Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/mIzrjlqB8kN2v_WCNU3w-HqTjlE.roa
File: mIzrjlqB8kN2v_WCNU3w-HqTjlE.roa (raw, json)
Hash identifier: QgahSLgW32x7Qp6DhT2ZukprdMqmI9xn38T23D+WuLg=
Subject key identifier: 98:8C:EB:8E:5A:81:F2:43:76:BF:F5:82:35:4D:F0:F8:7A:93:8E:51
Certificate issuer: /CN=3bde638684c645fedd600ed3c50cdf310b116d3e
Certificate serial: 018B1F17322D19912EDCBB013249E1C73FAB
Authority key identifier: 3B:DE:63:86:84:C6:45:FE:DD:60:0E:D3:C5:0C:DF:31:0B:11:6D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O95jhoTGRf7dYA7TxQzfMQsRbT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/mIzrjlqB8kN2v_WCNU3w-HqTjlE.roa
Signing time: Wed 11 Oct 2023 14:14:55 +0000
ROA not before: Wed 11 Oct 2023 14:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209045
IP address blocks: 147.189.192.0/20 maxlen: 24
147.189.207.0/24 maxlen: 24
194.61.20.0/22 maxlen: 22
2a09:7007::/36 maxlen: 36
2a09:7000::/31 maxlen: 31
2a09:7002::/31 maxlen: 31
2a09:7000::/29 maxlen: 36
Validation: Failed, certificate revoked on Thu 12 Oct 2023 08:37:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1f:17:32:2d:19:91:2e:dc:bb:01:32:49:e1:c7:3f:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bde638684c645fedd600ed3c50cdf310b116d3e
Validity
Not Before: Oct 11 14:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=988ceb8e5a81f24376bff582354df0f87a938e51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:fe:b2:67:6a:4c:18:91:aa:b5:3a:e3:e3:33:
d4:c3:9a:6d:70:1d:ac:a1:24:f9:35:f3:81:de:31:
0e:7a:b2:54:a3:e6:2d:89:c7:64:a1:4d:a5:ad:66:
fe:35:5f:da:8e:c7:a5:62:37:6e:72:7b:13:f2:41:
f8:bf:6b:2f:0d:bd:4a:b7:4a:e2:e7:8b:af:13:e1:
87:44:10:6c:bd:0d:26:95:bf:54:36:a5:ff:46:b5:
b7:28:48:19:de:01:9f:93:a0:e6:58:79:8d:74:28:
af:fb:9c:a9:11:c1:71:ea:4d:af:ca:f9:12:b7:e1:
b8:b7:11:94:d9:a2:a1:6c:12:17:a4:e0:85:15:53:
a2:67:21:57:2b:00:79:00:d8:ad:08:c5:29:91:57:
75:35:0c:a6:8a:2f:a1:7d:3c:86:c8:60:db:31:0b:
8f:43:44:a0:f0:d6:00:37:ee:4b:1a:49:0c:da:12:
2d:3e:64:57:9a:0c:db:63:f5:32:70:6e:df:01:00:
8b:2c:83:11:35:ba:60:21:4f:f6:b2:fa:f2:ee:15:
46:21:77:c8:db:a2:5c:73:68:05:1c:54:17:d2:a3:
ac:4a:6a:4b:e2:dd:bc:f2:29:fc:b9:cc:5b:62:db:
07:cf:28:2f:0c:eb:fe:ae:50:66:42:92:e4:aa:08:
d7:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:8C:EB:8E:5A:81:F2:43:76:BF:F5:82:35:4D:F0:F8:7A:93:8E:51
X509v3 Authority Key Identifier:
keyid:3B:DE:63:86:84:C6:45:FE:DD:60:0E:D3:C5:0C:DF:31:0B:11:6D:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O95jhoTGRf7dYA7TxQzfMQsRbT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/mIzrjlqB8kN2v_WCNU3w-HqTjlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/62b15d-ee50-450b-8e2d-097b0510d3e2/1/O95jhoTGRf7dYA7TxQzfMQsRbT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.192.0/20
