Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/cR8j1paq2eygaRUOJ641en_FUWs.roa
File: cR8j1paq2eygaRUOJ641en_FUWs.roa (raw, json)
Hash identifier: hJlGudsDKZHmeIxLSAVWXmoCQx4F0lc+W3JtYrBmU0E=
Subject key identifier: 71:1F:23:D6:96:AA:D9:EC:A0:69:15:0E:27:AE:35:7A:7F:C5:51:6B
Certificate issuer: /CN=3bde638684c645fedd600ed3c50cdf310b116d3e
Certificate serial: 0186BD0892ABC565FA08F971180FDD72FBAF
Authority key identifier: 3B:DE:63:86:84:C6:45:FE:DD:60:0E:D3:C5:0C:DF:31:0B:11:6D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O95jhoTGRf7dYA7TxQzfMQsRbT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/cR8j1paq2eygaRUOJ641en_FUWs.roa
Signing time: Tue 07 Mar 2023 17:05:00 +0000
ROA not before: Tue 07 Mar 2023 17:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209045
IP address blocks: 147.189.192.0/20 maxlen: 24
147.189.207.0/24 maxlen: 24
194.61.20.0/22 maxlen: 22
2a09:7007::/36 maxlen: 36
2a09:7001::/32 maxlen: 32
2a09:7000::/29 maxlen: 36
2a09:7000::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 11 Oct 2023 14:14:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:bd:08:92:ab:c5:65:fa:08:f9:71:18:0f:dd:72:fb:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bde638684c645fedd600ed3c50cdf310b116d3e
Validity
Not Before: Mar 7 17:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=711f23d696aad9eca069150e27ae357a7fc5516b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:5a:dc:1a:8a:7c:ce:ac:41:58:05:05:db:da:
54:44:8d:50:81:8b:b9:10:fd:77:01:2c:ba:97:fc:
34:d2:33:d0:48:7a:a5:2d:49:5f:2d:a2:37:52:89:
38:32:38:c4:e8:6f:b6:8a:cd:17:8d:c5:b1:fd:f7:
54:a1:5d:1f:5a:ce:35:9e:a9:0b:97:9a:84:ef:30:
35:29:b3:31:33:70:dc:6f:e9:13:33:2a:13:b6:18:
d6:f8:e2:1d:a2:86:61:57:8f:c6:ad:75:fd:32:2a:
3c:86:58:2d:8f:73:2f:a1:1f:54:8c:86:3e:cf:36:
d3:28:c1:95:28:05:97:60:fd:2e:88:65:f2:13:33:
a4:cb:33:59:0e:bf:2a:95:28:79:bd:c1:f9:fb:64:
2c:a0:41:4d:86:2e:73:72:5d:95:59:d0:76:70:22:
98:c7:13:df:8c:9b:cc:5d:6b:ea:24:80:e2:e7:52:
1a:24:a2:24:f4:23:e7:24:7e:bf:7e:17:ca:26:49:
7d:c8:05:c9:81:c6:47:f0:a8:bb:e2:c0:06:01:73:
1e:05:18:4e:53:3c:9c:09:71:6a:86:3c:9c:da:85:
97:0a:e9:c0:d1:cf:2e:28:3e:aa:73:bc:6d:90:8d:
97:55:e5:18:36:f1:8e:ff:64:ad:a2:04:43:08:4c:
4f:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:1F:23:D6:96:AA:D9:EC:A0:69:15:0E:27:AE:35:7A:7F:C5:51:6B
X509v3 Authority Key Identifier:
keyid:3B:DE:63:86:84:C6:45:FE:DD:60:0E:D3:C5:0C:DF:31:0B:11:6D:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O95jhoTGRf7dYA7TxQzfMQsRbT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/cR8j1paq2eygaRUOJ641en_FUWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/O95jhoTGRf7dYA7TxQzfMQsRbT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.192.0/20
