Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/tK8wHnoDJEDpXFN7g_kvU25kgd0.roa
File: tK8wHnoDJEDpXFN7g_kvU25kgd0.roa (raw, json)
Hash identifier: V8Ra9KtYiKY9g0A7xPSQvFUjSVI4quBMHkwy3bfqAqY=
Subject key identifier: B4:AF:30:1E:7A:03:24:40:E9:5C:53:7B:83:F9:2F:53:6E:64:81:DD
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 01879782C198E1B95E5B256CF4EF943DAC8B
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/tK8wHnoDJEDpXFN7g_kvU25kgd0.roa
Signing time: Wed 19 Apr 2023 03:15:41 +0000
ROA not before: Wed 19 Apr 2023 03:15:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 83.147.61.0/24 maxlen: 24
83.147.9.0/24 maxlen: 24
83.147.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Apr 2023 04:36:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:97:82:c1:98:e1:b9:5e:5b:25:6c:f4:ef:94:3d:ac:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Apr 19 03:15:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4af301e7a032440e95c537b83f92f536e6481dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:7b:20:ce:c5:78:65:97:8f:72:38:6f:64:be:
ce:87:5e:fe:33:94:98:4a:61:fd:0f:19:ff:fb:c4:
49:a5:9c:23:4d:97:a2:f0:1a:b9:51:5d:f3:51:d3:
a5:30:78:3a:70:f6:07:6b:47:49:ec:9c:fd:a2:67:
a9:88:90:c0:99:6b:09:e3:5c:b1:df:9a:df:da:eb:
16:99:a7:5a:02:10:14:4e:45:f6:ca:47:5e:97:12:
20:f7:70:da:a9:d9:59:48:a0:d1:ef:a2:82:f2:69:
9a:2f:43:c6:43:b5:4a:22:8b:ae:82:62:82:4d:54:
e4:3b:68:04:16:4d:83:d0:6c:aa:83:e8:81:8c:cc:
b4:96:57:18:b1:39:31:c5:d0:ab:44:6a:b5:26:ae:
20:be:59:df:bc:8f:50:82:61:95:54:19:92:b8:68:
e8:de:d2:fb:55:9c:e9:9b:a6:f2:00:12:70:7c:9a:
08:d9:0d:77:d1:31:74:47:cc:60:e1:4d:f0:87:dc:
61:b6:93:52:b5:3c:6d:df:4e:61:09:c7:64:0f:8f:
ea:7b:80:7d:7f:37:ac:2b:01:e5:3d:01:f5:64:a0:
99:cc:b8:77:36:1a:f3:39:6d:02:08:17:10:6c:7b:
3f:c8:71:e6:9d:c9:00:43:05:8c:ef:01:e4:66:f4:
c6:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:AF:30:1E:7A:03:24:40:E9:5C:53:7B:83:F9:2F:53:6E:64:81:DD
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/tK8wHnoDJEDpXFN7g_kvU25kgd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.9.0/24
83.147.27.0/24
83.147.61.0/24
Signature Algorithm: sha256WithRSAEncryption
12:60:ae:22:bc:1a:6a:e6:58:c1:34:71:52:d3:63:09:5d:93:
98:2b:c3:a8:0e:3d:d8:50:7a:8d:6f:f0:a3:ba:45:21:54:18:
fe:d6:9b:6c:12:a5:73:6b:ac:b9:1d:b2:22:f0:2e:ef:af:10:
2d:e9:13:52:df:5b:84:16:65:f4:f6:47:29:34:6b:e1:18:d4:
3d:d9:29:8a:90:2b:0e:cc:2f:e4:45:14:1c:59:94:f4:1f:73:
8b:c4:95:4d:bb:00:fc:a3:cc:6e:63:2d:34:bc:57:7e:47:89:
5e:15:aa:c8:09:16:41:6b:b3:6f:89:e6:3e:fc:ce:8c:72:ce:
0a:66:b0:13:e1:df:fe:66:ee:4c:f0:d3:db:08:ae:53:6b:b9:
22:b1:c2:05:33:69:5e:34:02:1e:80:14:53:23:3c:28:1d:5a:
20:db:94:4a:02:07:5c:fe:70:12:10:ca:0e:5d:e8:c4:dc:35:
91:61:25:44:9a:41:8c:fb:db:ec:28:18:0b:b3:8c:cd:64:54:
21:0d:1e:16:f2:9a:1b:30:6b:c6:8c:b8:69:06:ed:a7:2a:ad:
92:ba:63:07:b3:34:fe:59:ee:c0:81:ea:ff:68:92:15:5f:1a:
e0:6b:df:61:75:c7:ce:a4:90:43:be:6c:d9:d7:0d:27:77:bd:
f3:f2:47:56
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYeXgsGY4bleWyVs9O+UPayLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjMwNDE5MDMxNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGFmMzAxZTdhMDMyNDQwZTk1YzUzN2I4M2Y5MmY1MzZlNjQ4MWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhHsgzsV4ZZePcjhvZL7Oh17+M5SY
SmH9Dxn/+8RJpZwjTZei8Bq5UV3zUdOlMHg6cPYHa0dJ7Jz9omepiJDAmWsJ41yx
35rf2usWmadaAhAUTkX2ykdelxIg93DaqdlZSKDR76KC8mmaL0PGQ7VKIouugmKC
TVTkO2gEFk2D0Gyqg+iBjMy0llcYsTkxxdCrRGq1Jq4gvlnfvI9QgmGVVBmSuGjo
3tL7VZzpm6byABJwfJoI2Q130TF0R8xg4U3wh9xhtpNStTxt305hCcdkD4/qe4B9
fzesKwHlPQH1ZKCZzLh3NhrzOW0CCBcQbHs/yHHmnckAQwWM7wHkZvTG6wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLSvMB56AyRA6VxTe4P5L1NuZIHdMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvdEs4d0hub0RKRURwWEZON2dfa3ZVMjVrZ2QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAU5MJAwQA
U5MbAwQAU5M9MA0GCSqGSIb3DQEBCwUAA4IBAQASYK4ivBpq5ljBNHFS02MJXZOY
K8OoDj3YUHqNb/CjukUhVBj+1ptsEqVza6y5HbIi8C7vrxAt6RNS31uEFmX09kcp
NGvhGNQ92SmKkCsOzC/kRRQcWZT0H3OLxJVNuwD8o8xuYy00vFd+R4leFarICRZB
a7NvieY+/M6Mcs4KZrAT4d/+Zu5M8NPbCK5Ta7kiscIFM2leNAIegBRTIzwoHVog
25RKAgdc/nASEMoOXejE3DWRYSVEmkGM+9vsKBgLs4zNZFQhDR4W8pobMGvGjLhp
Bu2nKq2SumMHszT+We7Ager/aJIVXxrga99hdcfOpJBDvmzZ1w0nd73z8kdW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:50 2024 by rpki-client on console-fra.rpki-client.org