Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/0kqWYHk2gqWqaFbPvCj0v-XoQgA.roa
File: 0kqWYHk2gqWqaFbPvCj0v-XoQgA.roa (raw, json)
Hash identifier: vz66UpJzDwQYCq7+8jxpzFrAGwvXDNc+JtohviOvdNc=
Subject key identifier: D2:4A:96:60:79:36:82:A5:AA:68:56:CF:BC:28:F4:BF:E5:E8:42:00
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 01891C26795474B927616355AA703263F003
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/0kqWYHk2gqWqaFbPvCj0v-XoQgA.roa
Signing time: Mon 03 Jul 2023 14:27:10 +0000
ROA not before: Mon 03 Jul 2023 14:27:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 83.147.44.0/22 maxlen: 24
83.147.61.0/24 maxlen: 24
83.147.11.0/24 maxlen: 24
83.147.9.0/24 maxlen: 24
83.147.14.0/24 maxlen: 24
83.147.23.0/24 maxlen: 24
83.147.27.0/24 maxlen: 24
83.147.28.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1c:26:79:54:74:b9:27:61:63:55:aa:70:32:63:f0:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Jul 3 14:27:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d24a9660793682a5aa6856cfbc28f4bfe5e84200
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f6:26:1d:90:8f:2c:cb:04:a5:9f:b7:83:99:
93:71:fa:78:2c:e9:33:72:ad:0d:76:0a:92:89:07:
aa:ef:42:63:16:20:52:9b:77:74:f6:90:3c:5d:e8:
b4:fd:0a:52:8c:c8:9e:92:8a:54:1c:da:f9:1c:78:
37:4a:d1:10:75:da:6b:9e:0c:69:1d:4e:31:3c:c0:
b5:87:a2:dd:be:17:b5:be:60:40:c7:f4:a6:05:97:
4a:83:77:39:5a:7b:0e:5e:f7:b6:2a:08:52:63:1a:
b0:1f:12:25:5b:55:9b:03:f5:ae:b5:de:6d:72:d0:
8f:e5:3a:04:bd:bd:69:45:c4:fc:7b:5e:c3:72:40:
00:4a:73:77:15:ce:65:d2:1f:83:1b:e0:51:27:c9:
f4:ae:4b:13:df:ea:51:c1:7d:61:c5:bd:b7:9b:1d:
f0:9c:98:3b:4a:70:49:48:f5:79:79:6e:5f:e2:2f:
88:0c:84:6a:44:8a:84:cd:ac:3b:e9:48:b5:18:aa:
6f:f7:7b:51:95:00:26:e6:7e:47:ad:8c:41:8d:b1:
fb:7c:d1:5c:34:94:ff:60:ac:58:e7:06:23:38:5a:
48:9c:2f:df:10:0d:6e:cf:00:2a:d5:a1:1a:04:f4:
46:2a:98:f6:0e:8a:53:ab:da:5b:fd:42:7f:9e:88:
38:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:4A:96:60:79:36:82:A5:AA:68:56:CF:BC:28:F4:BF:E5:E8:42:00
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/0kqWYHk2gqWqaFbPvCj0v-XoQgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.9.0/24
83.147.11.0/24
83.147.14.0/24
83.147.23.0/24
83.147.27.0-83.147.31.255
83.147.44.0/22
83.147.61.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:3e:d7:cb:cd:07:ea:96:df:a6:01:1a:c9:56:2c:c6:0b:72:
ab:8b:b6:13:3b:95:d8:7e:e7:73:88:97:97:35:3e:1d:bc:2e:
e1:70:74:40:12:ed:ed:f1:df:e6:58:bd:a9:aa:6d:f1:e7:3e:
75:42:b7:ce:63:14:62:b9:1f:c0:30:d7:8c:b3:4e:8d:01:c0:
a3:0b:79:25:a6:4b:5a:32:df:81:2f:97:1a:df:4c:a9:20:0f:
7a:69:fd:6d:46:13:48:87:47:7e:b4:a6:58:ae:3a:41:ab:b5:
68:ce:d5:66:cb:92:08:75:4f:9d:a0:0b:13:ae:a1:ff:b0:84:
fa:32:0a:15:f4:82:cf:5b:1a:da:10:c4:37:05:b0:ca:24:bf:
b1:f0:a6:b6:f4:19:49:ce:08:44:26:05:7c:b8:c0:8d:ed:d6:
eb:4c:67:cf:ed:40:8d:a2:0d:48:35:c5:2e:88:36:6c:72:10:
3c:40:09:96:a0:f6:c1:a9:07:a2:86:f2:7f:6f:0d:48:60:7a:
ba:d4:bc:a3:2b:c6:8d:1c:3a:b4:6d:1c:f7:8e:fa:a6:38:12:
e3:84:93:d4:e2:2c:e6:d7:3d:ae:ed:2a:57:89:31:4b:e3:36:
25:9e:dc:5d:38:e8:50:e0:44:44:85:2c:09:22:33:68:28:04:
6c:6b:26:f9
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYkcJnlUdLknYWNVqnAyY/ADMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjMwNzAzMTQyNzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjRhOTY2MDc5MzY4MmE1YWE2ODU2Y2ZiYzI4ZjRiZmU1ZTg0MjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPYmHZCPLMsEpZ+3g5mTcfp4LOkz
cq0NdgqSiQeq70JjFiBSm3d09pA8Xei0/QpSjMiekopUHNr5HHg3StEQddprngxp
HU4xPMC1h6Ldvhe1vmBAx/SmBZdKg3c5WnsOXve2KghSYxqwHxIlW1WbA/Wutd5t
ctCP5ToEvb1pRcT8e17DckAASnN3Fc5l0h+DG+BRJ8n0rksT3+pRwX1hxb23mx3w
nJg7SnBJSPV5eW5f4i+IDIRqRIqEzaw76Ui1GKpv93tRlQAm5n5HrYxBjbH7fNFc
NJT/YKxY5wYjOFpInC/fEA1uzwAq1aEaBPRGKpj2DopTq9pb/UJ/nog4hQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFNJKlmB5NoKlqmhWz7wo9L/l6EIAMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvMGtxV1lIazJncVdxYUZiUHZDajB2LVhvUWdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAU5MJAwQA
U5MLAwQAU5MOAwQAU5MXMAwDBABTkxsDBAVTkwADBAJTkywDBABTkz0wDQYJKoZI
hvcNAQELBQADggEBAHs+18vNB+qW36YBGslWLMYLcquLthM7ldh+53OIl5c1Ph28
LuFwdEAS7e3x3+ZYvamqbfHnPnVCt85jFGK5H8Aw14yzTo0BwKMLeSWmS1oy34Ev
lxrfTKkgD3pp/W1GE0iHR360pliuOkGrtWjO1WbLkgh1T52gCxOuof+whPoyChX0
gs9bGtoQxDcFsMokv7Hwprb0GUnOCEQmBXy4wI3t1utMZ8/tQI2iDUg1xS6INmxy
EDxACZag9sGpB6KG8n9vDUhgerrUvKMrxo0cOrRtHPeO+qY4EuOEk9TiLObXPa7t
KleJMUvjNiWe3F046FDgRESFLAkiM2goBGxrJvk=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:43:02 2023 by rpki-client on console.sobornost.net