Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/Fr9Q2bU3dAJRBRhkWs2lNtxf9ac.roa
File: Fr9Q2bU3dAJRBRhkWs2lNtxf9ac.roa (raw, json)
Hash identifier: hBAAzYGUHOMwhKvdqM4QHpYbWUdflyoWAqCV/diGXZE=
Subject key identifier: 16:BF:50:D9:B5:37:74:02:51:05:18:64:5A:CD:A5:36:DC:5F:F5:A7
Certificate issuer: /CN=9783a5487b35c1d1e1f157c191312b3df4bc17ab
Certificate serial: 01856CAEF17785C4CF5FF120CFE4035DFC64
Authority key identifier: 97:83:A5:48:7B:35:C1:D1:E1:F1:57:C1:91:31:2B:3D:F4:BC:17:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l4OlSHs1wdHh8VfBkTErPfS8F6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/Fr9Q2bU3dAJRBRhkWs2lNtxf9ac.roa
Signing time: Sun 01 Jan 2023 09:34:42 +0000
ROA not before: Sun 01 Jan 2023 09:34:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210312
IP address blocks: 147.189.216.0/21 maxlen: 21
193.5.16.0/22 maxlen: 22
2a0d:3dc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 05 Sep 2023 08:51:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ae:f1:77:85:c4:cf:5f:f1:20:cf:e4:03:5d:fc:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9783a5487b35c1d1e1f157c191312b3df4bc17ab
Validity
Not Before: Jan 1 09:34:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=16bf50d9b5377402510518645acda536dc5ff5a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:fd:25:22:8d:47:57:80:80:6e:e6:32:a9:c4:
fe:4e:c0:af:82:eb:81:e9:0a:3d:57:5f:07:7a:d0:
13:ed:22:f2:9d:49:12:0b:73:cd:10:5b:51:ce:0b:
e6:1a:55:c6:53:9e:09:92:4b:88:6d:36:a7:16:e3:
e1:3e:c8:89:51:56:f9:7b:d3:a2:28:1a:b5:7b:4f:
0d:74:01:1c:20:8d:d7:0a:c0:81:53:04:84:c6:1e:
ea:5d:8e:1a:0e:77:66:0f:3c:cb:be:6c:9b:55:11:
57:e1:00:1b:00:8b:fc:73:78:a8:39:88:61:34:07:
2a:01:ff:d8:25:2d:c9:74:86:33:29:64:bd:d4:4f:
cd:4a:1b:35:af:16:31:ea:06:0e:93:61:94:89:2b:
a5:07:a4:aa:a2:63:5f:cd:60:84:ed:50:5d:67:49:
96:e1:e4:63:c3:4c:c6:15:e4:3b:9b:b6:5c:6a:ff:
be:24:da:9b:10:d5:e5:64:38:c2:de:82:8a:1e:92:
1c:ca:40:c4:e7:03:d2:97:7f:15:56:35:56:66:32:
ec:94:25:8e:db:07:dd:5a:36:f0:5a:38:d6:85:2e:
0c:8a:e6:69:3a:97:1f:e5:90:78:2b:fc:e0:c7:cf:
73:4d:70:f7:d2:cd:fe:4b:f8:42:53:bf:21:5a:dd:
6e:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:BF:50:D9:B5:37:74:02:51:05:18:64:5A:CD:A5:36:DC:5F:F5:A7
X509v3 Authority Key Identifier:
keyid:97:83:A5:48:7B:35:C1:D1:E1:F1:57:C1:91:31:2B:3D:F4:BC:17:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l4OlSHs1wdHh8VfBkTErPfS8F6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/Fr9Q2bU3dAJRBRhkWs2lNtxf9ac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/l4OlSHs1wdHh8VfBkTErPfS8F6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.216.0/21