194.61.20.0/22
IPv6:
2a09:7000::/29
Signature Algorithm: sha256WithRSAEncryption
89:8c:bc:6b:ee:86:9b:e1:6d:e5:90:57:32:a5:82:d0:2f:db:
0d:d2:c7:6a:5b:fc:9e:bb:05:2d:43:b1:e8:c2:76:43:f6:eb:
06:0a:09:89:9a:15:7e:a7:e7:74:68:f8:50:1d:b7:53:55:50:
2d:53:5f:ba:80:2c:8c:41:e7:b8:4b:cb:90:f8:79:f8:fe:b4:
ad:e3:f1:23:47:c2:c8:71:94:af:a1:99:e2:8f:60:07:0b:52:
e3:16:cb:09:61:2a:cc:8d:5d:88:09:d1:d8:6e:0b:73:f1:1f:
08:51:b1:dd:58:5c:3b:6f:e0:ed:a6:44:cf:d9:67:d8:29:81:
d1:dc:4d:6a:14:2f:99:67:8d:2c:db:b0:d7:6b:42:25:97:eb:
56:19:a9:2a:f2:6b:15:6a:b9:23:22:64:ec:c2:58:80:11:48:
69:65:38:f1:bc:1c:4e:28:b7:99:5a:b2:c9:28:a2:10:38:85:
7b:f9:8b:8d:8d:5a:2f:3d:ff:45:57:0e:0e:fe:c7:17:73:56:
eb:24:83:3f:eb:46:c9:2d:cc:b5:12:ca:82:ae:81:47:93:1c:
b3:74:af:d6:6c:b2:84:e1:39:a5:20:85:4c:5e:98:2b:3d:cc:
e8:f4:1c:fb:61:4d:eb:2f:62:bc:fc:54:20:df:d5:c0:b6:f3:
fb:5e:8f:3b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYsfFzItGZEu3LsBMknhxz+rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZGU2Mzg2ODRjNjQ1ZmVkZDYwMGVkM2M1MGNkZjMxMGIx
MTZkM2UwHhcNMjMxMDExMTQxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODhjZWI4ZTVhODFmMjQzNzZiZmY1ODIzNTRkZjBmODdhOTM4ZTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/6yZ2pMGJGqtTrj4zPUw5ptcB2s
oST5NfOB3jEOerJUo+YticdkoU2lrWb+NV/ajselYjducnsT8kH4v2svDb1Kt0ri
54uvE+GHRBBsvQ0mlb9UNqX/RrW3KEgZ3gGfk6DmWHmNdCiv+5ypEcFx6k2vyvkS
t+G4txGU2aKhbBIXpOCFFVOiZyFXKwB5ANitCMUpkVd1NQymii+hfTyGyGDbMQuP
Q0Sg8NYAN+5LGkkM2hItPmRXmgzbY/UycG7fAQCLLIMRNbpgIU/2svry7hVGIXfI
26Jcc2gFHFQX0qOsSmpL4t288in8ucxbYtsHzygvDOv+rlBmQpLkqgjX2QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJiM645agfJDdr/1gjVN8Ph6k45RMB8GA1UdIwQY
MBaAFDveY4aExkX+3WAO08UM3zELEW0+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzk1amhvVEdSZjdkWUE3VHhRemZNUXNSYlQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS82MmIxNWQtZWU1MC00NTBiLThlMmQt
MDk3YjA1MTBkM2UyLzEvbUl6cmpscUI4a04ydl9XQ05VM3ctSHFUamxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS82MmIxNWQtZWU1MC00NTBiLThlMmQtMDk3YjA1MTBkM2Uy
LzEvTzk1amhvVEdSZjdkWUE3VHhRemZNUXNSYlQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEk73AAwQC
wj0UMA0EAgACMAcDBQMqCXAAMA0GCSqGSIb3DQEBCwUAA4IBAQCJjLxr7oab4W3l
kFcypYLQL9sN0sdqW/yeuwUtQ7HownZD9usGCgmJmhV+p+d0aPhQHbdTVVAtU1+6
gCyMQee4S8uQ+Hn4/rSt4/EjR8LIcZSvoZnij2AHC1LjFssJYSrMjV2ICdHYbgtz
8R8IUbHdWFw7b+DtpkTP2WfYKYHR3E1qFC+ZZ40s27DXa0Ill+tWGakq8msVarkj
ImTswliAEUhpZTjxvBxOKLeZWrLJKKIQOIV7+YuNjVovPf9FVw4O/scXc1brJIM/
60bJLcy1EsqCroFHkxyzdK/WbLKE4TmlIIVMXpgrPczo9Bz7YU3rL2K8/FQg39XA
tvP7Xo87
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:42 2024 by rpki-client on console-fra.rpki-client.org