Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/k43m25HlJfOOoTv1SyVjtY1iVQk.roa
File: k43m25HlJfOOoTv1SyVjtY1iVQk.roa (raw, json)
Hash identifier: jeAu764DIkGdsWbgPgX/Rlc2bIOwdNDSCjXf2hYa6Ho=
Subject key identifier: 93:8D:E6:DB:91:E5:25:F3:8E:A1:3B:F5:4B:25:63:B5:8D:62:55:09
Certificate issuer: /CN=3bde638684c645fedd600ed3c50cdf310b116d3e
Certificate serial: 018CC8DF22D99A528BD597CAD4E646FB198A
Authority key identifier: 3B:DE:63:86:84:C6:45:FE:DD:60:0E:D3:C5:0C:DF:31:0B:11:6D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O95jhoTGRf7dYA7TxQzfMQsRbT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/k43m25HlJfOOoTv1SyVjtY1iVQk.roa
Signing time: Tue 02 Jan 2024 06:31:55 +0000
ROA not before: Tue 02 Jan 2024 06:31:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209045
IP address blocks: 147.189.192.0/20 maxlen: 24
147.189.207.0/24 maxlen: 24
194.61.20.0/22 maxlen: 22
2a09:7007::/36 maxlen: 36
2a09:7000::/31 maxlen: 32
2a09:7002::/31 maxlen: 32
2a09:7000::/29 maxlen: 36
Validation: Failed, certificate revoked on Thu 22 Feb 2024 15:21:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:22:d9:9a:52:8b:d5:97:ca:d4:e6:46:fb:19:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bde638684c645fedd600ed3c50cdf310b116d3e
Validity
Not Before: Jan 2 06:31:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=938de6db91e525f38ea13bf54b2563b58d625509
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ed:2d:7a:4b:0b:f2:83:6d:59:73:f7:4a:5a:
53:b8:93:a9:cc:e9:b0:a8:3d:d1:e3:0e:4f:52:24:
d9:f2:03:08:e5:3b:6a:ab:3c:3a:4e:58:93:12:4f:
eb:24:9d:73:fe:08:85:43:d8:9a:59:fc:db:c8:6c:
45:e9:24:69:d4:cb:6f:c1:90:ad:35:86:54:21:5b:
b1:23:36:12:2e:8d:b3:94:d4:16:e1:71:af:3b:33:
7c:40:48:8b:b0:1e:e1:1c:31:f7:56:d0:4c:57:ff:
a8:fe:de:d3:b9:38:bb:dc:e9:e0:b2:b9:43:59:80:
10:d5:05:39:2c:33:ec:58:69:b2:10:a5:09:cc:2d:
d9:d0:b2:0f:86:ec:34:af:17:cc:d2:da:74:bb:22:
4e:87:f6:68:6a:6a:60:77:e4:f7:9f:97:0c:46:2b:
b7:b9:ce:5d:3a:a2:18:28:a3:7d:63:68:29:0c:b8:
53:be:62:a7:6f:a9:f5:f4:30:df:86:0d:62:2d:4f:
9f:3f:25:fe:ad:d9:13:c0:0f:ed:29:24:ec:83:f0:
96:80:04:2c:e3:5b:3c:74:24:5d:44:32:34:c6:00:
bf:53:c0:a1:e3:3d:dd:86:56:2f:9e:34:9d:e0:35:
45:a8:0c:16:f8:02:d3:bb:11:9f:2d:b8:70:e3:ec:
59:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:8D:E6:DB:91:E5:25:F3:8E:A1:3B:F5:4B:25:63:B5:8D:62:55:09
X509v3 Authority Key Identifier:
keyid:3B:DE:63:86:84:C6:45:FE:DD:60:0E:D3:C5:0C:DF:31:0B:11:6D:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O95jhoTGRf7dYA7TxQzfMQsRbT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/k43m25HlJfOOoTv1SyVjtY1iVQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/O95jhoTGRf7dYA7TxQzfMQsRbT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.192.0/20
