Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/npCQzLFcvVo1xT3FLIM-TD1tqYc.roa
File: npCQzLFcvVo1xT3FLIM-TD1tqYc.roa (raw, json)
Hash identifier: MpIOi35m4sETl+WwWJvkIoBSdgZfHcWMnmU1GiOSdkk=
Subject key identifier: 9E:90:90:CC:B1:5C:BD:5A:35:C5:3D:C5:2C:83:3E:4C:3D:6D:A9:87
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 01884BE69DBEBA3D4BA52D3AF8C151F84F6B
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/npCQzLFcvVo1xT3FLIM-TD1tqYc.roa
Signing time: Wed 24 May 2023 03:56:24 +0000
ROA not before: Wed 24 May 2023 03:56:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 83.147.56.0/22 maxlen: 22
83.147.61.0/24 maxlen: 24
83.147.23.0/24 maxlen: 24
83.147.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 May 2023 10:39:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:4b:e6:9d:be:ba:3d:4b:a5:2d:3a:f8:c1:51:f8:4f:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: May 24 03:56:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e9090ccb15cbd5a35c53dc52c833e4c3d6da987
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:8d:90:09:0b:a3:51:2c:f5:7e:7a:9b:75:00:
b3:65:00:b2:07:c9:a7:9a:28:bc:f7:13:72:a4:b1:
43:a8:f4:8e:39:b6:c7:2e:14:bb:ed:96:3b:00:f4:
dd:27:4b:93:6f:ea:de:50:6c:8e:ad:a7:15:81:69:
f5:52:1f:b5:7a:45:4e:12:a7:03:c5:ad:c4:db:15:
72:36:d7:6f:f0:a0:59:bd:36:37:1c:dd:97:46:1c:
95:e7:61:e3:7b:6a:ab:d6:20:9d:ed:f1:4e:97:b7:
b5:7d:a2:ab:d3:a1:38:51:d9:ed:7f:49:b1:00:64:
30:95:cf:9b:d1:75:f9:3d:87:12:78:c4:6d:cc:de:
ec:d1:f9:9d:19:af:2f:68:65:c7:76:5c:96:69:d8:
13:ee:31:e7:ee:42:b1:e8:d8:8a:66:35:52:2e:84:
e8:c3:dc:82:9c:cb:a1:d1:89:d0:17:82:8a:e4:a4:
97:fe:0d:8d:18:92:31:c9:40:16:ee:34:ec:11:56:
d9:a9:e7:60:d0:e7:eb:41:01:1a:d7:3e:42:ca:8b:
c4:9d:75:96:f1:cd:34:e6:42:fb:62:8f:1c:91:14:
5f:16:a1:74:e8:fe:c1:a2:90:53:23:25:f2:02:75:
66:4e:3c:f2:25:43:70:4b:55:7f:cb:29:06:d6:97:
44:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:90:90:CC:B1:5C:BD:5A:35:C5:3D:C5:2C:83:3E:4C:3D:6D:A9:87
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/npCQzLFcvVo1xT3FLIM-TD1tqYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.23.0/24
83.147.27.0/24
83.147.56.0/22
83.147.61.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:70:3b:68:f8:3c:1b:44:6c:43:8c:b4:7f:29:2a:0e:85:dd:
f1:3b:47:18:6a:fb:6b:cd:4f:67:9a:ad:9a:0d:3d:02:77:e8:
6c:be:7a:68:12:f6:3a:62:47:a4:71:1d:18:cb:89:2a:ca:32:
e8:9f:ec:cd:18:78:44:f6:b6:1c:68:31:1f:3b:90:23:d0:a3:
14:44:6c:78:8b:dc:bf:01:1f:6e:52:a3:f1:f1:43:e9:a2:02:
07:3b:f0:57:77:d5:67:07:1e:fb:e2:1c:45:b0:00:05:48:9a:
cc:91:f8:cb:3c:78:a6:bb:09:79:71:9e:5c:3e:e6:fc:d0:6f:
bf:09:49:b3:90:34:5a:7f:21:85:7d:3a:25:cd:5e:1d:60:f8:
9c:65:86:e1:58:50:09:44:28:f3:ce:88:ff:e1:5f:2d:11:65:
68:17:74:6b:68:ec:1c:37:0e:5e:4d:a1:20:c9:e5:46:d7:12:
32:16:be:c7:20:e3:ac:0d:0f:78:2b:69:c9:00:2f:39:e5:24:
97:a6:53:41:86:1d:e3:e4:f8:be:fc:8e:60:81:8d:6e:73:ac:
b2:21:5c:bf:f4:e9:00:78:57:6e:4c:ac:2e:25:a6:ee:de:be:
df:1e:0a:f2:55:7c:c5:b3:83:40:b0:8e:69:d9:ed:b1:3c:19:
72:23:5b:f9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYhL5p2+uj1LpS06+MFR+E9rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjMwNTI0MDM1NjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTkwOTBjY2IxNWNiZDVhMzVjNTNkYzUyYzgzM2U0YzNkNmRhOTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi42QCQujUSz1fnqbdQCzZQCyB8mn
mii89xNypLFDqPSOObbHLhS77ZY7APTdJ0uTb+reUGyOracVgWn1Uh+1ekVOEqcD
xa3E2xVyNtdv8KBZvTY3HN2XRhyV52Hje2qr1iCd7fFOl7e1faKr06E4Udntf0mx
AGQwlc+b0XX5PYcSeMRtzN7s0fmdGa8vaGXHdlyWadgT7jHn7kKx6NiKZjVSLoTo
w9yCnMuh0YnQF4KK5KSX/g2NGJIxyUAW7jTsEVbZqedg0OfrQQEa1z5CyovEnXWW
8c005kL7Yo8ckRRfFqF06P7BopBTIyXyAnVmTjzyJUNwS1V/yykG1pdExQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJ6QkMyxXL1aNcU9xSyDPkw9bamHMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvbnBDUXpMRmN2Vm8xeFQzRkxJTS1URDF0cVljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAU5MXAwQA
U5MbAwQCU5M4AwQAU5M9MA0GCSqGSIb3DQEBCwUAA4IBAQArcDto+DwbRGxDjLR/
KSoOhd3xO0cYavtrzU9nmq2aDT0Cd+hsvnpoEvY6YkekcR0Yy4kqyjLon+zNGHhE
9rYcaDEfO5Aj0KMURGx4i9y/AR9uUqPx8UPpogIHO/BXd9VnBx774hxFsAAFSJrM
kfjLPHimuwl5cZ5cPub80G+/CUmzkDRafyGFfTolzV4dYPicZYbhWFAJRCjzzoj/
4V8tEWVoF3RraOwcNw5eTaEgyeVG1xIyFr7HIOOsDQ94K2nJAC855SSXplNBhh3j
5Pi+/I5ggY1uc6yyIVy/9OkAeFduTKwuJabu3r7fHgryVXzFs4NAsI5p2e2xPBly
I1v5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:01 2024 by rpki-client on console-ams.rpki-client.org