Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/v9F-2s--zIkh31CZzFLhxdsVzyg.roa
File: v9F-2s--zIkh31CZzFLhxdsVzyg.roa (raw, json)
Hash identifier: xfDzVsKXx/0/1lljuII/KZPZjflCATs1V0UYiag8nFs=
Subject key identifier: BF:D1:7E:DA:CF:BE:CC:89:21:DF:50:99:CC:52:E1:C5:DB:15:CF:28
Certificate issuer: /CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Certificate serial: 01895B94E334553DB000A4D260898B9F35B9
Authority key identifier: F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/v9F-2s--zIkh31CZzFLhxdsVzyg.roa
Signing time: Sat 15 Jul 2023 22:03:51 +0000
ROA not before: Sat 15 Jul 2023 22:03:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40676
IP address blocks: 147.189.132.0/24 maxlen: 24
147.189.131.0/24 maxlen: 24
147.189.128.0/24 maxlen: 24
147.189.134.0/24 maxlen: 24
147.189.135.0/24 maxlen: 24
45.14.113.0/24 maxlen: 24
176.111.217.0/24 maxlen: 24
2.56.8.0/24 maxlen: 24
2.56.9.0/24 maxlen: 24
5.183.76.0/24 maxlen: 24
2a0e:c80:323::/48 maxlen: 48
2a0e:c80:403::/48 maxlen: 48
2a0e:c80:3::/48 maxlen: 48
2a0e:c80:743::/48 maxlen: 48
2a0f:9980:195::/48 maxlen: 48
2a0f:9980:598::/48 maxlen: 48
2a0f:9980:936::/48 maxlen: 48
2a0f:9980:6::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 15 Aug 2023 09:36:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:5b:94:e3:34:55:3d:b0:00:a4:d2:60:89:8b:9f:35:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Validity
Not Before: Jul 15 22:03:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bfd17edacfbecc8921df5099cc52e1c5db15cf28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:20:e0:3e:c5:dc:e9:67:b2:6b:5c:cc:05:f5:
a7:75:49:46:74:e2:d0:b2:6e:14:2f:ab:ef:56:ad:
30:8f:84:d0:4e:bd:6a:51:c0:0c:13:3f:d7:ea:14:
79:d5:6a:25:4e:1c:72:ff:9b:93:0a:23:03:db:ac:
8a:e2:84:f3:03:f5:98:82:62:67:ed:60:86:23:36:
ba:91:af:9c:2a:33:d3:76:61:de:5a:a0:45:7d:2c:
01:d8:1d:e8:65:58:c3:2f:15:b0:6f:63:c5:7e:2f:
40:d1:83:3f:a1:c2:80:16:18:f8:70:10:d5:10:99:
17:56:8b:ff:78:47:08:c6:8f:3c:f9:cc:48:51:d8:
ad:e1:9a:ae:06:bd:a3:ea:e7:a7:8c:30:29:09:b5:
1a:2e:5a:58:bb:cf:b9:6e:a2:14:20:ac:6b:a1:6d:
46:cd:b9:de:9b:a7:41:8b:e3:26:66:d5:aa:b5:11:
5f:6d:6a:65:bd:e1:4e:32:2c:39:59:93:c6:75:63:
51:d4:7f:91:f4:7a:13:6a:22:e8:8b:4e:38:53:89:
8b:fd:bb:79:70:66:e5:e4:1a:a3:9e:8a:1d:7e:61:
f3:ae:98:18:d5:05:28:15:9a:be:e6:6e:a4:51:5b:
a5:26:a1:38:87:da:53:3e:6b:de:3a:3b:71:d3:e6:
5e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:D1:7E:DA:CF:BE:CC:89:21:DF:50:99:CC:52:E1:C5:DB:15:CF:28
X509v3 Authority Key Identifier:
keyid:F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/v9F-2s--zIkh31CZzFLhxdsVzyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.8.0/23
5.183.76.0/24
45.14.113.0/24
147.189.128.0/24
147.189.131.0-147.189.132.255
147.189.134.0/23
176.111.217.0/24
IPv6:
2a0e:c80:3::/48
2a0e:c80:323::/48
2a0e:c80:403::/48