194.61.20.0/22
IPv6:
2a09:7000::/29
Signature Algorithm: sha256WithRSAEncryption
7c:83:c0:34:3a:cb:67:bf:1c:57:bd:19:ac:49:dd:a7:9b:6f:
59:74:3b:a8:03:fe:fe:98:da:fd:9a:d8:b0:77:c6:46:b2:6e:
b1:17:fc:12:60:9a:1a:08:04:16:57:5c:8c:71:75:3c:f6:07:
d6:c0:59:1f:cc:e0:ab:2c:c3:68:19:72:a9:7e:c8:31:37:f9:
df:42:ba:21:f8:54:44:4e:7d:14:dc:3e:3c:26:6f:c4:55:74:
74:11:42:81:12:4f:2f:c8:88:95:98:55:14:4b:db:dc:af:02:
48:12:3e:0d:b4:b7:f5:3f:4e:df:a7:41:fb:84:40:2b:70:e4:
ae:30:bf:b1:67:67:c2:54:95:de:ed:b1:35:4f:50:1f:12:77:
74:a5:9b:82:e6:03:87:70:be:cf:d7:63:a7:9a:1b:f2:40:20:
54:58:88:16:3a:3f:99:64:3a:67:2f:51:02:c6:16:fb:2d:cb:
83:76:38:46:16:9c:12:8e:74:38:60:6d:5f:47:5f:4a:39:60:
ee:17:9f:95:52:93:e1:4b:d0:98:f9:89:0d:84:ac:58:c6:33:
c7:f2:c3:64:61:05:49:35:36:32:8f:62:0c:1f:3a:7b:38:b4:
61:18:04:0b:fe:ff:b8:b7:08:00:5f:ea:b0:c8:5b:68:e3:7d:
38:df:69:7a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzI3yLZmlKL1ZfK1OZG+xmKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZGU2Mzg2ODRjNjQ1ZmVkZDYwMGVkM2M1MGNkZjMxMGIx
MTZkM2UwHhcNMjQwMTAyMDYzMTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzhkZTZkYjkxZTUyNWYzOGVhMTNiZjU0YjI1NjNiNThkNjI1NTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+0teksL8oNtWXP3SlpTuJOpzOmw
qD3R4w5PUiTZ8gMI5Ttqqzw6TliTEk/rJJ1z/giFQ9iaWfzbyGxF6SRp1MtvwZCt
NYZUIVuxIzYSLo2zlNQW4XGvOzN8QEiLsB7hHDH3VtBMV/+o/t7TuTi73OngsrlD
WYAQ1QU5LDPsWGmyEKUJzC3Z0LIPhuw0rxfM0tp0uyJOh/Zoampgd+T3n5cMRiu3
uc5dOqIYKKN9Y2gpDLhTvmKnb6n19DDfhg1iLU+fPyX+rdkTwA/tKSTsg/CWgAQs
41s8dCRdRDI0xgC/U8Ch4z3dhlYvnjSd4DVFqAwW+ALTuxGfLbhw4+xZxQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJON5tuR5SXzjqE79UslY7WNYlUJMB8GA1UdIwQY
MBaAFDveY4aExkX+3WAO08UM3zELEW0+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzk1amhvVEdSZjdkWUE3VHhRemZNUXNSYlQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS82MmIxNWQtZWU1MC00NTBiLThlMmQt
MDk3YjA1MTBkM2UyLzEvazQzbTI1SGxKZk9Pb1R2MVN5Vmp0WTFpVlFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS82MmIxNWQtZWU1MC00NTBiLThlMmQtMDk3YjA1MTBkM2Uy
LzEvTzk1amhvVEdSZjdkWUE3VHhRemZNUXNSYlQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEk73AAwQC
wj0UMA0EAgACMAcDBQMqCXAAMA0GCSqGSIb3DQEBCwUAA4IBAQB8g8A0OstnvxxX
vRmsSd2nm29ZdDuoA/7+mNr9mtiwd8ZGsm6xF/wSYJoaCAQWV1yMcXU89gfWwFkf
zOCrLMNoGXKpfsgxN/nfQroh+FRETn0U3D48Jm/EVXR0EUKBEk8vyIiVmFUUS9vc
rwJIEj4NtLf1P07fp0H7hEArcOSuML+xZ2fCVJXe7bE1T1AfEnd0pZuC5gOHcL7P
12OnmhvyQCBUWIgWOj+ZZDpnL1ECxhb7LcuDdjhGFpwSjnQ4YG1fR19KOWDuF5+V
UpPhS9CY+YkNhKxYxjPH8sNkYQVJNTYyj2IMHzp7OLRhGAQL/v+4twgAX+qwyFto
430432l6
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:36 2024 by rpki-client on console-ams.rpki-client.org