Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/qEFGZvVgyDLJbGvKdxf0O3UCMfU.roa
File: qEFGZvVgyDLJbGvKdxf0O3UCMfU.roa (raw, json)
Hash identifier: K8J+KMwmdGwugAyKX4Xzbq93cKYHj52JWyScKdVmhD4=
Subject key identifier: A8:41:46:66:F5:60:C8:32:C9:6C:6B:CA:77:17:F4:3B:75:02:31:F5
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 0188EDDAC041DA159E35AF4828B6507BBD85
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/qEFGZvVgyDLJbGvKdxf0O3UCMfU.roa
Signing time: Sat 24 Jun 2023 14:41:56 +0000
ROA not before: Sat 24 Jun 2023 14:41:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.186.194.0/23 maxlen: 24
91.186.216.0/22 maxlen: 24
94.241.168.0/21 maxlen: 24
178.253.40.0/22 maxlen: 24
83.147.240.0/22 maxlen: 24
83.147.244.0/22 maxlen: 24
83.147.252.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ed:da:c0:41:da:15:9e:35:af:48:28:b6:50:7b:bd:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jun 24 14:41:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8414666f560c832c96c6bca7717f43b750231f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b1:9f:db:90:8f:aa:2a:26:0a:14:0a:53:d3:
0b:99:9a:e8:e0:89:d7:1c:16:3e:42:ef:12:c5:0a:
0a:1e:ee:5e:dd:ab:a4:76:83:47:d3:bc:6e:b3:37:
2a:98:58:e9:3a:04:ba:e1:1e:d8:52:48:db:31:93:
23:1a:59:f8:be:e9:fb:a5:6d:ea:54:85:6b:ee:db:
0b:7f:74:d0:54:0f:4f:98:a6:96:57:37:d9:c1:34:
dc:2f:76:34:78:d4:e5:2e:8e:a6:60:10:30:f1:a6:
d1:a8:a5:a4:89:21:80:a7:e7:b3:d1:62:a3:96:33:
55:ab:ba:e6:d6:6e:06:00:a6:60:e7:07:ee:7a:c5:
0a:43:80:d6:e5:cc:0b:f3:29:e1:cc:75:c2:e3:fc:
3d:d9:1e:a1:b0:b4:55:88:fd:5c:47:dc:82:25:ed:
04:70:5c:c3:15:dd:b4:12:56:7f:15:e9:6d:17:fb:
e4:8a:20:22:9c:c6:66:2d:2b:91:62:05:38:ce:6f:
89:6a:30:50:d9:94:b6:61:5d:31:b3:76:4e:96:9d:
f6:0c:48:2f:5a:39:45:ac:fd:d8:94:d2:54:5e:9b:
ed:20:af:aa:d0:18:4c:f1:63:ef:3f:cf:06:49:0e:
d6:fa:7e:60:e9:1c:0f:af:63:95:94:57:04:60:db:
db:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:41:46:66:F5:60:C8:32:C9:6C:6B:CA:77:17:F4:3B:75:02:31:F5
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/qEFGZvVgyDLJbGvKdxf0O3UCMfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.240.0/21
83.147.252.0/22
91.186.194.0/23
91.186.216.0/22
94.241.168.0/21
178.253.40.0/22
Signature Algorithm: sha256WithRSAEncryption
72:e6:f6:be:36:27:66:f2:13:bf:66:14:cc:cc:ff:5a:1b:44:
f4:40:2c:52:f9:0f:6a:08:c5:41:d4:23:fe:cd:f2:eb:3e:cf:
ba:d5:69:d0:15:6c:b4:17:3c:99:59:52:b1:a6:f0:af:c0:89:
bb:91:cc:cb:fb:bd:bb:70:72:6d:60:a8:0f:de:dc:3a:41:d4:
bf:b1:b9:66:4b:1a:38:cf:2e:95:92:c2:51:e6:ad:1b:c1:05:
52:27:73:a6:e3:6c:26:1e:84:36:d0:dc:bd:dd:cc:14:85:0d:
7d:70:b7:91:f9:f2:12:0c:df:aa:fd:f4:7c:b6:f9:50:91:40:
2e:cf:30:69:0e:54:b3:17:7f:1c:ad:ab:ce:55:3f:d9:13:7a:
69:98:8e:ff:18:44:31:fd:a7:86:d7:e9:cc:62:ab:c7:76:52:
35:4a:bd:02:2f:b7:75:0e:27:80:36:aa:9a:c1:af:ff:a9:1c:
35:8f:5c:a9:7b:49:38:29:d6:70:a0:3d:19:f7:0a:77:1d:fe:
5c:1d:47:b3:04:dd:91:af:c9:42:67:70:e6:4f:8b:93:f7:38:
d0:82:ba:f3:da:b1:5d:ca:e4:15:0c:a5:99:b6:10:f8:b6:a9:
56:6d:9e:40:15:47:4a:f2:ad:d2:d4:85:56:36:16:ae:b7:59:
f8:01:8d:ab
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYjt2sBB2hWeNa9IKLZQe72FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwNjI0MTQ0MTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODQxNDY2NmY1NjBjODMyYzk2YzZiY2E3NzE3ZjQzYjc1MDIzMWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrGf25CPqiomChQKU9MLmZro4InX
HBY+Qu8SxQoKHu5e3aukdoNH07xuszcqmFjpOgS64R7YUkjbMZMjGln4vun7pW3q
VIVr7tsLf3TQVA9PmKaWVzfZwTTcL3Y0eNTlLo6mYBAw8abRqKWkiSGAp+ez0WKj
ljNVq7rm1m4GAKZg5wfuesUKQ4DW5cwL8ynhzHXC4/w92R6hsLRViP1cR9yCJe0E
cFzDFd20ElZ/FeltF/vkiiAinMZmLSuRYgU4zm+JajBQ2ZS2YV0xs3ZOlp32DEgv
WjlFrP3YlNJUXpvtIK+q0BhM8WPvP88GSQ7W+n5g6RwPr2OVlFcEYNvbSwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKhBRmb1YMgyyWxryncX9Dt1AjH1MB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvcUVGR1p2Vmd5RExKYkd2S2R4ZjBPM1VDTWZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDU5PwAwQC
U5P8AwQBW7rCAwQCW7rYAwQDXvGoAwQCsv0oMA0GCSqGSIb3DQEBCwUAA4IBAQBy
5va+Nidm8hO/ZhTMzP9aG0T0QCxS+Q9qCMVB1CP+zfLrPs+61WnQFWy0FzyZWVKx
pvCvwIm7kczL+727cHJtYKgP3tw6QdS/sblmSxo4zy6VksJR5q0bwQVSJ3Om42wm
HoQ20Ny93cwUhQ19cLeR+fISDN+q/fR8tvlQkUAuzzBpDlSzF38cravOVT/ZE3pp
mI7/GEQx/aeG1+nMYqvHdlI1Sr0CL7d1DieANqqawa//qRw1j1ype0k4KdZwoD0Z
9wp3Hf5cHUezBN2Rr8lCZ3DmT4uT9zjQgrrz2rFdyuQVDKWZthD4tqlWbZ5AFUdK
8q3S1IVWNhaut1n4AY2r
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:22 2023 by rpki-client on console.sobornost.net