Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/GWP7PAPvH-fdGoYtWSoFghLxF5I.roa
File: GWP7PAPvH-fdGoYtWSoFghLxF5I.roa (raw, json)
Hash identifier: l6if6rYyhk+km/9NkhFhuGauGV/ag4pHWX9XaJHG+r8=
Subject key identifier: 19:63:FB:3C:03:EF:1F:E7:DD:1A:86:2D:59:2A:05:82:12:F1:17:92
Certificate issuer: /CN=9783a5487b35c1d1e1f157c191312b3df4bc17ab
Certificate serial: 018A64A14FC63B31E39CFA6665A35D921FCE
Authority key identifier: 97:83:A5:48:7B:35:C1:D1:E1:F1:57:C1:91:31:2B:3D:F4:BC:17:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l4OlSHs1wdHh8VfBkTErPfS8F6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/GWP7PAPvH-fdGoYtWSoFghLxF5I.roa
Signing time: Tue 05 Sep 2023 09:16:47 +0000
ROA not before: Tue 05 Sep 2023 09:16:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210312
IP address blocks: 147.189.216.0/21 maxlen: 21
193.5.17.0/24 maxlen: 24
193.5.16.0/22 maxlen: 22
2a0d:3dc1::/32 maxlen: 48
2a0d:3dc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 05 Sep 2023 10:24:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:64:a1:4f:c6:3b:31:e3:9c:fa:66:65:a3:5d:92:1f:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9783a5487b35c1d1e1f157c191312b3df4bc17ab
Validity
Not Before: Sep 5 09:16:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1963fb3c03ef1fe7dd1a862d592a058212f11792
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:dc:48:86:37:4d:b9:b8:3b:aa:25:5e:c6:05:
2b:8a:6c:e9:50:aa:9a:b9:28:47:6c:4d:53:b4:75:
f0:d9:92:d0:62:85:4b:fa:70:b7:68:32:1a:01:4c:
8b:9a:60:12:11:60:2b:3c:64:bb:b9:1d:f1:2c:9e:
d9:2e:62:55:f4:9b:96:2a:52:76:fb:17:d2:12:1e:
95:72:66:b2:a3:de:58:56:a5:e0:3e:f6:1a:53:78:
7e:4f:72:a6:39:70:d6:9f:21:29:5c:4d:c1:f8:f1:
7b:c1:63:ed:0f:9f:15:08:7a:08:4a:5f:2b:21:77:
a6:73:59:39:f1:08:49:fc:4d:be:46:d9:1c:3e:2f:
55:44:a8:6a:60:4c:9d:5d:f0:9b:33:1d:e4:a5:b9:
70:ed:7e:a6:8a:ce:77:67:6f:58:61:94:93:30:e0:
d0:d5:26:36:20:a1:cb:ec:0a:c5:bf:b4:c5:c0:dd:
05:e4:4c:8f:89:56:73:7b:20:97:1b:b4:45:2e:40:
a5:69:d0:0a:1d:d8:6a:c3:80:2d:7b:18:83:35:7a:
48:86:d9:d4:f3:04:fe:65:ed:8d:08:e0:35:a1:3d:
17:0f:57:24:36:19:94:be:86:b4:42:fe:74:a1:71:
99:15:33:ff:66:85:e8:2a:be:55:57:11:0f:48:ef:
31:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:63:FB:3C:03:EF:1F:E7:DD:1A:86:2D:59:2A:05:82:12:F1:17:92
X509v3 Authority Key Identifier:
keyid:97:83:A5:48:7B:35:C1:D1:E1:F1:57:C1:91:31:2B:3D:F4:BC:17:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l4OlSHs1wdHh8VfBkTErPfS8F6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/GWP7PAPvH-fdGoYtWSoFghLxF5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/l4OlSHs1wdHh8VfBkTErPfS8F6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.216.0/21
