Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/QM5pBoaK6hUlmcKN4hoMBpcAgWk.roa
File: QM5pBoaK6hUlmcKN4hoMBpcAgWk.roa (raw, json)
Hash identifier: JkjoDAfXc7KI8WQZhESIYgF7U21aG+erKGbD1tUETNs=
Subject key identifier: 40:CE:69:06:86:8A:EA:15:25:99:C2:8D:E2:1A:0C:06:97:00:81:69
Certificate issuer: /CN=9783a5487b35c1d1e1f157c191312b3df4bc17ab
Certificate serial: 0192B913D2CD52411FD8BED6E7B072F445F5
Authority key identifier: 97:83:A5:48:7B:35:C1:D1:E1:F1:57:C1:91:31:2B:3D:F4:BC:17:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l4OlSHs1wdHh8VfBkTErPfS8F6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/QM5pBoaK6hUlmcKN4hoMBpcAgWk.roa
Signing time: Wed 23 Oct 2024 11:12:17 +0000
ROA not before: Wed 23 Oct 2024 11:12:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210312
IP address blocks: 147.189.216.0/21 maxlen: 21
147.189.216.0/24 maxlen: 24
193.5.16.0/22 maxlen: 22
2a0d:3dc0::/29 maxlen: 29
2a0d:3dc2::/32 maxlen: 48
Validation: Failed, certificate revoked on Sun 10 Nov 2024 14:36:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b9:13:d2:cd:52:41:1f:d8:be:d6:e7:b0:72:f4:45:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9783a5487b35c1d1e1f157c191312b3df4bc17ab
Validity
Not Before: Oct 23 11:12:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40ce6906868aea152599c28de21a0c0697008169
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:de:9c:75:f7:92:97:a7:1c:a6:d1:a1:54:4a:
b3:b1:4e:c1:87:20:99:4a:b5:22:12:d8:a0:c7:56:
83:39:83:1d:d8:02:47:b7:1d:bf:ed:a5:12:18:3b:
81:39:b6:39:e1:c4:6a:92:06:41:cc:41:0e:ac:ef:
a0:b7:85:91:75:23:a2:20:e6:6d:5b:3a:03:fb:59:
f5:7a:5b:19:ad:ca:c0:6c:bb:c6:55:d3:bb:e7:55:
43:f8:5d:ab:5e:19:d2:ae:d7:68:ad:47:53:eb:13:
73:cd:a2:60:88:ff:18:7d:03:00:9a:ad:ad:0f:6a:
ac:8f:9c:e7:4d:47:91:55:61:59:5f:6d:80:c1:60:
8d:d2:d2:f4:04:61:53:d5:6d:a7:b1:91:98:ad:20:
65:ac:97:9f:14:4c:1e:55:ee:5d:01:fc:01:ef:e9:
ef:a8:fd:e1:42:8e:69:1d:55:d8:1f:04:90:c8:ac:
6e:83:e3:c3:4b:c2:89:3c:6b:ee:2d:74:ec:06:95:
1f:4b:ff:b7:f3:90:cd:2f:19:50:cc:f9:2f:32:68:
eb:cc:42:99:fb:14:90:d7:83:ae:04:2b:8e:dc:ab:
5b:f7:c8:b2:e5:8f:fa:08:ac:61:72:05:86:cd:af:
78:78:be:26:9c:a1:3f:03:d6:c5:6e:bf:b2:6a:b3:
c2:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:CE:69:06:86:8A:EA:15:25:99:C2:8D:E2:1A:0C:06:97:00:81:69
X509v3 Authority Key Identifier:
keyid:97:83:A5:48:7B:35:C1:D1:E1:F1:57:C1:91:31:2B:3D:F4:BC:17:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l4OlSHs1wdHh8VfBkTErPfS8F6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/QM5pBoaK6hUlmcKN4hoMBpcAgWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/l4OlSHs1wdHh8VfBkTErPfS8F6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.216.0/21