194.61.20.0/22
IPv6:
2a09:7000::/29
Signature Algorithm: sha256WithRSAEncryption
14:54:c3:4f:02:61:2f:dc:0f:25:4f:66:1b:72:e3:7b:6f:64:
86:67:d4:0f:b6:60:0b:a5:78:bb:85:9a:45:54:50:3b:89:f7:
99:11:f5:60:7d:28:86:52:77:23:0c:e3:c6:9c:19:c5:08:0a:
0a:40:11:b3:a4:e9:95:18:58:3f:82:8b:d7:d7:98:56:26:68:
ec:da:a0:ec:48:0f:bc:02:2f:fe:dc:aa:61:41:8c:2e:08:ac:
85:2a:5f:1b:8a:e2:6f:41:1e:cc:5c:6d:b2:04:a1:b1:85:98:
4c:b0:36:21:18:72:35:7b:bf:37:13:e6:7c:b7:eb:4d:53:19:
e5:cc:51:44:65:26:2e:89:dd:e2:f0:d7:a5:69:55:a9:df:16:
55:e4:33:8b:11:be:b5:c9:d9:ac:50:6e:43:19:9d:67:7d:a8:
73:a7:46:52:1f:ce:3d:0d:09:51:82:b4:eb:0b:b8:41:c6:65:
3c:56:63:22:c8:bd:32:9e:da:be:d8:51:bf:c6:4c:29:ed:e5:
5f:ab:96:49:87:df:5e:36:53:a9:6c:e1:1f:be:33:57:b1:18:
eb:35:b5:34:9d:65:f8:8f:0e:a9:96:ef:6c:46:63:6c:63:7f:
12:d1:1f:c1:d6:bf:f4:34:a5:d2:78:e5:c1:e0:65:5c:80:3c:
e0:52:5e:f7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYa9CJKrxWX6CPlxGA/dcvuvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZGU2Mzg2ODRjNjQ1ZmVkZDYwMGVkM2M1MGNkZjMxMGIx
MTZkM2UwHhcNMjMwMzA3MTcwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTFmMjNkNjk2YWFkOWVjYTA2OTE1MGUyN2FlMzU3YTdmYzU1MTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4FrcGop8zqxBWAUF29pURI1QgYu5
EP13ASy6l/w00jPQSHqlLUlfLaI3Uok4MjjE6G+2is0XjcWx/fdUoV0fWs41nqkL
l5qE7zA1KbMxM3Dcb+kTMyoTthjW+OIdooZhV4/GrXX9Mio8hlgtj3MvoR9UjIY+
zzbTKMGVKAWXYP0uiGXyEzOkyzNZDr8qlSh5vcH5+2QsoEFNhi5zcl2VWdB2cCKY
xxPfjJvMXWvqJIDi51IaJKIk9CPnJH6/fhfKJkl9yAXJgcZH8Ki74sAGAXMeBRhO
UzycCXFqhjyc2oWXCunA0c8uKD6qc7xtkI2XVeUYNvGO/2StogRDCExPrwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHEfI9aWqtnsoGkVDieuNXp/xVFrMB8GA1UdIwQY
MBaAFDveY4aExkX+3WAO08UM3zELEW0+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzk1amhvVEdSZjdkWUE3VHhRemZNUXNSYlQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS82MmIxNWQtZWU1MC00NTBiLThlMmQt
MDk3YjA1MTBkM2UyLzEvY1I4ajFwYXEyZXlnYVJVT0o2NDFlbl9GVVdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS82MmIxNWQtZWU1MC00NTBiLThlMmQtMDk3YjA1MTBkM2Uy
LzEvTzk1amhvVEdSZjdkWUE3VHhRemZNUXNSYlQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEk73AAwQC
wj0UMA0EAgACMAcDBQMqCXAAMA0GCSqGSIb3DQEBCwUAA4IBAQAUVMNPAmEv3A8l
T2YbcuN7b2SGZ9QPtmALpXi7hZpFVFA7ifeZEfVgfSiGUncjDOPGnBnFCAoKQBGz
pOmVGFg/govX15hWJmjs2qDsSA+8Ai/+3KphQYwuCKyFKl8biuJvQR7MXG2yBKGx
hZhMsDYhGHI1e783E+Z8t+tNUxnlzFFEZSYuid3i8NelaVWp3xZV5DOLEb61ydms
UG5DGZ1nfahzp0ZSH849DQlRgrTrC7hBxmU8VmMiyL0yntq+2FG/xkwp7eVfq5ZJ
h99eNlOpbOEfvjNXsRjrNbU0nWX4jw6plu9sRmNsY38S0R/B1r/0NKXSeOXB4GVc
gDzgUl73
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:36 2024 by rpki-client on console-ams.rpki-client.org