193.5.16.0/22
IPv6:
2a0d:3dc0::/29
Signature Algorithm: sha256WithRSAEncryption
5a:4b:1a:0c:1d:dc:39:9a:13:ee:8f:25:c1:3f:44:06:13:bc:
ec:9e:4d:a2:69:b6:24:bc:06:09:bf:ff:d8:af:6c:bf:6a:23:
22:7c:14:e8:7c:80:1b:1f:2b:8c:af:a9:e1:4d:18:58:b8:87:
e7:f8:8a:01:2a:b4:d3:11:c3:09:40:4c:6a:ae:53:18:78:7b:
cd:4a:32:38:f9:ca:67:9e:7f:2e:6b:70:a9:3e:bd:90:09:ab:
c0:1a:b3:40:82:c3:da:f4:38:28:e6:53:69:98:42:0a:0c:39:
ce:9b:32:a4:3e:d7:13:ad:b5:27:70:46:60:91:2c:e9:c7:51:
f3:e0:26:55:8f:80:ed:21:a4:43:71:4d:b9:90:eb:67:e0:15:
97:c0:6d:87:92:45:5a:91:0b:34:c9:f7:fe:8c:06:50:37:58:
5e:8c:5a:66:09:ca:ec:55:f1:9f:ed:b3:5c:d8:5e:29:be:1c:
a5:67:78:b0:ec:79:22:1f:f7:4c:d3:f1:97:cd:5c:b6:2c:cf:
68:8a:48:88:3a:02:49:e5:8f:81:91:c8:dc:8f:83:7c:0a:05:
8b:88:43:aa:8d:ff:ca:5a:1d:10:a2:8f:98:e1:28:7f:9b:b7:
fc:be:20:5a:6b:3d:6a:6a:c4:6b:fa:45:ec:4f:6d:b1:6a:99:
29:01:d6:f3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYpkoU/GOzHjnPpmZaNdkh/OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ODNhNTQ4N2IzNWMxZDFlMWYxNTdjMTkxMzEyYjNkZjRi
YzE3YWIwHhcNMjMwOTA1MDkxNjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTYzZmIzYzAzZWYxZmU3ZGQxYTg2MmQ1OTJhMDU4MjEyZjExNzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNxIhjdNubg7qiVexgUrimzpUKqa
uShHbE1TtHXw2ZLQYoVL+nC3aDIaAUyLmmASEWArPGS7uR3xLJ7ZLmJV9JuWKlJ2
+xfSEh6Vcmayo95YVqXgPvYaU3h+T3KmOXDWnyEpXE3B+PF7wWPtD58VCHoISl8r
IXemc1k58QhJ/E2+RtkcPi9VRKhqYEydXfCbMx3kpblw7X6mis53Z29YYZSTMODQ
1SY2IKHL7ArFv7TFwN0F5EyPiVZzeyCXG7RFLkCladAKHdhqw4AtexiDNXpIhtnU
8wT+Ze2NCOA1oT0XD1ckNhmUvoa0Qv50oXGZFTP/ZoXoKr5VVxEPSO8xZwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBlj+zwD7x/n3RqGLVkqBYIS8ReSMB8GA1UdIwQY
MBaAFJeDpUh7NcHR4fFXwZExKz30vBerMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDRPbFNIczF3ZEhoOFZmQmtURXJQZlM4RjZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mMjIxMzEtYTBmZi00ZjI3LThkZmEt
NjkxNTJlOWEwOGMzLzEvR1dQN1BBUHZILWZkR29ZdFdTb0ZnaEx4RjVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mMjIxMzEtYTBmZi00ZjI3LThkZmEtNjkxNTJlOWEwOGMz
LzEvbDRPbFNIczF3ZEhoOFZmQmtURXJQZlM4RjZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDk73YAwQC
wQUQMA0EAgACMAcDBQMqDT3AMA0GCSqGSIb3DQEBCwUAA4IBAQBaSxoMHdw5mhPu
jyXBP0QGE7zsnk2iabYkvAYJv//Yr2y/aiMifBTofIAbHyuMr6nhTRhYuIfn+IoB
KrTTEcMJQExqrlMYeHvNSjI4+cpnnn8ua3CpPr2QCavAGrNAgsPa9Dgo5lNpmEIK
DDnOmzKkPtcTrbUncEZgkSzpx1Hz4CZVj4DtIaRDcU25kOtn4BWXwG2HkkVakQs0
yff+jAZQN1hejFpmCcrsVfGf7bNc2F4pvhylZ3iw7HkiH/dM0/GXzVy2LM9oikiI
OgJJ5Y+Bkcjcj4N8CgWLiEOqjf/KWh0Qoo+Y4Sh/m7f8viBaaz1qasRr+kXsT22x
apkpAdbz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:45 2024 by rpki-client on console-ams.rpki-client.org