193.5.16.0/22
IPv6:
2a0d:3dc0::/29
Signature Algorithm: sha256WithRSAEncryption
24:d3:0a:8a:ad:25:61:86:41:1a:df:8d:69:1d:e8:2b:50:b0:
18:06:8c:df:55:60:41:1e:0a:e1:dc:77:36:5a:bc:97:39:c9:
2f:81:c9:33:b7:54:b8:a2:9a:5d:4c:9b:ea:77:06:57:fb:ab:
51:a4:0e:2f:a8:3e:f4:7c:66:d5:4e:d6:9f:a1:02:4a:43:0f:
2f:69:8d:a1:97:8b:69:1f:b2:15:ef:70:89:84:37:d2:ba:bd:
2b:dc:5a:f3:4d:df:b3:e2:cd:cf:36:2c:34:b7:d1:46:e1:ae:
c0:89:ca:5d:bd:51:db:cb:53:0d:be:ed:0e:59:b2:e6:ae:b3:
01:e9:88:cb:3d:2e:4f:ae:48:40:39:58:ff:7f:4e:f5:88:a5:
1d:e2:19:3d:b3:d5:e9:b1:9b:48:a2:64:eb:92:dc:93:08:16:
b7:0d:b5:9a:b6:44:b5:e9:39:52:42:be:85:c4:d1:80:e9:7f:
91:79:e8:b8:a6:32:e7:67:e5:22:c9:35:26:6a:ae:ae:80:63:
e8:fd:5b:f5:73:c3:3e:82:30:37:29:16:47:62:72:0c:be:6e:
35:ea:15:89:7d:e1:43:52:3b:ee:57:3f:75:4d:11:b4:b2:63:
7f:18:4e:50:ac:cc:f2:2c:86:38:7c:a4:d0:50:1e:62:80:c3:
07:1f:69:dc
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZK5E9LNUkEf2L7W57By9EX1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ODNhNTQ4N2IzNWMxZDFlMWYxNTdjMTkxMzEyYjNkZjRi
YzE3YWIwHhcNMjQxMDIzMTExMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGNlNjkwNjg2OGFlYTE1MjU5OWMyOGRlMjFhMGMwNjk3MDA4MTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAut6cdfeSl6ccptGhVEqzsU7BhyCZ
SrUiEtigx1aDOYMd2AJHtx2/7aUSGDuBObY54cRqkgZBzEEOrO+gt4WRdSOiIOZt
WzoD+1n1elsZrcrAbLvGVdO751VD+F2rXhnSrtdorUdT6xNzzaJgiP8YfQMAmq2t
D2qsj5znTUeRVWFZX22AwWCN0tL0BGFT1W2nsZGYrSBlrJefFEweVe5dAfwB7+nv
qP3hQo5pHVXYHwSQyKxug+PDS8KJPGvuLXTsBpUfS/+385DNLxlQzPkvMmjrzEKZ
+xSQ14OuBCuO3Ktb98iy5Y/6CKxhcgWGza94eL4mnKE/A9bFbr+yarPCpwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEDOaQaGiuoVJZnCjeIaDAaXAIFpMB8GA1UdIwQY
MBaAFJeDpUh7NcHR4fFXwZExKz30vBerMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDRPbFNIczF3ZEhoOFZmQmtURXJQZlM4RjZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mMjIxMzEtYTBmZi00ZjI3LThkZmEt
NjkxNTJlOWEwOGMzLzEvUU01cEJvYUs2aFVsbWNLTjRob01CcGNBZ1drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mMjIxMzEtYTBmZi00ZjI3LThkZmEtNjkxNTJlOWEwOGMz
LzEvbDRPbFNIczF3ZEhoOFZmQmtURXJQZlM4RjZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDk73YAwQC
wQUQMA0EAgACMAcDBQMqDT3AMA0GCSqGSIb3DQEBCwUAA4IBAQAk0wqKrSVhhkEa
341pHegrULAYBozfVWBBHgrh3Hc2WryXOckvgckzt1S4oppdTJvqdwZX+6tRpA4v
qD70fGbVTtafoQJKQw8vaY2hl4tpH7IV73CJhDfSur0r3FrzTd+z4s3PNiw0t9FG
4a7AicpdvVHby1MNvu0OWbLmrrMB6YjLPS5PrkhAOVj/f071iKUd4hk9s9XpsZtI
omTrktyTCBa3DbWatkS16TlSQr6FxNGA6X+Reei4pjLnZ+UiyTUmaq6ugGPo/Vv1
c8M+gjA3KRZHYnIMvm416hWJfeFDUjvuVz91TRG0smN/GE5QrMzyLIY4fKTQUB5i
gMMHH2nc
Generated at Sun Nov 10 17:38:59 2024 by rpki-client on console-ams.rpki-client.org