Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/CXtNEncQBa_umDrR_9j1Pg2tDh4.roa
File: CXtNEncQBa_umDrR_9j1Pg2tDh4.roa (raw, json)
Hash identifier: 3JVl4b50mK2c+QJrzzl3lKS/4lklNtDKBoacmMNG5j8=
Subject key identifier: 09:7B:4D:12:77:10:05:AF:EE:98:3A:D1:FF:D8:F5:3E:0D:AD:0E:1E
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 018DD03321578EF360C38C0517D5E8A970A4
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/CXtNEncQBa_umDrR_9j1Pg2tDh4.roa
Signing time: Thu 22 Feb 2024 09:43:48 +0000
ROA not before: Thu 22 Feb 2024 09:43:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136787
IP address blocks: 83.150.240.0/24 maxlen: 24
83.150.241.0/24 maxlen: 24
83.150.242.0/24 maxlen: 24
83.150.243.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 05:03:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d0:33:21:57:8e:f3:60:c3:8c:05:17:d5:e8:a9:70:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Feb 22 09:43:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=097b4d12771005afee983ad1ffd8f53e0dad0e1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:da:2b:2d:6a:31:e3:0a:de:76:e7:1c:08:25:
de:a7:cc:9b:e4:3f:81:b9:53:be:30:55:aa:19:f6:
c6:30:4c:16:12:b4:3a:ca:db:8a:c4:03:35:c5:80:
72:d5:13:9f:17:c6:80:eb:3b:b3:54:48:a6:04:9b:
49:92:65:7c:cb:bf:b2:6a:2d:03:01:eb:93:7b:36:
78:22:33:55:b9:19:0c:57:99:17:bd:46:33:a1:c7:
f4:43:1b:da:4c:06:2b:ba:e1:be:5c:ac:f7:c7:65:
cd:77:94:db:02:f5:44:80:47:b0:34:ae:0a:3e:11:
19:6b:0d:1c:fa:4c:cb:0c:58:d2:d1:ec:3f:c9:51:
85:ea:59:8e:5e:fa:70:1a:5d:26:d6:c0:0d:87:87:
c2:d4:83:ba:4a:72:dc:d6:a6:5a:cb:66:c3:9c:3e:
fc:90:ff:f7:c1:47:23:34:db:06:b1:34:7e:87:fd:
7e:05:ad:6a:39:48:63:0e:9c:26:0c:cc:84:74:0f:
4a:d7:a9:5f:a5:d9:f3:0a:01:4f:4d:b4:4c:ee:a6:
0f:ac:41:9a:21:46:e8:d6:3c:70:06:be:17:33:43:
7d:3c:79:2d:8d:da:7c:b8:d7:d5:a6:23:60:06:b0:
f3:d3:97:71:a0:17:f2:00:8b:e1:a1:eb:c6:5b:c8:
80:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:7B:4D:12:77:10:05:AF:EE:98:3A:D1:FF:D8:F5:3E:0D:AD:0E:1E
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/CXtNEncQBa_umDrR_9j1Pg2tDh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.150.240.0/22
Signature Algorithm: sha256WithRSAEncryption
21:33:27:d9:f3:7d:ed:76:47:f4:9e:fa:1d:e7:97:5b:f5:aa:
4f:ec:bb:c9:6b:4b:9c:02:84:da:c9:2b:b3:11:71:7e:f8:11:
98:8c:d5:58:74:91:0e:51:01:42:16:42:dd:cc:3e:4a:a3:52:
5f:11:34:b4:86:41:d8:9f:cd:22:d9:73:5f:b8:b4:0a:a6:06:
1b:f5:59:2b:f8:6f:85:f9:63:e4:f4:b1:a2:b2:df:c3:dc:ed:
21:76:91:b3:23:1c:cf:a1:12:10:19:df:58:04:75:28:73:e2:
ef:e3:19:85:50:9f:d3:4e:2c:e3:0c:86:5c:da:2a:40:36:43:
c9:4e:f1:bc:24:71:37:fc:47:e6:1b:37:ad:4a:c6:49:94:c6:
2c:bf:fb:9c:ba:89:9b:d1:fc:75:57:2d:58:ff:58:cf:74:cd:
7c:2e:1d:4c:e2:9f:de:da:ca:be:72:65:7b:2f:28:de:1f:f1:
aa:37:20:bd:f1:62:b5:a5:8a:ec:a9:6f:e1:eb:95:e1:c6:7c:
6f:d3:1e:26:f8:f6:cf:f9:1f:84:19:05:c8:5e:82:f7:00:a2:
d9:6f:17:d9:ee:18:78:b8:49:dd:e2:d9:67:e0:f6:e9:04:20:
29:0b:9d:9c:a6:d4:79:c7:b4:22:ec:57:ed:dd:03:55:17:fe:
83:3c:66:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3QMyFXjvNgw4wFF9XoqXCkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjQwMjIyMDk0MzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTdiNGQxMjc3MTAwNWFmZWU5ODNhZDFmZmQ4ZjUzZTBkYWQwZTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6NorLWox4wreduccCCXep8yb5D+B
uVO+MFWqGfbGMEwWErQ6ytuKxAM1xYBy1ROfF8aA6zuzVEimBJtJkmV8y7+yai0D
AeuTezZ4IjNVuRkMV5kXvUYzocf0QxvaTAYruuG+XKz3x2XNd5TbAvVEgEewNK4K
PhEZaw0c+kzLDFjS0ew/yVGF6lmOXvpwGl0m1sANh4fC1IO6SnLc1qZay2bDnD78
kP/3wUcjNNsGsTR+h/1+Ba1qOUhjDpwmDMyEdA9K16lfpdnzCgFPTbRM7qYPrEGa
IUbo1jxwBr4XM0N9PHktjdp8uNfVpiNgBrDz05dxoBfyAIvhoevGW8iArwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAl7TRJ3EAWv7pg60f/Y9T4NrQ4eMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvQ1h0TkVuY1FCYV91bURyUl85ajFQZzJ0RGg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCU5bwMA0G
CSqGSIb3DQEBCwUAA4IBAQAhMyfZ833tdkf0nvod55db9apP7LvJa0ucAoTaySuz
EXF++BGYjNVYdJEOUQFCFkLdzD5Ko1JfETS0hkHYn80i2XNfuLQKpgYb9Vkr+G+F
+WPk9LGist/D3O0hdpGzIxzPoRIQGd9YBHUoc+Lv4xmFUJ/TTizjDIZc2ipANkPJ
TvG8JHE3/EfmGzetSsZJlMYsv/ucuomb0fx1Vy1Y/1jPdM18Lh1M4p/e2sq+cmV7
LyjeH/GqNyC98WK1pYrsqW/h65Xhxnxv0x4m+PbP+R+EGQXIXoL3AKLZbxfZ7hh4
uEnd4tln4PbpBCApC52cptR5x7Qi7Fft3QNVF/6DPGYB
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:33 2025 by rpki-client