Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/wf3DSbI0Ca7Qmg3Hkw-CmSxpvOM.roa
File: wf3DSbI0Ca7Qmg3Hkw-CmSxpvOM.roa (raw, json)
Hash identifier: McVMDjzoqJ8hLlj5r8dJuV2pWq+X7EOB4mCTJUoE3qk=
Subject key identifier: C1:FD:C3:49:B2:34:09:AE:D0:9A:0D:C7:93:0F:82:99:2C:69:BC:E3
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 018CBFE448EF97569FB101E70E43CDAAE861
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/wf3DSbI0Ca7Qmg3Hkw-CmSxpvOM.roa
Signing time: Sun 31 Dec 2023 12:40:58 +0000
ROA not before: Sun 31 Dec 2023 12:40:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 83.147.0.0/22 maxlen: 24
83.147.29.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:bf:e4:48:ef:97:56:9f:b1:01:e7:0e:43:cd:aa:e8:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Dec 31 12:40:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c1fdc349b23409aed09a0dc7930f82992c69bce3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:fe:43:04:f3:d2:14:00:75:57:84:7a:12:cd:
2c:0b:41:fa:e5:cb:9e:e4:56:1b:26:a0:87:96:f7:
99:b9:28:c4:bf:10:f6:72:35:c1:b6:a1:10:da:2b:
d8:27:0f:34:92:65:e9:a8:aa:30:82:e9:2a:c3:46:
99:2c:ee:cc:0b:ee:43:ec:54:4d:07:50:26:7a:cf:
94:f3:ae:af:97:1e:e2:5b:3d:5b:2f:a7:da:eb:f2:
95:31:c3:73:7c:41:80:8f:bd:5d:21:00:30:76:9b:
c2:f7:23:89:16:68:b1:b6:9f:75:4c:45:34:38:13:
95:0d:82:b5:85:e7:23:26:c7:bd:6d:48:2d:90:8d:
b3:85:83:3a:e2:4e:2b:8a:12:50:b6:34:dd:cb:20:
89:a0:b2:88:9d:94:b3:65:c5:02:6c:95:a0:9b:b0:
ee:f6:45:e7:c1:f2:bb:64:a8:29:70:01:6d:ac:49:
21:c5:42:14:5d:47:c2:9b:77:f8:bc:96:b8:53:71:
c1:f5:69:37:d2:34:be:f6:79:93:f4:fd:51:d7:aa:
1a:20:25:2c:bf:49:b7:18:63:73:18:64:1c:51:c2:
e9:01:b4:19:d1:8e:5e:e0:b9:39:36:30:5e:e5:54:
e2:96:01:21:87:3a:72:6c:b5:70:1b:68:90:5d:60:
f7:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:FD:C3:49:B2:34:09:AE:D0:9A:0D:C7:93:0F:82:99:2C:69:BC:E3
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/wf3DSbI0Ca7Qmg3Hkw-CmSxpvOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.0.0/22
83.147.29.0/24
Signature Algorithm: sha256WithRSAEncryption
03:87:c5:00:c6:08:33:e7:ea:1b:9b:9b:71:d4:70:6d:64:1a:
fb:22:f5:ee:49:ef:90:c8:ab:bc:5b:5f:5a:2b:8c:66:6e:05:
2e:ed:78:02:5a:e4:65:5f:62:f8:5f:cf:2a:98:bf:dc:c2:80:
b0:84:ac:10:60:32:81:ea:58:39:64:d5:56:3b:09:8f:be:d7:
60:b8:13:95:b1:d9:c0:e3:13:83:06:20:bb:d6:f3:50:da:d8:
9c:e8:56:72:b5:f4:9c:b4:af:09:61:06:08:b8:f3:f2:d0:c3:
24:04:4d:e9:2f:f7:e5:52:6a:58:c7:7c:9c:01:da:78:a1:a4:
bc:f1:3f:22:b3:f3:cc:0b:63:d6:f8:9f:1c:d9:7a:9d:7e:3c:
fc:1e:0e:8a:fa:21:1c:f2:63:ce:d2:69:5a:ca:93:e9:76:38:
64:bf:8c:8c:b5:fb:ea:ab:28:0f:7d:54:fc:c1:60:ae:35:53:
29:76:a0:3c:be:3c:a9:09:e5:ea:b6:f4:78:ad:43:5a:54:27:
1c:47:2f:aa:34:b9:fa:9b:19:d4:83:d9:30:8a:65:b9:a1:2b:
44:3c:d4:f4:0f:da:5c:e5:9f:c8:c3:50:7a:72:69:e4:00:79:
3f:3b:44:80:80:e6:cd:35:87:e1:79:ea:e5:82:71:bc:d8:53:
e1:c8:3a:a7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYy/5Ejvl1afsQHnDkPNquhhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjMxMjMxMTI0MDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWZkYzM0OWIyMzQwOWFlZDA5YTBkYzc5MzBmODI5OTJjNjliY2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAov5DBPPSFAB1V4R6Es0sC0H65cue
5FYbJqCHlveZuSjEvxD2cjXBtqEQ2ivYJw80kmXpqKowgukqw0aZLO7MC+5D7FRN
B1Ames+U866vlx7iWz1bL6fa6/KVMcNzfEGAj71dIQAwdpvC9yOJFmixtp91TEU0
OBOVDYK1hecjJse9bUgtkI2zhYM64k4rihJQtjTdyyCJoLKInZSzZcUCbJWgm7Du
9kXnwfK7ZKgpcAFtrEkhxUIUXUfCm3f4vJa4U3HB9Wk30jS+9nmT9P1R16oaICUs
v0m3GGNzGGQcUcLpAbQZ0Y5e4Lk5NjBe5VTilgEhhzpybLVwG2iQXWD3nwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMH9w0myNAmu0JoNx5MPgpksabzjMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvd2YzRFNiSTBDYTdRbWczSGt3LUNtU3hwdk9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCU5MAAwQA
U5MdMA0GCSqGSIb3DQEBCwUAA4IBAQADh8UAxggz5+obm5tx1HBtZBr7IvXuSe+Q
yKu8W19aK4xmbgUu7XgCWuRlX2L4X88qmL/cwoCwhKwQYDKB6lg5ZNVWOwmPvtdg
uBOVsdnA4xODBiC71vNQ2tic6FZytfSctK8JYQYIuPPy0MMkBE3pL/flUmpYx3yc
Adp4oaS88T8is/PMC2PW+J8c2Xqdfjz8Hg6K+iEc8mPO0mlaypPpdjhkv4yMtfvq
qygPfVT8wWCuNVMpdqA8vjypCeXqtvR4rUNaVCccRy+qNLn6mxnUg9kwimW5oStE
PNT0D9pc5Z/Iw1B6cmnkAHk/O0SAgObNNYfheerlgnG82FPhyDqn
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:36:05 2024 by rpki-client on console-ams.rpki-client.org