Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/GeYhwvEEgkEPgFzo00FrcMi9xYQ.roa
File: GeYhwvEEgkEPgFzo00FrcMi9xYQ.roa (raw, json)
Hash identifier: QaiY5R0DTTr48SyAtUvQ5zKtEpwDHtBSBVHKg2aKgOY=
Subject key identifier: 19:E6:21:C2:F1:04:82:41:0F:80:5C:E8:D3:41:6B:70:C8:BD:C5:84
Certificate issuer: /CN=3bde638684c645fedd600ed3c50cdf310b116d3e
Certificate serial: 018B2309058640527B1DDAD98A64EEF1A9C8
Authority key identifier: 3B:DE:63:86:84:C6:45:FE:DD:60:0E:D3:C5:0C:DF:31:0B:11:6D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O95jhoTGRf7dYA7TxQzfMQsRbT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/GeYhwvEEgkEPgFzo00FrcMi9xYQ.roa
Signing time: Thu 12 Oct 2023 08:37:55 +0000
ROA not before: Thu 12 Oct 2023 08:37:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209045
IP address blocks: 147.189.192.0/20 maxlen: 24
147.189.207.0/24 maxlen: 24
194.61.20.0/22 maxlen: 22
2a09:7007::/36 maxlen: 36
2a09:7000::/31 maxlen: 32
2a09:7002::/31 maxlen: 32
2a09:7000::/29 maxlen: 36
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:23:09:05:86:40:52:7b:1d:da:d9:8a:64:ee:f1:a9:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bde638684c645fedd600ed3c50cdf310b116d3e
Validity
Not Before: Oct 12 08:37:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=19e621c2f10482410f805ce8d3416b70c8bdc584
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:4b:93:f7:f6:49:1d:ad:88:1a:8e:66:0f:e0:
de:9c:15:c0:dc:bc:51:13:78:1f:df:37:40:ee:91:
4d:d6:cb:c0:ba:93:98:09:0e:17:5e:9a:bb:cf:e6:
dc:99:ae:6e:d9:01:22:06:57:0f:b0:15:a0:d9:95:
a8:be:93:fc:19:04:2f:50:c4:f5:d8:95:a6:4e:b2:
43:67:8f:cc:0d:dd:a6:05:20:2d:ef:fb:f9:01:56:
14:0b:bb:dc:50:47:b0:87:69:b8:52:ce:e2:7e:56:
5c:cd:f3:31:c8:6f:cd:07:48:47:9b:43:b1:87:2f:
bf:6d:42:89:00:9a:5a:f9:ae:6d:fa:63:40:bd:45:
05:2f:db:e3:af:c0:6c:13:0c:8a:1f:8e:bf:8b:8e:
ec:c8:cf:51:6d:3f:df:b4:91:4b:9e:23:3a:87:cf:
7e:5f:a0:bf:5c:ac:1c:41:d9:55:41:cb:02:e9:2a:
89:4a:26:b1:25:da:4d:64:6e:01:e3:22:97:12:df:
93:95:44:aa:e9:13:1d:25:9d:f4:d8:54:c4:4e:85:
3a:ad:f4:c0:a3:f9:38:cf:75:76:a5:5a:ec:ec:a2:
a8:e7:0d:6a:ea:b9:d3:f5:be:22:6f:6f:22:af:3c:
c7:86:ee:1c:40:d9:ae:a2:d4:d9:13:01:69:06:95:
82:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:E6:21:C2:F1:04:82:41:0F:80:5C:E8:D3:41:6B:70:C8:BD:C5:84
X509v3 Authority Key Identifier:
keyid:3B:DE:63:86:84:C6:45:FE:DD:60:0E:D3:C5:0C:DF:31:0B:11:6D:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O95jhoTGRf7dYA7TxQzfMQsRbT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/GeYhwvEEgkEPgFzo00FrcMi9xYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/O95jhoTGRf7dYA7TxQzfMQsRbT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.192.0/20
