Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/nrkaAzfKgIhFvdAMIBg7TOtUNqQ.roa
File: nrkaAzfKgIhFvdAMIBg7TOtUNqQ.roa (raw, json)
Hash identifier: 6DoY790BBEXLiVix/lacO4EZ3g/iqaB21z/TORL1p4I=
Subject key identifier: 9E:B9:1A:03:37:CA:80:88:45:BD:D0:0C:20:18:3B:4C:EB:54:36:A4
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 01877B805923E77B72D91819B8BDA31C19D1
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/nrkaAzfKgIhFvdAMIBg7TOtUNqQ.roa
Signing time: Thu 13 Apr 2023 16:43:41 +0000
ROA not before: Thu 13 Apr 2023 16:43:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 83.147.61.0/24 maxlen: 24
83.147.9.0/24 maxlen: 24
83.147.27.0/24 maxlen: 24
83.147.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Apr 2023 06:37:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7b:80:59:23:e7:7b:72:d9:18:19:b8:bd:a3:1c:19:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Apr 13 16:43:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9eb91a0337ca808845bdd00c20183b4ceb5436a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:46:ff:d7:b1:5a:e0:b9:00:9a:78:e3:ed:30:
83:7f:e9:26:2b:48:93:dd:c0:a5:ee:51:d1:5f:e9:
ac:5c:ae:45:63:9e:c7:f0:bd:41:67:bf:8e:f7:31:
2d:04:c4:0c:c6:3b:c1:88:e9:9e:df:c8:2c:62:de:
b0:4b:ba:08:c0:ee:53:22:8b:f2:cf:78:2a:ce:a6:
3c:1f:73:93:7e:9f:ee:45:ff:14:f0:39:c5:cc:0f:
bb:aa:a5:4b:6b:9e:73:ef:cc:47:ad:2f:b4:d7:17:
fa:bc:8d:a5:e3:52:4f:f6:6a:95:91:6c:61:b4:00:
70:15:14:69:03:82:c5:26:26:43:70:71:c4:1e:3c:
d1:b4:5d:b0:cc:70:e2:45:c6:a3:46:69:78:cc:78:
3c:c0:fc:ec:c0:ae:c6:93:21:8f:ba:ed:20:ce:04:
89:4a:e8:18:ef:16:07:54:d2:4a:38:f9:8f:f1:77:
13:68:ad:e0:bc:65:5a:14:ee:97:60:36:82:11:0d:
24:f1:df:f2:fb:d4:c6:6c:dc:56:ae:b4:27:2e:8a:
26:5f:18:43:92:7c:34:fa:7f:af:47:4e:7b:c9:a8:
cb:c0:ab:c1:3f:6f:44:bb:99:4a:71:97:b4:72:bb:
6b:13:86:ac:fd:ed:87:c6:52:70:64:1a:74:f1:40:
6f:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:B9:1A:03:37:CA:80:88:45:BD:D0:0C:20:18:3B:4C:EB:54:36:A4
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/nrkaAzfKgIhFvdAMIBg7TOtUNqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.9.0/24
83.147.25.0/24
83.147.27.0/24
83.147.61.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:6a:ba:8f:40:0b:1c:7c:ef:7e:8c:86:64:f1:80:6d:3e:fd:
45:f5:d2:82:3f:e3:07:05:b6:2f:ca:78:19:fe:71:76:dc:5e:
a3:5a:d7:e7:ab:1f:07:76:ff:97:fe:53:ea:64:eb:ef:c8:3f:
7e:b5:86:dc:18:3b:0e:c4:18:98:8b:45:cd:6d:82:5a:4a:88:
03:f4:f8:d7:1b:57:21:76:f0:d3:e2:d6:9d:b7:2e:4a:81:ae:
23:fe:30:87:cb:d7:2f:f1:38:81:ea:90:9b:ba:13:f6:0c:bd:
40:7a:67:96:0f:2a:ec:d8:b4:f6:13:de:e1:d2:42:61:2b:73:
2a:c5:7c:06:9d:25:c8:ff:5f:0b:13:9d:73:35:19:d6:1b:4c:
34:d0:89:08:e8:50:af:c2:8d:a6:3c:cb:0d:f8:63:eb:cc:d9:
b3:f8:29:ac:8a:81:7a:2e:5a:75:42:58:06:5f:30:97:7d:29:
22:1b:6f:85:26:8a:05:24:b5:97:22:db:4c:a2:7b:18:24:ca:
af:bc:e8:3b:0c:93:b9:35:58:02:5c:08:59:13:d6:00:ee:ee:
03:5f:40:61:0f:6b:6d:46:82:f0:65:16:a3:4d:17:7f:2e:8a:
47:b9:d0:dd:64:e4:79:2f:df:0f:a7:7f:16:cb:bb:71:f3:bf:
fa:06:c2:4a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYd7gFkj53ty2RgZuL2jHBnRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjMwNDEzMTY0MzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWI5MWEwMzM3Y2E4MDg4NDViZGQwMGMyMDE4M2I0Y2ViNTQzNmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUb/17Fa4LkAmnjj7TCDf+kmK0iT
3cCl7lHRX+msXK5FY57H8L1BZ7+O9zEtBMQMxjvBiOme38gsYt6wS7oIwO5TIovy
z3gqzqY8H3OTfp/uRf8U8DnFzA+7qqVLa55z78xHrS+01xf6vI2l41JP9mqVkWxh
tABwFRRpA4LFJiZDcHHEHjzRtF2wzHDiRcajRml4zHg8wPzswK7GkyGPuu0gzgSJ
SugY7xYHVNJKOPmP8XcTaK3gvGVaFO6XYDaCEQ0k8d/y+9TGbNxWrrQnLoomXxhD
knw0+n+vR057yajLwKvBP29Eu5lKcZe0crtrE4as/e2HxlJwZBp08UBvAwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJ65GgM3yoCIRb3QDCAYO0zrVDakMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvbnJrYUF6ZktnSWhGdmRBTUlCZzdUT3RVTnFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAU5MJAwQA
U5MZAwQAU5MbAwQAU5M9MA0GCSqGSIb3DQEBCwUAA4IBAQBOarqPQAscfO9+jIZk
8YBtPv1F9dKCP+MHBbYvyngZ/nF23F6jWtfnqx8Hdv+X/lPqZOvvyD9+tYbcGDsO
xBiYi0XNbYJaSogD9PjXG1chdvDT4tadty5Kga4j/jCHy9cv8TiB6pCbuhP2DL1A
emeWDyrs2LT2E97h0kJhK3MqxXwGnSXI/18LE51zNRnWG0w00IkI6FCvwo2mPMsN
+GPrzNmz+CmsioF6Llp1QlgGXzCXfSkiG2+FJooFJLWXIttMonsYJMqvvOg7DJO5
NVgCXAhZE9YA7u4DX0BhD2ttRoLwZRajTRd/LopHudDdZOR5L98Pp38Wy7tx87/6
BsJK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:01 2024 by rpki-client on console-ams.rpki-client.org