Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/xJsFSlngmnSo8y6ELC5mXGMdo6o.roa
File: xJsFSlngmnSo8y6ELC5mXGMdo6o.roa (raw, json)
Hash identifier: p2bAcUW6FQQeuPN/6ovCMov7gtYa6te+eS3FlTvQ6Ik=
Subject key identifier: C4:9B:05:4A:59:E0:9A:74:A8:F3:2E:84:2C:2E:66:5C:63:1D:A3:AA
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 01891F1189FAE7CD3887EB973B16A6D2BB7F
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/xJsFSlngmnSo8y6ELC5mXGMdo6o.roa
Signing time: Tue 04 Jul 2023 04:03:10 +0000
ROA not before: Tue 04 Jul 2023 04:03:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 83.147.44.0/22 maxlen: 24
83.147.61.0/24 maxlen: 24
83.147.11.0/24 maxlen: 24
83.147.9.0/24 maxlen: 24
83.147.14.0/24 maxlen: 24
83.147.27.0/24 maxlen: 24
83.147.28.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1f:11:89:fa:e7:cd:38:87:eb:97:3b:16:a6:d2:bb:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Jul 4 04:03:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c49b054a59e09a74a8f32e842c2e665c631da3aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:bc:d7:e6:49:8a:cc:5e:c7:ed:71:bf:ce:37:
dd:96:50:ad:05:87:b4:d4:c3:8d:80:10:6f:98:2b:
0f:ee:b1:ae:d6:42:70:02:59:f5:88:ba:bf:1f:54:
49:08:ac:e5:07:ee:c0:5f:88:50:7a:43:74:e5:68:
70:92:d2:2a:b2:77:7e:7b:da:03:03:05:41:12:5d:
98:84:0a:60:d4:60:88:00:07:86:2e:ab:8e:20:c6:
98:a0:83:6a:27:1a:a2:ff:3b:9d:95:46:20:6c:9b:
59:47:d6:2f:5f:45:e4:30:7e:20:89:94:10:6d:e4:
5d:cd:e6:0a:5d:7f:f4:27:4d:30:25:87:e7:e9:b7:
dd:8e:c2:bd:8b:00:71:6f:85:22:b3:8d:e4:c9:fb:
81:c1:1c:94:e2:8a:8d:4c:67:e0:a1:94:fd:89:e5:
0e:5b:ff:82:6e:2a:01:77:50:af:10:4b:22:bc:00:
77:67:11:f9:89:68:9f:e4:c0:62:cd:ea:f5:c2:0c:
e0:0a:74:03:2d:89:ce:a9:fc:88:35:b5:ae:c9:a8:
ea:d8:92:69:b4:6c:6c:3a:1f:a8:79:38:03:58:23:
43:bd:41:05:70:97:cd:b5:76:43:97:8a:d4:49:32:
0e:10:f6:a9:09:93:a4:46:04:42:35:03:29:81:fb:
33:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:9B:05:4A:59:E0:9A:74:A8:F3:2E:84:2C:2E:66:5C:63:1D:A3:AA
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/xJsFSlngmnSo8y6ELC5mXGMdo6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.9.0/24
83.147.11.0/24
83.147.14.0/24
83.147.27.0-83.147.31.255
83.147.44.0/22
83.147.61.0/24
Signature Algorithm: sha256WithRSAEncryption
60:11:d6:02:2a:1c:1b:46:ed:ea:a7:6d:8a:61:21:25:79:c4:
e1:fc:32:68:b2:2c:5c:ed:7c:e7:06:a2:80:fd:64:0e:d3:b0:
d8:c8:de:40:10:eb:fa:62:e9:60:c4:ae:6f:f6:a0:3b:d8:31:
7b:13:db:02:b7:f9:96:c4:57:cd:ef:a5:63:a4:28:98:f5:ab:
f7:e0:a5:c0:1f:cf:2b:27:f6:b8:1f:eb:7b:7d:71:b5:5d:1b:
40:f2:70:0e:5d:47:8c:fd:6d:ac:3e:e0:ed:2d:2f:d5:94:c2:
9f:a8:7a:cd:ec:0e:74:fc:2b:4a:31:9b:1c:7a:15:72:9f:ca:
07:bc:1e:34:27:fa:3c:b3:4f:65:cc:00:b3:09:6a:ec:72:94:
89:87:5a:a9:96:4b:8b:2c:1a:e9:04:3e:a7:38:00:ca:0d:f0:
1d:01:ef:1d:fc:96:69:d9:3f:1d:a9:3b:3f:7e:0a:86:ec:c9:
35:43:c2:f8:60:54:f4:38:6a:a5:c7:48:78:26:d4:0f:ef:07:
14:35:b5:59:2e:b9:01:69:77:ba:32:4f:13:ab:bc:fa:d6:a1:
95:09:b3:f1:d3:f0:0a:ba:f2:d2:0e:70:e6:04:1f:42:2f:44:
ab:78:18:ae:bc:25:c1:f0:21:de:74:d3:26:97:6d:b1:a7:da:
22:a8:0f:de
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYkfEYn65804h+uXOxam0rt/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjMwNzA0MDQwMzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDliMDU0YTU5ZTA5YTc0YThmMzJlODQyYzJlNjY1YzYzMWRhM2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobzX5kmKzF7H7XG/zjfdllCtBYe0
1MONgBBvmCsP7rGu1kJwAln1iLq/H1RJCKzlB+7AX4hQekN05WhwktIqsnd+e9oD
AwVBEl2YhApg1GCIAAeGLquOIMaYoINqJxqi/zudlUYgbJtZR9YvX0XkMH4giZQQ
beRdzeYKXX/0J00wJYfn6bfdjsK9iwBxb4Uis43kyfuBwRyU4oqNTGfgoZT9ieUO
W/+CbioBd1CvEEsivAB3ZxH5iWif5MBizer1wgzgCnQDLYnOqfyINbWuyajq2JJp
tGxsOh+oeTgDWCNDvUEFcJfNtXZDl4rUSTIOEPapCZOkRgRCNQMpgfsz0wIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFMSbBUpZ4Jp0qPMuhCwuZlxjHaOqMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEveEpzRlNsbmdtblNvOHk2RUxDNW1YR01kbzZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAU5MJAwQA
U5MLAwQAU5MOMAwDBABTkxsDBAVTkwADBAJTkywDBABTkz0wDQYJKoZIhvcNAQEL
BQADggEBAGAR1gIqHBtG7eqnbYphISV5xOH8MmiyLFztfOcGooD9ZA7TsNjI3kAQ
6/pi6WDErm/2oDvYMXsT2wK3+ZbEV83vpWOkKJj1q/fgpcAfzysn9rgf63t9cbVd
G0DycA5dR4z9baw+4O0tL9WUwp+oes3sDnT8K0oxmxx6FXKfyge8HjQn+jyzT2XM
ALMJauxylImHWqmWS4ssGukEPqc4AMoN8B0B7x38lmnZPx2pOz9+CobsyTVDwvhg
VPQ4aqXHSHgm1A/vBxQ1tVkuuQFpd7oyTxOrvPrWoZUJs/HT8Aq68tIOcOYEH0Iv
RKt4GK68JcHwId500yaXbbGn2iKoD94=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:42 2023 by rpki-client on console-fra.rpki-client.org