Scx0T9wCz70wK04d0uGA6cWoxU5OHZ0uKybFABQG9uF
78VvB1JonGPA
-----END CERTIFICATE-----
Generated at Mon Jul 1 22:13:54 2024 by rpki-client on console-ams.rpki-client.org