Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/OOuB0UeUhuCp1DSFwS_nssDyeoo.roa
File: OOuB0UeUhuCp1DSFwS_nssDyeoo.roa (raw, json)
Hash identifier: au5JQjInzsbVHilLrMvc5LEdH/Qsl5/S4/9ZRzJ/zIs=
Subject key identifier: 38:EB:81:D1:47:94:86:E0:A9:D4:34:85:C1:2F:E7:B2:C0:F2:7A:8A
Certificate issuer: /CN=9783a5487b35c1d1e1f157c191312b3df4bc17ab
Certificate serial: 01931D6D6B24050208D5BE5464891AA43C11
Authority key identifier: 97:83:A5:48:7B:35:C1:D1:E1:F1:57:C1:91:31:2B:3D:F4:BC:17:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l4OlSHs1wdHh8VfBkTErPfS8F6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/OOuB0UeUhuCp1DSFwS_nssDyeoo.roa
Signing time: Mon 11 Nov 2024 22:52:10 +0000
ROA not before: Mon 11 Nov 2024 22:52:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210312
IP address blocks: 147.189.216.0/21 maxlen: 21
147.189.216.0/24 maxlen: 24
193.5.16.0/22 maxlen: 22
2a0d:3dc0::/29 maxlen: 29
2a0d:3dc2::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 12 Nov 2024 12:37:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1d:6d:6b:24:05:02:08:d5:be:54:64:89:1a:a4:3c:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9783a5487b35c1d1e1f157c191312b3df4bc17ab
Validity
Not Before: Nov 11 22:52:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38eb81d1479486e0a9d43485c12fe7b2c0f27a8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:14:d3:d5:ae:e8:aa:f8:d0:5d:2a:8c:23:47:
6d:ac:90:4f:43:08:f6:e1:b7:cc:d5:80:7b:f6:6e:
a9:e5:aa:a2:75:da:66:f8:21:81:58:2a:b6:f9:42:
ef:88:3c:87:47:38:8a:15:24:9c:5c:38:63:5c:a8:
f6:30:cb:cf:38:84:34:49:c7:9e:e6:7f:c6:f0:b8:
10:78:f3:cb:e6:b4:32:80:73:6e:b6:79:95:bb:0f:
99:a2:65:3c:78:50:b4:dd:12:19:69:8b:ea:13:24:
0c:99:1a:98:4f:5f:d5:bc:89:bb:d9:2a:88:00:43:
18:51:0d:22:47:28:30:cd:32:9b:4c:51:fc:81:75:
77:e5:73:0e:e2:46:2b:b1:d3:90:28:ad:7f:bc:6c:
a2:96:03:5d:4d:1c:f5:55:15:ff:26:d7:f4:03:ad:
88:04:92:30:a3:7a:7e:10:50:5a:8d:76:7c:14:f1:
fc:24:d5:5a:54:20:c1:ad:34:f8:82:d9:76:88:6f:
5d:36:13:31:a8:ce:fb:a5:27:ae:f0:ec:97:35:e4:
bf:c4:7e:f2:84:b6:77:52:66:f3:04:d5:6f:7d:36:
28:0c:13:4f:27:08:a9:57:35:29:7d:49:94:ae:88:
f4:2a:84:6c:7b:78:b7:de:66:33:bf:47:28:07:ac:
56:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:EB:81:D1:47:94:86:E0:A9:D4:34:85:C1:2F:E7:B2:C0:F2:7A:8A
X509v3 Authority Key Identifier:
keyid:97:83:A5:48:7B:35:C1:D1:E1:F1:57:C1:91:31:2B:3D:F4:BC:17:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l4OlSHs1wdHh8VfBkTErPfS8F6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/OOuB0UeUhuCp1DSFwS_nssDyeoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/l4OlSHs1wdHh8VfBkTErPfS8F6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.216.0/21
