Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/9c2508-f69b-444b-b860-dc0e81a9d7b4/1/4L9vvEqwzPlD8VXJr5Sa7YOIFH8.roa
File: 4L9vvEqwzPlD8VXJr5Sa7YOIFH8.roa (raw, json)
Hash identifier: GLWdNKxuQKS7sTbBZDtO3DYSCz7pX+3MjIiVUDrLjWA=
Subject key identifier: E0:BF:6F:BC:4A:B0:CC:F9:43:F1:55:C9:AF:94:9A:ED:83:88:14:7F
Certificate issuer: /CN=32ad80d411acb93685f558aa7e12f46bd170a7fb
Certificate serial: 0187B4674CE7551AE5210055FD3ECBD41578
Authority key identifier: 32:AD:80:D4:11:AC:B9:36:85:F5:58:AA:7E:12:F4:6B:D1:70:A7:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mq2A1BGsuTaF9ViqfhL0a9Fwp_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/9c2508-f69b-444b-b860-dc0e81a9d7b4/1/4L9vvEqwzPlD8VXJr5Sa7YOIFH8.roa
Signing time: Mon 24 Apr 2023 17:54:41 +0000
ROA not before: Mon 24 Apr 2023 17:54:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 147.189.20.0/24 maxlen: 24
147.189.19.0/24 maxlen: 24
147.189.18.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b4:67:4c:e7:55:1a:e5:21:00:55:fd:3e:cb:d4:15:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32ad80d411acb93685f558aa7e12f46bd170a7fb
Validity
Not Before: Apr 24 17:54:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0bf6fbc4ab0ccf943f155c9af949aed8388147f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:f4:c9:7a:79:42:24:58:d1:5f:a9:1f:e3:d2:
ef:21:b0:91:bb:42:55:07:9c:1f:01:00:38:f6:d0:
79:8c:1a:90:11:45:8c:0d:31:1c:67:d0:27:1d:0d:
35:67:da:dc:3a:30:bf:a0:62:97:a4:34:3b:9d:d4:
8a:ff:31:f1:f7:eb:9b:df:85:6c:12:ce:41:b1:d2:
f6:ce:b1:69:4b:49:d1:12:c5:3d:b4:09:87:62:de:
c3:da:69:0e:49:6f:31:e1:63:aa:f8:ae:a3:88:40:
c5:c4:ad:ee:61:84:c9:f9:3c:07:7c:52:c7:ec:e8:
93:c0:3e:69:7f:32:1f:31:01:03:71:f7:f8:87:89:
64:e2:c3:e9:28:e8:ff:d5:f8:2b:c0:d4:6b:b5:5f:
c1:90:0c:4b:72:81:6e:1f:2b:c3:7c:cc:5d:ef:3f:
18:4f:35:31:0e:f4:9b:df:e0:99:e2:18:d5:3b:7a:
5a:80:35:6f:02:84:36:7b:36:1d:f1:47:36:db:7e:
fd:e3:ca:e4:b5:7a:e7:fb:8e:6d:a5:9d:5d:55:a5:
2f:da:4d:62:1f:0d:a4:24:07:cc:fd:85:6a:9c:07:
5d:c3:9a:70:64:e8:77:93:4f:3f:1c:87:a0:4b:92:
81:76:b3:44:65:fd:42:18:6a:ba:b1:5f:85:a7:ac:
77:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:BF:6F:BC:4A:B0:CC:F9:43:F1:55:C9:AF:94:9A:ED:83:88:14:7F
X509v3 Authority Key Identifier:
keyid:32:AD:80:D4:11:AC:B9:36:85:F5:58:AA:7E:12:F4:6B:D1:70:A7:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mq2A1BGsuTaF9ViqfhL0a9Fwp_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/9c2508-f69b-444b-b860-dc0e81a9d7b4/1/4L9vvEqwzPlD8VXJr5Sa7YOIFH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/9c2508-f69b-444b-b860-dc0e81a9d7b4/1/Mq2A1BGsuTaF9ViqfhL0a9Fwp_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.18.0-147.189.20.255
