Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/QVHwARTBbP5-LNOCFX2pwRsbIHY.roa
File: QVHwARTBbP5-LNOCFX2pwRsbIHY.roa (raw, json)
Hash identifier: C0+5FYsvkynetH8XWChEgFa1eGocgkCJUyfv3V63B3M=
Subject key identifier: 41:51:F0:01:14:C1:6C:FE:7E:2C:D3:82:15:7D:A9:C1:1B:1B:20:76
Certificate issuer: /CN=9783a5487b35c1d1e1f157c191312b3df4bc17ab
Certificate serial: 01931680D2931332C02B238195E8FE29DCAF
Authority key identifier: 97:83:A5:48:7B:35:C1:D1:E1:F1:57:C1:91:31:2B:3D:F4:BC:17:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l4OlSHs1wdHh8VfBkTErPfS8F6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/QVHwARTBbP5-LNOCFX2pwRsbIHY.roa
Signing time: Sun 10 Nov 2024 14:36:01 +0000
ROA not before: Sun 10 Nov 2024 14:36:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210312
IP address blocks: 147.189.216.0/21 maxlen: 21
147.189.216.0/24 maxlen: 24
193.5.16.0/22 maxlen: 22
193.5.19.0/24 maxlen: 24
2a0d:3dc0::/29 maxlen: 29
2a0d:3dc2::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 11 Nov 2024 22:52:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:16:80:d2:93:13:32:c0:2b:23:81:95:e8:fe:29:dc:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9783a5487b35c1d1e1f157c191312b3df4bc17ab
Validity
Not Before: Nov 10 14:36:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4151f00114c16cfe7e2cd382157da9c11b1b2076
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:db:4c:b1:14:a9:cc:b0:c1:38:40:67:97:dd:
29:1e:62:2e:29:fc:2d:c7:1e:f2:37:6d:81:f2:97:
0d:2c:bb:06:d2:e5:06:ec:79:0b:29:64:7f:1d:18:
05:0b:e9:14:9e:e4:14:28:db:43:76:e1:af:36:c9:
7f:0f:2a:5f:f2:5d:d2:51:a6:4b:c3:54:e0:b5:86:
8d:4c:bd:75:fc:ff:1d:3f:11:6b:4f:7f:6d:b3:fd:
74:8c:8a:fc:08:de:40:f8:aa:75:4a:c1:f4:d3:d0:
6c:2d:f7:4b:43:86:46:27:62:c7:6d:89:23:e4:32:
4a:c0:2f:9f:3a:23:9c:21:74:50:c4:4c:2f:75:55:
d1:c7:66:a3:9f:04:75:97:d9:5a:d3:72:f5:2a:a5:
a5:b8:8f:4f:01:16:db:d8:ff:9e:48:28:11:3d:fe:
ea:cb:0f:b2:e7:ee:f9:dc:07:cc:5f:fa:65:80:ec:
bc:c5:59:df:d1:4b:c4:a8:ac:fb:9b:c2:b7:16:e7:
c4:2a:65:24:6e:68:47:9f:e0:8a:e3:41:ae:ec:55:
91:7b:81:85:3d:8d:8e:b3:ab:84:23:fc:32:1b:47:
f4:10:aa:ce:64:51:d9:9f:70:cf:2d:74:11:a2:88:
63:2a:ff:6b:91:7a:e8:0c:87:09:21:be:29:8a:be:
31:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:51:F0:01:14:C1:6C:FE:7E:2C:D3:82:15:7D:A9:C1:1B:1B:20:76
X509v3 Authority Key Identifier:
keyid:97:83:A5:48:7B:35:C1:D1:E1:F1:57:C1:91:31:2B:3D:F4:BC:17:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l4OlSHs1wdHh8VfBkTErPfS8F6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/QVHwARTBbP5-LNOCFX2pwRsbIHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/l4OlSHs1wdHh8VfBkTErPfS8F6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.216.0/21
