Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/qN-zM32UcRvU6znrZCEU2ivccXc.roa
File: qN-zM32UcRvU6znrZCEU2ivccXc.roa (raw, json)
Hash identifier: Ckio2+aNAklhTSSv57vschdFTqfDgAUXLFI11K+Fkxs=
Subject key identifier: A8:DF:B3:33:7D:94:71:1B:D4:EB:39:EB:64:21:14:DA:2B:DC:71:77
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 01877E7BE5A9B0C3E564AC86A7E552A80E99
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/qN-zM32UcRvU6znrZCEU2ivccXc.roa
Signing time: Fri 14 Apr 2023 06:37:41 +0000
ROA not before: Fri 14 Apr 2023 06:37:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 83.147.61.0/24 maxlen: 24
83.147.9.0/24 maxlen: 24
83.147.27.0/24 maxlen: 24
83.147.28.0/22 maxlen: 24
83.147.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Apr 2023 07:49:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7e:7b:e5:a9:b0:c3:e5:64:ac:86:a7:e5:52:a8:0e:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Apr 14 06:37:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8dfb3337d94711bd4eb39eb642114da2bdc7177
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ca:32:f1:63:d5:e0:47:a7:fd:dc:34:bf:b5:
97:46:9d:61:9b:dc:ef:ce:ef:7a:12:62:48:eb:6d:
24:72:98:1a:27:a0:18:e1:4b:39:73:02:4d:9b:34:
6b:13:1e:7e:5b:3b:d9:be:68:82:af:2d:13:7d:cd:
70:92:ae:bf:d3:6e:62:e1:63:92:9d:96:d3:be:bf:
bb:5e:87:b2:4e:a8:51:e0:f3:8a:f0:59:eb:81:54:
93:a9:3c:d0:65:cd:fc:f8:bc:dd:11:bc:04:ba:21:
5a:2f:5e:8c:df:87:7e:d6:c0:7d:37:b7:bd:a6:56:
bb:d9:87:cf:81:4e:47:fc:b5:1a:c6:d5:b9:a5:92:
d5:ad:5c:6b:24:e0:32:a3:af:cf:1d:7e:dd:2a:46:
c0:62:86:e3:9f:90:48:3e:41:df:34:b4:1c:6f:14:
59:b1:5d:f2:ce:57:78:3c:3a:03:00:6e:c4:71:10:
a7:5d:5a:55:00:0c:b1:ab:81:2a:bf:c2:ec:0c:1f:
a5:1a:c2:49:a5:61:7b:e3:ad:fe:98:8b:f4:cb:5c:
60:e7:bc:ef:9e:41:cc:26:80:f5:21:53:1f:31:b6:
0d:aa:72:14:47:d2:e1:ca:11:d0:6f:64:98:1b:34:
75:4a:9d:2e:46:13:63:fd:2b:aa:8d:83:5f:a1:c4:
78:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:DF:B3:33:7D:94:71:1B:D4:EB:39:EB:64:21:14:DA:2B:DC:71:77
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/qN-zM32UcRvU6znrZCEU2ivccXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.9.0/24
83.147.25.0/24
83.147.27.0-83.147.31.255
83.147.61.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:1e:2e:f8:80:c6:1c:08:d6:07:37:9d:68:a9:0d:4c:ca:5b:
a1:d8:7a:69:c3:49:fa:6d:16:47:2a:84:bc:c5:6f:de:8b:ee:
da:de:53:13:60:73:cc:0a:18:1b:03:05:f9:7a:54:6a:4c:f3:
77:46:3b:69:3f:25:3d:ba:fa:d1:50:47:2b:7e:8e:65:5b:e5:
d9:f6:93:19:87:bf:f7:50:05:4f:7f:03:77:3c:b5:5d:1e:34:
43:e2:10:10:19:3e:7a:11:d3:bc:8f:81:9d:44:2f:9b:0e:79:
82:11:e2:ec:cf:c1:8a:c5:70:3c:df:a9:d2:78:76:f0:a8:4e:
53:e0:22:2b:05:1b:71:5a:bd:a9:9c:c4:35:46:e5:56:3f:eb:
64:58:43:2a:30:c4:6f:c8:c0:a0:62:51:f8:0c:f8:d4:82:d3:
c9:32:9f:f3:33:48:18:48:37:9f:7a:42:56:72:a4:1c:38:0a:
7a:a5:82:62:71:34:e6:31:dd:dc:73:03:9e:84:32:a2:6b:20:
bd:9e:45:76:37:06:3d:65:82:8a:6e:8c:8a:c5:99:38:4d:0f:
63:52:4c:38:2a:2f:39:92:4f:d8:e8:7a:36:aa:04:c9:30:a9:
06:47:6f:b0:9e:16:65:97:0f:ab:d7:e7:91:51:0c:ad:96:2f:
a2:87:72:3c
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYd+e+WpsMPlZKyGp+VSqA6ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjMwNDE0MDYzNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGRmYjMzMzdkOTQ3MTFiZDRlYjM5ZWI2NDIxMTRkYTJiZGM3MTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMoy8WPV4Een/dw0v7WXRp1hm9zv
zu96EmJI620kcpgaJ6AY4Us5cwJNmzRrEx5+WzvZvmiCry0Tfc1wkq6/025i4WOS
nZbTvr+7XoeyTqhR4POK8FnrgVSTqTzQZc38+LzdEbwEuiFaL16M34d+1sB9N7e9
pla72YfPgU5H/LUaxtW5pZLVrVxrJOAyo6/PHX7dKkbAYobjn5BIPkHfNLQcbxRZ
sV3yzld4PDoDAG7EcRCnXVpVAAyxq4Eqv8LsDB+lGsJJpWF7463+mIv0y1xg57zv
nkHMJoD1IVMfMbYNqnIUR9LhyhHQb2SYGzR1Sp0uRhNj/SuqjYNfocR4EwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKjfszN9lHEb1Os562QhFNor3HF3MB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvcU4tek0zMlVjUnZVNnpuclpDRVUyaXZjY1hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAU5MJAwQA
U5MZMAwDBABTkxsDBAVTkwADBABTkz0wDQYJKoZIhvcNAQELBQADggEBAD0eLviA
xhwI1gc3nWipDUzKW6HYemnDSfptFkcqhLzFb96L7treUxNgc8wKGBsDBfl6VGpM
83dGO2k/JT26+tFQRyt+jmVb5dn2kxmHv/dQBU9/A3c8tV0eNEPiEBAZPnoR07yP
gZ1EL5sOeYIR4uzPwYrFcDzfqdJ4dvCoTlPgIisFG3FavamcxDVG5VY/62RYQyow
xG/IwKBiUfgM+NSC08kyn/MzSBhIN596QlZypBw4CnqlgmJxNOYx3dxzA56EMqJr
IL2eRXY3Bj1lgopujIrFmThND2NSTDgqLzmST9joejaqBMkwqQZHb7CeFmWXD6vX
55FRDK2WL6KHcjw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:50 2024 by rpki-client on console-fra.rpki-client.org