2a0e:c80:743::/48
2a0f:9980:6::/48
2a0f:9980:195::/48
2a0f:9980:598::/48
2a0f:9980:936::/48
Signature Algorithm: sha256WithRSAEncryption
64:b6:07:53:5b:d9:32:15:98:13:44:20:66:35:a1:36:2f:33:
0b:f3:d4:54:d5:16:da:ad:64:f1:d5:b6:91:db:97:2d:e6:93:
46:45:73:9f:f6:a1:a4:e8:23:8a:c4:94:9e:b3:5b:50:aa:cd:
1b:ee:62:ea:35:a9:ed:e7:7a:59:a5:04:7a:18:3e:03:00:83:
57:fe:62:ed:ac:a2:5e:36:ea:0c:a3:4e:7f:03:5f:2e:f5:84:
a6:ce:94:b7:6b:a2:70:d7:35:c1:93:09:77:c5:5b:07:41:d7:
7f:e1:72:d1:d7:d6:dd:be:e3:ba:05:54:4a:a2:bf:3e:6b:e7:
51:fd:83:02:7e:f0:73:a2:ff:4d:cb:88:21:73:00:bc:e6:30:
dd:a7:2a:9f:73:3a:9f:b8:17:05:b8:35:e8:a1:07:31:f3:a7:
c1:f6:80:c9:d7:a5:e7:59:6a:5f:a5:fb:a8:12:d3:0f:b1:1e:
00:8a:2d:2f:a0:19:2c:7d:ea:3e:ed:1d:8a:f9:2d:5c:a2:9d:
0f:ba:30:fa:67:6e:79:6a:d0:5f:ed:71:02:3b:75:6c:26:d9:
de:85:a0:ed:43:b6:7c:f2:7a:af:7c:d4:b0:fe:2b:a0:9a:fb:
97:4d:cb:15:80:df:40:39:2c:64:cc:ed:55:1e:8e:df:a8:aa:
50:b4:76:ef
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYlblOM0VT2wAKTSYImLnzW5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5M2FjNmNkMjI0MDI0OWJiYTYwMTcxZjA4NmU5MTAxY2M4
N2NhMjQwHhcNMjMwNzE1MjIwMzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmQxN2VkYWNmYmVjYzg5MjFkZjUwOTljYzUyZTFjNWRiMTVjZjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyDgPsXc6Weya1zMBfWndUlGdOLQ
sm4UL6vvVq0wj4TQTr1qUcAMEz/X6hR51WolThxy/5uTCiMD26yK4oTzA/WYgmJn
7WCGIza6ka+cKjPTdmHeWqBFfSwB2B3oZVjDLxWwb2PFfi9A0YM/ocKAFhj4cBDV
EJkXVov/eEcIxo88+cxIUdit4ZquBr2j6uenjDApCbUaLlpYu8+5bqIUIKxroW1G
zbnem6dBi+MmZtWqtRFfbWplveFOMiw5WZPGdWNR1H+R9HoTaiLoi044U4mL/bt5
cGbl5BqjnoodfmHzrpgY1QUoFZq+5m6kUVulJqE4h9pTPmveOjtx0+ZegQIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFL/RftrPvsyJId9QmcxS4cXbFc8oMB8GA1UdIwQY
MBaAFPk6xs0iQCSbumAXHwhukQHMh8okMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Uckd6U0pBSkp1NllCY2ZDRzZSQWN5SHlpUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNl
LWY3NTJkODE2MDVmYi8xL3Y5Ri0ycy0teklraDMxQ1p6RkxoeGRzVnp5Zy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNlLWY3NTJkODE2MDVm
Yi8xLzEtVHJHelNKQUpKdTZZQmNmQ0c2UkFjeUh5aVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgZ0GCCsGAQUFBwEHAQH/BIGNMIGKMDgEAgABMDIDBAEC
OAgDBAAFt0wDBAAtDnEDBACTvYAwDAMEAJO9gwMEAJO9hAMEAZO9hgMEALBv2TBO
BAIAAjBIAwcAKg4MgAADAwcAKg4MgAMjAwcAKg4MgAQDAwcAKg4MgAdDAwcAKg+Z
gAAGAwcAKg+ZgAGVAwcAKg+ZgAWYAwcAKg+ZgAk2MA0GCSqGSIb3DQEBCwUAA4IB
AQBktgdTW9kyFZgTRCBmNaE2LzML89RU1RbarWTx1baR25ct5pNGRXOf9qGk6COK
xJSes1tQqs0b7mLqNant53pZpQR6GD4DAINX/mLtrKJeNuoMo05/A18u9YSmzpS3
a6Jw1zXBkwl3xVsHQdd/4XLR19bdvuO6BVRKor8+a+dR/YMCfvBzov9Ny4ghcwC8
5jDdpyqfczqfuBcFuDXooQcx86fB9oDJ16XnWWpfpfuoEtMPsR4Aii0voBksfeo+
7R2K+S1cop0PujD6Z255atBf7XECO3VsJtnehaDtQ7Z88nqvfNSw/iugmvuXTcsV
gN9AOSxkzO1VHo7fqKpQtHbv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:08 2024 by rpki-client on console-ams.rpki-client.org