Signature Algorithm: sha256WithRSAEncryption
28:7d:0f:b3:f6:23:a4:85:94:59:95:3f:4d:5f:c6:97:e1:7f:
99:85:aa:96:ad:58:2d:da:84:73:35:ab:db:73:26:89:d6:b1:
6a:4c:06:3b:05:03:a5:3e:74:1c:e0:b2:d7:7c:d4:8d:be:09:
5b:4a:bd:21:f3:6c:d5:4e:37:e9:1d:16:94:d8:46:ac:73:a5:
4b:fe:5b:78:59:53:45:06:1a:8f:c4:58:0a:80:8e:1d:6f:b5:
c0:f2:7c:96:f8:cb:b8:5a:10:b0:7d:ac:08:8f:9d:69:ff:2b:
d4:54:bb:85:90:50:97:24:1a:54:af:a4:a7:c6:7b:73:13:80:
9c:38:4c:fe:12:83:65:24:ea:60:e3:03:37:bf:1e:23:76:7a:
d6:52:6e:a5:ca:d9:82:b3:4c:bc:83:cd:b4:b8:9e:eb:ee:00:
f1:e2:aa:bb:77:4d:e8:3d:db:b6:89:3a:e7:9d:9e:bb:39:3a:
03:7a:bd:97:d9:1f:1d:f9:6e:66:2c:5e:e3:bd:64:87:d6:c7:
d1:2c:cb:e4:3a:71:96:e6:ca:e4:c2:e9:6d:61:1e:07:ab:8a:
d9:02:5f:1e:b7:9c:9b:47:8b:bb:c1:10:b0:68:24:3b:72:ac:
55:7a:28:1a:04:2f:49:3a:30:52:7b:c1:46:d4:12:6a:c9:ad:
01:36:82:31
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYe0Z0znVRrlIQBV/T7L1BV4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyYWQ4MGQ0MTFhY2I5MzY4NWY1NThhYTdlMTJmNDZiZDE3
MGE3ZmIwHhcNMjMwNDI0MTc1NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGJmNmZiYzRhYjBjY2Y5NDNmMTU1YzlhZjk0OWFlZDgzODgxNDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvTJenlCJFjRX6kf49LvIbCRu0JV
B5wfAQA49tB5jBqQEUWMDTEcZ9AnHQ01Z9rcOjC/oGKXpDQ7ndSK/zHx9+ub34Vs
Es5BsdL2zrFpS0nREsU9tAmHYt7D2mkOSW8x4WOq+K6jiEDFxK3uYYTJ+TwHfFLH
7OiTwD5pfzIfMQEDcff4h4lk4sPpKOj/1fgrwNRrtV/BkAxLcoFuHyvDfMxd7z8Y
TzUxDvSb3+CZ4hjVO3pagDVvAoQ2ezYd8Uc2237948rktXrn+45tpZ1dVaUv2k1i
Hw2kJAfM/YVqnAddw5pwZOh3k08/HIegS5KBdrNEZf1CGGq6sV+Fp6x3xQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFOC/b7xKsMz5Q/FVya+Umu2DiBR/MB8GA1UdIwQY
MBaAFDKtgNQRrLk2hfVYqn4S9GvRcKf7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXEyQTFCR3N1VGFGOVZpcWZoTDBhOUZ3cF9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS85YzI1MDgtZjY5Yi00NDRiLWI4NjAt
ZGMwZTgxYTlkN2I0LzEvNEw5dnZFcXd6UGxEOFZYSnI1U2E3WU9JRkg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS85YzI1MDgtZjY5Yi00NDRiLWI4NjAtZGMwZTgxYTlkN2I0
LzEvTXEyQTFCR3N1VGFGOVZpcWZoTDBhOUZ3cF9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAGTvRID
BACTvRQwDQYJKoZIhvcNAQELBQADggEBACh9D7P2I6SFlFmVP01fxpfhf5mFqpat
WC3ahHM1q9tzJonWsWpMBjsFA6U+dBzgstd81I2+CVtKvSHzbNVON+kdFpTYRqxz
pUv+W3hZU0UGGo/EWAqAjh1vtcDyfJb4y7haELB9rAiPnWn/K9RUu4WQUJckGlSv
pKfGe3MTgJw4TP4Sg2Uk6mDjAze/HiN2etZSbqXK2YKzTLyDzbS4nuvuAPHiqrt3
Teg927aJOuednrs5OgN6vZfZHx35bmYsXuO9ZIfWx9Esy+Q6cZbmyuTC6W1hHger
itkCXx63nJtHi7vBELBoJDtyrFV6KBoEL0k6MFJ7wUbUEmrJrQE2gjE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:37 2024 by rpki-client on console-fra.rpki-client.org