193.5.16.0/22
IPv6:
2a0d:3dc0::/29
Signature Algorithm: sha256WithRSAEncryption
63:08:c4:88:19:60:fb:9c:4c:1d:4c:42:e0:7b:b9:56:82:42:
a7:26:b9:a5:71:67:d1:dd:fe:a0:81:9c:99:bc:78:02:d6:b9:
cd:1c:22:1d:df:62:41:3f:22:04:87:c6:97:4a:ef:cd:c8:7f:
ec:c9:f0:ce:2b:3e:aa:08:52:43:08:6b:64:dc:93:c9:2b:e8:
3b:61:e2:46:d3:bf:ec:9a:3a:d4:fc:df:6b:98:16:f3:00:ea:
c0:4c:f5:68:81:0f:29:04:73:2e:7e:d7:98:a4:05:71:82:ec:
4e:c9:bc:0c:e1:51:f9:90:24:44:b9:6f:b2:53:21:e5:12:e6:
8c:12:3f:86:2a:d9:e2:2d:7c:14:a3:a3:93:ac:b5:7b:21:8d:
2c:60:3a:2d:c4:b4:f7:23:3d:02:82:af:19:22:36:54:d7:af:
56:4a:59:15:84:b6:ae:30:d8:dc:f1:53:e7:4f:a4:d4:72:a8:
30:ae:d7:15:75:c4:e4:53:60:00:85:c2:4d:0c:6d:db:77:46:
78:25:b1:bd:db:20:74:29:66:f1:37:85:2f:03:6c:a4:80:b6:
cc:34:10:95:e8:4f:b9:e2:46:8b:22:cf:bf:5f:ce:40:61:a1:
a3:39:0a:95:e8:70:9f:7c:37:85:f2:49:4f:87:49:a5:19:97:
f3:f6:97:3d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsrvF3hcTPX/Egz+QDXfxkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ODNhNTQ4N2IzNWMxZDFlMWYxNTdjMTkxMzEyYjNkZjRi
YzE3YWIwHhcNMjMwMTAxMDkzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmJmNTBkOWI1Mzc3NDAyNTEwNTE4NjQ1YWNkYTUzNmRjNWZmNWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzv0lIo1HV4CAbuYyqcT+TsCvguuB
6Qo9V18HetAT7SLynUkSC3PNEFtRzgvmGlXGU54JkkuIbTanFuPhPsiJUVb5e9Oi
KBq1e08NdAEcII3XCsCBUwSExh7qXY4aDndmDzzLvmybVRFX4QAbAIv8c3ioOYhh
NAcqAf/YJS3JdIYzKWS91E/NShs1rxYx6gYOk2GUiSulB6SqomNfzWCE7VBdZ0mW
4eRjw0zGFeQ7m7Zcav++JNqbENXlZDjC3oKKHpIcykDE5wPSl38VVjVWZjLslCWO
2wfdWjbwWjjWhS4MiuZpOpcf5ZB4K/zgx89zTXD30s3+S/hCU78hWt1uRQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBa/UNm1N3QCUQUYZFrNpTbcX/WnMB8GA1UdIwQY
MBaAFJeDpUh7NcHR4fFXwZExKz30vBerMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDRPbFNIczF3ZEhoOFZmQmtURXJQZlM4RjZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mMjIxMzEtYTBmZi00ZjI3LThkZmEt
NjkxNTJlOWEwOGMzLzEvRnI5UTJiVTNkQUpSQlJoa1dzMmxOdHhmOWFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mMjIxMzEtYTBmZi00ZjI3LThkZmEtNjkxNTJlOWEwOGMz
LzEvbDRPbFNIczF3ZEhoOFZmQmtURXJQZlM4RjZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDk73YAwQC
wQUQMA0EAgACMAcDBQMqDT3AMA0GCSqGSIb3DQEBCwUAA4IBAQBjCMSIGWD7nEwd
TELge7lWgkKnJrmlcWfR3f6ggZyZvHgC1rnNHCId32JBPyIEh8aXSu/NyH/syfDO
Kz6qCFJDCGtk3JPJK+g7YeJG07/smjrU/N9rmBbzAOrATPVogQ8pBHMufteYpAVx
guxOybwM4VH5kCREuW+yUyHlEuaMEj+GKtniLXwUo6OTrLV7IY0sYDotxLT3Iz0C
gq8ZIjZU169WSlkVhLauMNjc8VPnT6TUcqgwrtcVdcTkU2AAhcJNDG3bd0Z4JbG9
2yB0KWbxN4UvA2ykgLbMNBCV6E+54kaLIs+/X85AYaGjOQqV6HCffDeF8klPh0ml
GZfz9pc9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:45 2024 by rpki-client on console-ams.rpki-client.org