194.61.20.0/22
IPv6:
2a09:7000::/29
Signature Algorithm: sha256WithRSAEncryption
57:a6:96:23:ed:15:51:a7:8f:b9:fc:0f:40:d6:36:e6:2b:c9:
75:ec:bd:e8:fc:95:34:f7:c1:b1:06:c4:8c:df:f3:77:fa:19:
69:0d:4b:49:d2:47:3a:36:c2:01:03:f2:b9:67:49:06:6a:84:
29:6a:cd:a0:08:f8:d9:83:88:49:ac:ca:f4:19:64:e1:df:44:
c7:b1:84:b7:28:43:2a:bd:8e:22:4f:fc:15:73:26:23:bc:0b:
11:18:5f:92:c2:89:ff:73:a6:99:00:b4:ce:30:15:db:4b:84:
c5:3d:a0:29:bb:c4:6d:5b:92:07:4c:d8:db:9b:60:ac:91:8b:
76:be:96:b5:71:94:77:a6:12:87:6c:67:e6:1e:1b:60:1e:e3:
07:b8:b0:5a:b4:53:96:41:24:2d:c2:02:ba:9d:4f:cc:c1:9c:
37:2f:c6:0f:15:65:ff:00:0f:1a:53:6e:4d:5f:8b:0f:cc:6c:
d7:40:cd:cd:4b:be:9c:89:ba:d7:f7:c8:f5:ee:23:42:97:56:
31:76:c0:48:5f:de:fc:6c:1d:c7:19:d7:00:70:50:89:74:c8:
ff:7f:7c:65:88:91:09:1c:7f:f6:4f:ee:a2:74:2b:aa:46:31:
57:48:ab:06:6d:48:94:6b:ff:00:e9:e8:25:3f:91:e7:d3:b6:
b3:b9:4d:d0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYsjCQWGQFJ7HdrZimTu8anIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZGU2Mzg2ODRjNjQ1ZmVkZDYwMGVkM2M1MGNkZjMxMGIx
MTZkM2UwHhcNMjMxMDEyMDgzNzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWU2MjFjMmYxMDQ4MjQxMGY4MDVjZThkMzQxNmI3MGM4YmRjNTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkuT9/ZJHa2IGo5mD+DenBXA3LxR
E3gf3zdA7pFN1svAupOYCQ4XXpq7z+bcma5u2QEiBlcPsBWg2ZWovpP8GQQvUMT1
2JWmTrJDZ4/MDd2mBSAt7/v5AVYUC7vcUEewh2m4Us7iflZczfMxyG/NB0hHm0Ox
hy+/bUKJAJpa+a5t+mNAvUUFL9vjr8BsEwyKH46/i47syM9RbT/ftJFLniM6h89+
X6C/XKwcQdlVQcsC6SqJSiaxJdpNZG4B4yKXEt+TlUSq6RMdJZ302FTEToU6rfTA
o/k4z3V2pVrs7KKo5w1q6rnT9b4ib28irzzHhu4cQNmuotTZEwFpBpWCOQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBnmIcLxBIJBD4Bc6NNBa3DIvcWEMB8GA1UdIwQY
MBaAFDveY4aExkX+3WAO08UM3zELEW0+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzk1amhvVEdSZjdkWUE3VHhRemZNUXNSYlQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS82MmIxNWQtZWU1MC00NTBiLThlMmQt
MDk3YjA1MTBkM2UyLzEvR2VZaHd2RUVna0VQZ0Z6bzAwRnJjTWk5eFlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS82MmIxNWQtZWU1MC00NTBiLThlMmQtMDk3YjA1MTBkM2Uy
LzEvTzk1amhvVEdSZjdkWUE3VHhRemZNUXNSYlQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEk73AAwQC
wj0UMA0EAgACMAcDBQMqCXAAMA0GCSqGSIb3DQEBCwUAA4IBAQBXppYj7RVRp4+5
/A9A1jbmK8l17L3o/JU098GxBsSM3/N3+hlpDUtJ0kc6NsIBA/K5Z0kGaoQpas2g
CPjZg4hJrMr0GWTh30THsYS3KEMqvY4iT/wVcyYjvAsRGF+Swon/c6aZALTOMBXb
S4TFPaApu8RtW5IHTNjbm2CskYt2vpa1cZR3phKHbGfmHhtgHuMHuLBatFOWQSQt
wgK6nU/MwZw3L8YPFWX/AA8aU25NX4sPzGzXQM3NS76cibrX98j17iNCl1YxdsBI
X978bB3HGdcAcFCJdMj/f3xliJEJHH/2T+6idCuqRjFXSKsGbUiUa/8A6eglP5Hn
07azuU3Q
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:36 2024 by rpki-client on console-ams.rpki-client.org