193.5.16.0/22
IPv6:
2a0d:3dc0::/29
Signature Algorithm: sha256WithRSAEncryption
84:62:26:f2:44:da:38:9f:a3:73:03:87:4f:b4:cf:17:fb:45:
ab:3d:f0:ad:8e:be:c4:bb:cc:14:9e:d2:af:10:50:ef:58:c7:
46:79:b1:af:e5:45:64:d8:5f:90:50:63:01:4a:2e:10:43:d5:
68:aa:8a:f7:43:26:18:ae:29:2a:d7:3c:51:30:4c:f0:30:a0:
1c:da:35:3d:e2:11:f9:8b:79:89:2e:f2:25:70:2c:2d:e1:d5:
7f:75:a9:c4:fa:b6:35:b0:7a:63:8e:53:cf:84:4d:d9:e7:66:
e1:f0:a0:7a:59:9f:2d:19:f5:86:29:d2:f2:e3:c7:27:f9:ff:
ea:1b:56:94:f4:41:fc:5d:ce:be:01:1e:6a:bf:47:d6:cf:e5:
14:cf:b9:d2:48:47:f2:cd:6d:26:52:ce:66:8c:a4:0a:a2:57:
73:e6:15:36:84:4d:5f:47:7e:87:12:27:63:7c:e1:f8:9b:11:
22:97:17:df:66:72:9b:9e:ba:ad:c5:67:4e:40:1a:8d:f5:e8:
a4:16:a5:e1:0d:03:65:35:d7:8b:b2:d6:a0:78:05:f1:16:9c:
50:8b:87:bb:45:84:cf:d6:4c:3d:48:73:07:e6:36:c0:a0:be:
ee:15:e3:6a:68:03:90:45:44:94:9d:97:69:40:d4:ca:87:e9:
09:db:d9:d4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZMdbWskBQII1b5UZIkapDwRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ODNhNTQ4N2IzNWMxZDFlMWYxNTdjMTkxMzEyYjNkZjRi
YzE3YWIwHhcNMjQxMTExMjI1MjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGViODFkMTQ3OTQ4NmUwYTlkNDM0ODVjMTJmZTdiMmMwZjI3YThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRTT1a7oqvjQXSqMI0dtrJBPQwj2
4bfM1YB79m6p5aqiddpm+CGBWCq2+ULviDyHRziKFSScXDhjXKj2MMvPOIQ0Scee
5n/G8LgQePPL5rQygHNutnmVuw+ZomU8eFC03RIZaYvqEyQMmRqYT1/VvIm72SqI
AEMYUQ0iRygwzTKbTFH8gXV35XMO4kYrsdOQKK1/vGyilgNdTRz1VRX/Jtf0A62I
BJIwo3p+EFBajXZ8FPH8JNVaVCDBrTT4gtl2iG9dNhMxqM77pSeu8OyXNeS/xH7y
hLZ3UmbzBNVvfTYoDBNPJwipVzUpfUmUroj0KoRse3i33mYzv0coB6xWbwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDjrgdFHlIbgqdQ0hcEv57LA8nqKMB8GA1UdIwQY
MBaAFJeDpUh7NcHR4fFXwZExKz30vBerMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDRPbFNIczF3ZEhoOFZmQmtURXJQZlM4RjZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mMjIxMzEtYTBmZi00ZjI3LThkZmEt
NjkxNTJlOWEwOGMzLzEvT091QjBVZVVodUNwMURTRndTX25zc0R5ZW9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mMjIxMzEtYTBmZi00ZjI3LThkZmEtNjkxNTJlOWEwOGMz
LzEvbDRPbFNIczF3ZEhoOFZmQmtURXJQZlM4RjZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDk73YAwQC
wQUQMA0EAgACMAcDBQMqDT3AMA0GCSqGSIb3DQEBCwUAA4IBAQCEYibyRNo4n6Nz
A4dPtM8X+0WrPfCtjr7Eu8wUntKvEFDvWMdGebGv5UVk2F+QUGMBSi4QQ9Voqor3
QyYYrikq1zxRMEzwMKAc2jU94hH5i3mJLvIlcCwt4dV/danE+rY1sHpjjlPPhE3Z
52bh8KB6WZ8tGfWGKdLy48cn+f/qG1aU9EH8Xc6+AR5qv0fWz+UUz7nSSEfyzW0m
Us5mjKQKoldz5hU2hE1fR36HEidjfOH4mxEilxffZnKbnrqtxWdOQBqN9eikFqXh
DQNlNdeLstageAXxFpxQi4e7RYTP1kw9SHMH5jbAoL7uFeNqaAOQRUSUnZdpQNTK
h+kJ29nU
-----END CERTIFICATE-----
Generated at Tue Nov 12 16:12:38 2024 by rpki-client on console-fra.rpki-client.org