Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/NfMg2Hx7eBgNTxUyX1pAzp0jL-w.roa
File: NfMg2Hx7eBgNTxUyX1pAzp0jL-w.roa (raw, json)
Hash identifier: 4JRJ2hJYY46aeeoldpNttELgTnIkP0tMfoZKSuTHWlI=
Subject key identifier: 35:F3:20:D8:7C:7B:78:18:0D:4F:15:32:5F:5A:40:CE:9D:23:2F:EC
Certificate issuer: /CN=9783a5487b35c1d1e1f157c191312b3df4bc17ab
Certificate serial: 01931680D26757938E962B723BD813A654D9
Authority key identifier: 97:83:A5:48:7B:35:C1:D1:E1:F1:57:C1:91:31:2B:3D:F4:BC:17:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l4OlSHs1wdHh8VfBkTErPfS8F6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/NfMg2Hx7eBgNTxUyX1pAzp0jL-w.roa
Signing time: Sun 10 Nov 2024 14:36:01 +0000
ROA not before: Sun 10 Nov 2024 14:36:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 4601
IP address blocks: 147.189.216.0/21 maxlen: 21
193.5.16.0/22 maxlen: 22
193.5.19.0/24 maxlen: 24
2a0d:3dc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 11 Nov 2024 22:52:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:16:80:d2:67:57:93:8e:96:2b:72:3b:d8:13:a6:54:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9783a5487b35c1d1e1f157c191312b3df4bc17ab
Validity
Not Before: Nov 10 14:36:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35f320d87c7b78180d4f15325f5a40ce9d232fec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:cf:4b:7f:90:b7:6c:de:38:f5:84:c3:f9:c9:
4c:1b:f4:e8:cb:b2:a1:9f:c5:2a:14:9a:6e:f5:52:
4b:97:42:54:8c:d1:aa:23:49:5d:fa:a9:33:e5:e5:
e3:ab:ef:a6:f5:97:2e:f7:f7:ea:4b:c2:75:47:2a:
a0:03:2a:0f:15:a2:d0:a9:a1:a2:da:7d:7b:fb:49:
28:f6:67:21:04:24:e0:cf:3c:2f:59:0b:1d:6e:b8:
d6:d0:d1:3a:85:8b:01:db:f7:15:cf:e7:0f:c4:e7:
aa:0a:42:47:f2:48:c6:7c:cd:7b:54:c9:2d:5a:85:
b2:c1:44:a6:91:af:8e:b2:95:cf:69:bc:b1:57:9b:
1d:36:76:69:56:e3:3f:1e:ac:69:1c:98:fb:de:de:
8f:5e:94:44:b6:dd:c0:fe:43:24:d8:ab:c0:72:46:
73:7d:aa:d6:a3:c8:b3:7c:c6:5f:b0:c8:b4:c2:63:
e5:b0:e9:86:fe:b1:eb:a0:e3:1f:3f:13:d7:32:b1:
07:67:cc:10:ac:4d:93:1f:ee:5f:03:33:d6:f1:e6:
f0:0c:14:17:ee:e2:73:f5:ff:d7:19:f3:d8:2f:e4:
60:7f:97:2d:7a:98:7f:52:68:f1:c9:52:0c:1b:35:
4a:c4:de:40:a3:99:6a:50:7d:4c:5b:f9:dd:66:bc:
ed:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:F3:20:D8:7C:7B:78:18:0D:4F:15:32:5F:5A:40:CE:9D:23:2F:EC
X509v3 Authority Key Identifier:
keyid:97:83:A5:48:7B:35:C1:D1:E1:F1:57:C1:91:31:2B:3D:F4:BC:17:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l4OlSHs1wdHh8VfBkTErPfS8F6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/NfMg2Hx7eBgNTxUyX1pAzp0jL-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/l4OlSHs1wdHh8VfBkTErPfS8F6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.216.0/21
