Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/z-xM8wkROYdAFr6bk4yKR6E-kak.roa
File: z-xM8wkROYdAFr6bk4yKR6E-kak.roa (raw, json)
Hash identifier: iA+XJ/EiC49wau7MCF+/FpJJQ1Fd6bhtR+v8/P5MCl0=
Subject key identifier: CF:EC:4C:F3:09:11:39:87:40:16:BE:9B:93:8C:8A:47:A1:3E:91:A9
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 0191731F15D1FDC6F2058E091E12C83CFA6A
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/z-xM8wkROYdAFr6bk4yKR6E-kak.roa
Signing time: Wed 21 Aug 2024 04:08:22 +0000
ROA not before: Wed 21 Aug 2024 04:08:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.16.0/22 maxlen: 24
83.147.21.0/24 maxlen: 24
83.147.26.0/23 maxlen: 24
83.147.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Sep 2024 05:02:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:73:1f:15:d1:fd:c6:f2:05:8e:09:1e:12:c8:3c:fa:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Aug 21 04:08:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cfec4cf3091139874016be9b938c8a47a13e91a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:8c:cd:06:d4:33:46:c4:c3:d6:25:80:0d:29:
ec:c2:8b:52:70:b0:1d:e0:b6:85:43:f3:14:7d:f6:
e3:ff:a3:a3:c8:a7:36:96:d0:b2:ef:09:08:a5:0a:
e0:5e:f2:70:5a:85:8d:af:aa:ad:d8:e5:ab:d1:ee:
ad:7a:9b:88:7e:73:a8:3b:f2:f7:c1:9b:c2:14:93:
27:dc:b9:e1:90:13:f4:f6:5e:2d:7b:c4:b7:bb:ab:
b5:0a:05:a7:0b:c0:fe:95:a7:5d:a4:9b:30:46:38:
93:af:de:dc:66:f6:cf:14:c1:2d:0e:d0:8e:75:ee:
2d:85:e4:da:d7:8e:e0:54:5b:2b:07:d7:9d:86:d5:
f4:74:53:83:d6:2f:08:5e:69:4a:66:82:0e:08:b1:
26:a4:82:69:5d:2a:44:3f:b4:84:a4:cf:c8:08:35:
cf:39:37:2f:2e:d1:c2:ae:76:85:42:6f:ec:bb:52:
db:61:57:99:4d:c2:0b:b4:7f:fb:13:6a:fc:b6:04:
a8:df:a2:69:1d:a2:bf:6d:60:56:06:f3:02:01:eb:
36:3e:be:1b:32:82:08:8a:72:65:d9:bd:55:9c:6b:
b7:d1:90:09:0c:98:c7:98:d2:10:e3:11:b6:23:cc:
91:60:c5:d7:2d:ee:ab:15:a5:5d:98:76:ce:97:7d:
fb:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:EC:4C:F3:09:11:39:87:40:16:BE:9B:93:8C:8A:47:A1:3E:91:A9
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/z-xM8wkROYdAFr6bk4yKR6E-kak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.16.0/22
83.147.21.0/24
83.147.26.0-83.147.28.255
Signature Algorithm: sha256WithRSAEncryption
4a:d9:f5:c5:28:13:6e:d3:42:ed:d0:d6:6f:1c:52:e2:f8:39:
fe:6a:a8:a1:d2:19:ee:84:71:68:f9:3e:ab:01:f7:f9:c0:7c:
87:1a:42:cb:09:7f:c5:cf:23:30:70:d2:cb:60:32:72:ec:0b:
b5:f2:aa:f6:42:01:7b:00:55:82:6c:c4:2b:ca:57:4e:cb:59:
e8:1c:60:86:00:38:93:dd:4f:b9:69:68:8b:0a:50:b0:3f:c3:
ad:be:f0:67:d3:30:11:4b:90:6f:7c:20:99:ba:db:11:17:32:
e1:de:a2:5f:b4:9c:2f:ef:98:7f:7e:d2:44:87:be:ef:e8:0d:
2d:61:2c:47:f8:c6:7b:5f:c7:49:5f:17:96:1b:05:3b:af:a1:
1a:63:8c:86:f1:ab:0e:9e:f6:6a:c9:13:97:38:c5:fd:47:19:
7c:62:bf:52:9f:c2:4c:f8:5e:19:83:6f:43:6d:1a:57:66:40:
66:7e:37:d9:9b:9c:8f:66:37:91:3e:27:94:66:4b:35:18:6a:
98:ce:b0:fa:b2:15:f4:83:53:09:25:dd:a9:09:59:5f:ab:20:
5c:65:c0:46:b2:d7:62:c2:13:83:6e:5a:0a:28:3f:da:48:ee:
2e:05:4c:f8:22:ab:5b:21:06:d9:ab:c9:8f:c0:28:ac:7e:75:
02:4b:8b:38
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZFzHxXR/cbyBY4JHhLIPPpqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjQwODIxMDQwODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmVjNGNmMzA5MTEzOTg3NDAxNmJlOWI5MzhjOGE0N2ExM2U5MWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIzNBtQzRsTD1iWADSnswotScLAd
4LaFQ/MUffbj/6OjyKc2ltCy7wkIpQrgXvJwWoWNr6qt2OWr0e6tepuIfnOoO/L3
wZvCFJMn3LnhkBP09l4te8S3u6u1CgWnC8D+laddpJswRjiTr97cZvbPFMEtDtCO
de4theTa147gVFsrB9edhtX0dFOD1i8IXmlKZoIOCLEmpIJpXSpEP7SEpM/ICDXP
OTcvLtHCrnaFQm/su1LbYVeZTcILtH/7E2r8tgSo36JpHaK/bWBWBvMCAes2Pr4b
MoIIinJl2b1VnGu30ZAJDJjHmNIQ4xG2I8yRYMXXLe6rFaVdmHbOl337WwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFM/sTPMJETmHQBa+m5OMikehPpGpMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvei14TTh3a1JPWWRBRnI2Yms0eUtSNkUta2FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCU5MQAwQA
U5MVMAwDBAFTkxoDBABTkxwwDQYJKoZIhvcNAQELBQADggEBAErZ9cUoE27TQu3Q
1m8cUuL4Of5qqKHSGe6EcWj5PqsB9/nAfIcaQssJf8XPIzBw0stgMnLsC7XyqvZC
AXsAVYJsxCvKV07LWegcYIYAOJPdT7lpaIsKULA/w62+8GfTMBFLkG98IJm62xEX
MuHeol+0nC/vmH9+0kSHvu/oDS1hLEf4xntfx0lfF5YbBTuvoRpjjIbxqw6e9mrJ
E5c4xf1HGXxiv1Kfwkz4XhmDb0NtGldmQGZ+N9mbnI9mN5E+J5RmSzUYapjOsPqy
FfSDUwkl3akJWV+rIFxlwEay12LCE4NuWgooP9pI7i4FTPgiq1shBtmryY/AKKx+
dQJLizg=
Generated at Mon Sep 2 05:50:28 2024 by rpki-client on console-fra.rpki-client.org