Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/zpxkqZYtgu59u6dhXDeV3oijMio.roa
File: zpxkqZYtgu59u6dhXDeV3oijMio.roa (raw, json)
Hash identifier: vD8dQS06/jXRXBLMxcffmd/hNpsPX8IU1kHoqAru7P4=
Subject key identifier: CE:9C:64:A9:96:2D:82:EE:7D:BB:A7:61:5C:37:95:DE:88:A3:32:2A
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 01879CF34678AAADB06EC97C2DA7B2F1AACB
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/zpxkqZYtgu59u6dhXDeV3oijMio.roa
Signing time: Thu 20 Apr 2023 04:36:41 +0000
ROA not before: Thu 20 Apr 2023 04:36:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 83.147.40.0/22 maxlen: 24
83.147.61.0/24 maxlen: 24
83.147.9.0/24 maxlen: 24
83.147.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Apr 2023 07:57:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9c:f3:46:78:aa:ad:b0:6e:c9:7c:2d:a7:b2:f1:aa:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Apr 20 04:36:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce9c64a9962d82ee7dbba7615c3795de88a3322a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d2:0e:94:50:71:87:5d:53:08:be:9b:6b:2b:
36:63:65:9d:89:9d:42:c2:14:39:72:dd:fa:af:1b:
f4:0d:7b:cc:da:6c:14:67:6f:8f:fc:3b:e5:fb:34:
ad:ce:d5:7a:f8:f4:37:c3:1a:ed:fd:95:b5:66:d3:
fd:2b:d6:25:35:e6:3a:95:47:c3:2f:8c:19:d7:f3:
01:2c:be:c2:72:ca:5e:cc:7a:5d:32:7d:18:0e:15:
22:1a:f4:40:e5:5f:b3:f0:49:33:9e:36:73:87:42:
7a:df:b2:88:13:50:1e:5e:48:e4:5f:54:4a:23:df:
4b:d2:7e:2e:e6:f9:2d:5a:00:f3:0b:69:14:a5:cc:
71:0e:71:8c:75:9a:1b:bf:08:24:86:e9:ac:6f:2c:
e9:88:39:69:39:b9:a2:19:93:8b:7e:ff:f5:09:5a:
09:d4:9f:88:50:9f:77:ea:98:75:cf:a2:51:b4:13:
a9:7f:b7:1d:4d:e0:ef:6d:22:1b:0e:1e:c0:2a:1e:
d2:fe:29:55:b9:e0:de:37:6b:ba:b9:3d:78:a4:bf:
0d:b1:ed:0b:a8:eb:7f:d4:8e:74:2e:68:2d:61:a1:
1e:4e:9f:b9:e9:3e:a4:36:11:1e:7c:6b:a8:b3:2a:
55:cf:76:52:57:6e:48:a5:2c:f3:b6:92:88:79:6d:
cd:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:9C:64:A9:96:2D:82:EE:7D:BB:A7:61:5C:37:95:DE:88:A3:32:2A
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/zpxkqZYtgu59u6dhXDeV3oijMio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.9.0/24
83.147.27.0/24
83.147.40.0/22
83.147.61.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:58:e0:60:8a:2e:44:be:c9:0d:9f:8c:63:e5:2d:04:1f:65:
ff:84:e0:39:72:4f:81:a5:94:3e:44:4e:74:bd:61:22:8a:4c:
00:db:f1:96:11:8e:ae:f2:73:ee:d0:46:49:9a:64:87:52:96:
eb:c1:cf:cc:d3:db:6e:91:56:10:f6:3c:a8:2e:ce:48:34:b6:
36:51:ae:df:0d:ef:db:49:26:a6:c1:2b:d1:b0:7b:d2:77:6b:
be:9e:1b:b7:da:08:e0:bd:97:5f:e3:21:98:d2:4b:7e:7a:9a:
b4:8e:98:59:09:b7:ad:ff:13:82:ac:2a:a6:cf:8d:58:bd:24:
bb:9e:dc:cc:64:f0:a3:3d:82:d7:f8:34:4b:55:32:98:45:4a:
d1:79:90:78:14:4b:bf:ac:68:95:2d:50:80:57:25:d1:47:3a:
b5:52:ee:fb:ba:87:11:81:a7:5e:7a:77:72:de:3e:50:b1:5b:
1c:e7:76:e7:85:26:fb:21:fe:5c:97:80:40:3b:b0:11:43:d7:
f2:f7:30:74:e1:8a:a7:1b:c4:84:cd:17:24:27:76:4b:45:30:
6e:bc:7c:03:a6:a5:ea:24:62:c1:20:c0:32:bf:6c:61:7f:e3:
e3:36:04:ea:92:43:71:b7:05:2d:cc:76:17:ac:95:9f:b9:7f:
60:30:fb:e6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYec80Z4qq2wbsl8Laey8arLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjMwNDIwMDQzNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTljNjRhOTk2MmQ4MmVlN2RiYmE3NjE1YzM3OTVkZTg4YTMzMjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdIOlFBxh11TCL6bays2Y2WdiZ1C
whQ5ct36rxv0DXvM2mwUZ2+P/Dvl+zStztV6+PQ3wxrt/ZW1ZtP9K9YlNeY6lUfD
L4wZ1/MBLL7CcspezHpdMn0YDhUiGvRA5V+z8EkznjZzh0J637KIE1AeXkjkX1RK
I99L0n4u5vktWgDzC2kUpcxxDnGMdZobvwgkhumsbyzpiDlpObmiGZOLfv/1CVoJ
1J+IUJ936ph1z6JRtBOpf7cdTeDvbSIbDh7AKh7S/ilVueDeN2u6uT14pL8Nse0L
qOt/1I50LmgtYaEeTp+56T6kNhEefGuosypVz3ZSV25IpSzztpKIeW3NmQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM6cZKmWLYLufbunYVw3ld6IozIqMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvenB4a3FaWXRndTU5dTZkaFhEZVYzb2lqTWlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAU5MJAwQA
U5MbAwQCU5MoAwQAU5M9MA0GCSqGSIb3DQEBCwUAA4IBAQAsWOBgii5EvskNn4xj
5S0EH2X/hOA5ck+BpZQ+RE50vWEiikwA2/GWEY6u8nPu0EZJmmSHUpbrwc/M09tu
kVYQ9jyoLs5INLY2Ua7fDe/bSSamwSvRsHvSd2u+nhu32gjgvZdf4yGY0kt+epq0
jphZCbet/xOCrCqmz41YvSS7ntzMZPCjPYLX+DRLVTKYRUrReZB4FEu/rGiVLVCA
VyXRRzq1Uu77uocRgadeendy3j5QsVsc53bnhSb7If5cl4BAO7ARQ9fy9zB04Yqn
G8SEzRckJ3ZLRTBuvHwDpqXqJGLBIMAyv2xhf+PjNgTqkkNxtwUtzHYXrJWfuX9g
MPvm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:51 2024 by rpki-client on console-fra.rpki-client.org