193.5.16.0/22
IPv6:
2a0d:3dc0::/29
Signature Algorithm: sha256WithRSAEncryption
87:ce:5c:8c:fd:22:dc:97:0f:b6:9e:62:92:c3:8a:3e:ea:40:
84:c8:c3:87:5c:c5:b9:81:48:f2:b1:10:ae:4c:41:e9:e9:e2:
9f:78:0d:73:40:ff:a2:a0:50:58:dd:c3:bb:33:84:c0:e6:3e:
ff:60:74:cd:2f:b4:75:75:5b:a5:e9:4a:dc:a4:c0:bd:c4:42:
1c:4c:ff:61:bb:d6:80:67:28:29:53:61:88:38:58:92:7e:99:
24:80:91:1a:14:e9:00:db:af:26:d0:56:75:58:ab:30:97:77:
5e:1e:01:c8:d0:84:8b:6b:f1:c8:f2:9f:3f:b9:b0:a5:db:77:
c8:1d:88:b3:f7:2c:fd:a1:03:62:ad:df:7e:29:ce:f4:c0:bd:
fe:6f:af:b8:27:c4:8f:19:13:a7:ee:2e:39:85:8e:21:3e:eb:
73:c4:e2:7d:20:4d:bc:8e:27:48:c9:36:24:34:d7:24:c6:71:
c8:ed:10:ce:1d:9a:1d:ea:7f:01:b4:b2:b6:b5:20:63:a5:2c:
c2:ed:ac:28:3f:49:43:8d:b7:59:96:bf:67:f2:d5:e0:ad:a7:
b5:76:a6:1f:66:b1:97:e3:b6:e8:ba:62:5e:1f:5e:82:89:49:
8e:2e:cb:b0:bf:b8:44:0a:20:8f:62:07:ba:a0:20:74:1c:dc:
85:d5:a7:8f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZMWgNJnV5OOlityO9gTplTZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ODNhNTQ4N2IzNWMxZDFlMWYxNTdjMTkxMzEyYjNkZjRi
YzE3YWIwHhcNMjQxMTEwMTQzNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWYzMjBkODdjN2I3ODE4MGQ0ZjE1MzI1ZjVhNDBjZTlkMjMyZmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqs9Lf5C3bN449YTD+clMG/Toy7Kh
n8UqFJpu9VJLl0JUjNGqI0ld+qkz5eXjq++m9Zcu9/fqS8J1RyqgAyoPFaLQqaGi
2n17+0ko9mchBCTgzzwvWQsdbrjW0NE6hYsB2/cVz+cPxOeqCkJH8kjGfM17VMkt
WoWywUSmka+OspXPabyxV5sdNnZpVuM/HqxpHJj73t6PXpREtt3A/kMk2KvAckZz
farWo8izfMZfsMi0wmPlsOmG/rHroOMfPxPXMrEHZ8wQrE2TH+5fAzPW8ebwDBQX
7uJz9f/XGfPYL+Rgf5cteph/UmjxyVIMGzVKxN5Ao5lqUH1MW/ndZrztLQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDXzINh8e3gYDU8VMl9aQM6dIy/sMB8GA1UdIwQY
MBaAFJeDpUh7NcHR4fFXwZExKz30vBerMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDRPbFNIczF3ZEhoOFZmQmtURXJQZlM4RjZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mMjIxMzEtYTBmZi00ZjI3LThkZmEt
NjkxNTJlOWEwOGMzLzEvTmZNZzJIeDdlQmdOVHhVeVgxcEF6cDBqTC13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mMjIxMzEtYTBmZi00ZjI3LThkZmEtNjkxNTJlOWEwOGMz
LzEvbDRPbFNIczF3ZEhoOFZmQmtURXJQZlM4RjZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDk73YAwQC
wQUQMA0EAgACMAcDBQMqDT3AMA0GCSqGSIb3DQEBCwUAA4IBAQCHzlyM/SLclw+2
nmKSw4o+6kCEyMOHXMW5gUjysRCuTEHp6eKfeA1zQP+ioFBY3cO7M4TA5j7/YHTN
L7R1dVul6UrcpMC9xEIcTP9hu9aAZygpU2GIOFiSfpkkgJEaFOkA268m0FZ1WKsw
l3deHgHI0ISLa/HI8p8/ubCl23fIHYiz9yz9oQNird9+Kc70wL3+b6+4J8SPGROn
7i45hY4hPutzxOJ9IE28jidIyTYkNNckxnHI7RDOHZod6n8BtLK2tSBjpSzC7awo
P0lDjbdZlr9n8tXgrae1dqYfZrGX47boumJeH16CiUmOLsuwv7hECiCPYge6oCB0
HNyF1aeP
-----END CERTIFICATE-----
Generated at Tue Nov 12 03:32:55 2024 by rpki-client on console-ams.rpki-client.org