193.5.16.0/22
IPv6:
2a0d:3dc0::/29
Signature Algorithm: sha256WithRSAEncryption
4e:52:8d:a0:54:42:e8:e5:44:ee:a6:ff:21:01:fb:01:ff:5c:
35:e8:ac:d6:dd:24:8e:61:39:cc:0b:97:0c:dc:73:a1:e5:dd:
9f:b2:43:fb:10:7a:78:9a:25:8f:39:be:89:29:7f:4e:fd:3b:
ce:06:70:2d:87:89:22:bd:1c:87:f0:75:cb:a9:bf:da:0c:f3:
d5:e5:22:92:01:1c:c2:05:74:05:c2:80:ab:f4:d3:04:eb:ec:
d8:b2:c1:cf:18:b7:19:c1:0b:ef:f0:95:75:c9:48:7f:ba:ea:
56:57:8b:9a:a7:4f:25:be:79:10:de:5b:77:46:49:59:7b:54:
a9:9f:70:c2:e9:cc:62:d0:c8:9c:7b:62:ca:18:18:22:18:64:
2c:00:55:72:c3:a2:b1:06:f1:21:d1:e5:e7:9b:f3:55:fd:32:
ac:29:ee:61:d2:53:d5:0c:c6:2b:2e:09:57:dd:a3:f6:77:b6:
07:ef:b3:22:92:d6:49:40:a8:78:56:6d:fa:8c:22:0e:25:15:
68:b3:b9:da:9f:e4:d3:33:b0:c1:a1:66:78:4e:c5:0c:6e:22:
f3:ca:b2:d3:be:33:4d:2d:7a:09:f5:a8:95:55:15:e7:24:76:
b5:80:59:04:ea:9b:38:94:d0:f1:4f:b6:12:3d:96:99:ca:3f:
0f:a5:6c:68
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZMWgNKTEzLAKyOBlej+KdyvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ODNhNTQ4N2IzNWMxZDFlMWYxNTdjMTkxMzEyYjNkZjRi
YzE3YWIwHhcNMjQxMTEwMTQzNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTUxZjAwMTE0YzE2Y2ZlN2UyY2QzODIxNTdkYTljMTFiMWIyMDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdtMsRSpzLDBOEBnl90pHmIuKfwt
xx7yN22B8pcNLLsG0uUG7HkLKWR/HRgFC+kUnuQUKNtDduGvNsl/Dypf8l3SUaZL
w1TgtYaNTL11/P8dPxFrT39ts/10jIr8CN5A+Kp1SsH009BsLfdLQ4ZGJ2LHbYkj
5DJKwC+fOiOcIXRQxEwvdVXRx2ajnwR1l9la03L1KqWluI9PARbb2P+eSCgRPf7q
yw+y5+753AfMX/plgOy8xVnf0UvEqKz7m8K3FufEKmUkbmhHn+CK40Gu7FWRe4GF
PY2Os6uEI/wyG0f0EKrOZFHZn3DPLXQRoohjKv9rkXroDIcJIb4pir4xYQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEFR8AEUwWz+fizTghV9qcEbGyB2MB8GA1UdIwQY
MBaAFJeDpUh7NcHR4fFXwZExKz30vBerMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDRPbFNIczF3ZEhoOFZmQmtURXJQZlM4RjZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mMjIxMzEtYTBmZi00ZjI3LThkZmEt
NjkxNTJlOWEwOGMzLzEvUVZId0FSVEJiUDUtTE5PQ0ZYMnB3UnNiSUhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mMjIxMzEtYTBmZi00ZjI3LThkZmEtNjkxNTJlOWEwOGMz
LzEvbDRPbFNIczF3ZEhoOFZmQmtURXJQZlM4RjZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDk73YAwQC
wQUQMA0EAgACMAcDBQMqDT3AMA0GCSqGSIb3DQEBCwUAA4IBAQBOUo2gVELo5UTu
pv8hAfsB/1w16KzW3SSOYTnMC5cM3HOh5d2fskP7EHp4miWPOb6JKX9O/TvOBnAt
h4kivRyH8HXLqb/aDPPV5SKSARzCBXQFwoCr9NME6+zYssHPGLcZwQvv8JV1yUh/
uupWV4uap08lvnkQ3lt3RklZe1Spn3DC6cxi0Mice2LKGBgiGGQsAFVyw6KxBvEh
0eXnm/NV/TKsKe5h0lPVDMYrLglX3aP2d7YH77MiktZJQKh4Vm36jCIOJRVos7na
n+TTM7DBoWZ4TsUMbiLzyrLTvjNNLXoJ9aiVVRXnJHa1gFkE6ps4lNDxT7YSPZaZ
yj8PpWxo
Generated at Tue Nov 12 02:40:04 2024 by rpki-client on console-fra.rpki-client.org