Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/WpQH16NqnRsnbN1IjW8d1USgQbo.roa
File: WpQH16NqnRsnbN1IjW8d1USgQbo.roa (raw, json)
Hash identifier: FwR8iIdWR8oRkD/AYHH1nkfq2C7VcVcpbZe8FKLm/4E=
Subject key identifier: 5A:94:07:D7:A3:6A:9D:1B:27:6C:DD:48:8D:6F:1D:D5:44:A0:41:BA
Certificate issuer: /CN=9783a5487b35c1d1e1f157c191312b3df4bc17ab
Certificate serial: 01856CAEF0FBCFF4E8D09987DF1C8AD0CC52
Authority key identifier: 97:83:A5:48:7B:35:C1:D1:E1:F1:57:C1:91:31:2B:3D:F4:BC:17:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l4OlSHs1wdHh8VfBkTErPfS8F6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/WpQH16NqnRsnbN1IjW8d1USgQbo.roa
Signing time: Sun 01 Jan 2023 09:34:42 +0000
ROA not before: Sun 01 Jan 2023 09:34:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 147.189.216.0/22 maxlen: 32
147.189.220.0/22 maxlen: 32
193.5.16.0/23 maxlen: 32
193.5.18.0/23 maxlen: 32
2a0d:3dc0::/30 maxlen: 128
2a0d:3dc4::/30 maxlen: 128
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ae:f0:fb:cf:f4:e8:d0:99:87:df:1c:8a:d0:cc:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9783a5487b35c1d1e1f157c191312b3df4bc17ab
Validity
Not Before: Jan 1 09:34:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5a9407d7a36a9d1b276cdd488d6f1dd544a041ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f1:27:2a:78:b2:f6:53:36:40:56:0f:fd:47:
66:48:6b:eb:21:f1:1a:39:39:3a:45:f1:05:b4:8d:
e6:4c:61:f0:4e:a7:35:9e:85:34:fd:dd:3c:16:00:
b7:3d:94:2e:34:ff:d7:06:cb:65:d1:31:34:e2:44:
ef:24:81:c6:78:6d:10:0b:65:9b:1d:c6:58:79:38:
a3:15:bd:45:1f:0c:ce:41:ce:43:3d:6d:82:3c:4f:
ca:51:1d:cd:74:03:23:04:6d:ae:1f:c1:3d:ef:f0:
65:82:56:65:da:0c:87:bd:1c:86:0a:c9:51:a5:11:
ee:eb:7d:cb:1a:de:24:06:8e:be:d1:c1:a7:59:ff:
24:75:de:48:9d:b6:b9:4a:08:08:97:33:e9:49:01:
27:20:53:42:d1:71:bb:58:6e:34:ad:61:59:c7:18:
98:52:d7:f7:80:3d:7f:f3:c7:ae:a2:28:0c:fe:ca:
15:0c:14:65:f5:17:4f:e0:55:c0:1e:cc:55:e0:76:
8c:9d:9d:d6:60:3f:7c:51:0a:4f:c9:03:c4:df:05:
59:85:71:7e:8a:dd:53:a7:fd:9b:2b:53:d2:aa:fd:
f6:31:ea:9f:06:fb:da:52:f5:38:b9:e8:97:ad:66:
00:a1:b4:6a:ca:b7:e8:9d:0e:e6:e6:d4:f7:b3:86:
00:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:94:07:D7:A3:6A:9D:1B:27:6C:DD:48:8D:6F:1D:D5:44:A0:41:BA
X509v3 Authority Key Identifier:
keyid:97:83:A5:48:7B:35:C1:D1:E1:F1:57:C1:91:31:2B:3D:F4:BC:17:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l4OlSHs1wdHh8VfBkTErPfS8F6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/WpQH16NqnRsnbN1IjW8d1USgQbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/l4OlSHs1wdHh8VfBkTErPfS8F6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.216.0/21
193.5.16.0/22
IPv6:
2a0d:3dc0::/29
Signature Algorithm: sha256WithRSAEncryption
83:87:af:ac:f2:2e:c1:08:2a:d9:51:41:5e:30:28:75:03:f0:
ac:28:0e:6e:22:9a:2c:cf:3d:4d:e7:ad:2e:c7:d9:81:33:ca:
66:22:d7:62:bd:58:6b:1a:4a:da:39:68:fa:69:72:03:ba:b7:
ea:8f:b9:3c:d3:87:56:f6:60:e0:61:2b:6f:3b:5a:28:b4:7f:
89:b0:7b:91:cc:4f:af:ac:2e:e2:41:16:1b:b8:24:11:4f:10:
e8:3c:f0:b2:d8:06:74:ae:a5:d3:11:ec:1d:40:68:a0:38:03:
1d:f0:4b:d2:c9:fb:8e:cc:c7:2d:d5:07:01:24:61:01:ca:e7:
21:e0:d1:76:23:d6:30:2b:71:fb:ad:19:2c:c2:0d:96:66:51:
56:86:b7:da:08:66:8e:16:65:d2:cc:89:eb:9c:8b:88:32:57:
44:c8:e4:da:29:a4:15:e2:b7:47:72:8a:e8:46:fd:f0:0b:71:
5a:51:d8:73:59:ba:7b:32:31:ff:47:51:a1:af:76:80:ac:bb:
12:8a:53:de:f8:d4:92:b4:ff:34:8b:6f:5e:1f:aa:a2:9b:d6:
eb:0f:dd:fe:7e:9f:77:eb:4d:61:e8:a8:97:08:b1:71:ff:95:
38:28:91:d7:6d:11:e3:28:01:ad:04:31:1a:f1:14:61:99:b6:
02:3e:00:4d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsrvD7z/To0JmH3xyK0MxSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ODNhNTQ4N2IzNWMxZDFlMWYxNTdjMTkxMzEyYjNkZjRi
YzE3YWIwHhcNMjMwMTAxMDkzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTk0MDdkN2EzNmE5ZDFiMjc2Y2RkNDg4ZDZmMWRkNTQ0YTA0MWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPEnKniy9lM2QFYP/UdmSGvrIfEa
OTk6RfEFtI3mTGHwTqc1noU0/d08FgC3PZQuNP/XBstl0TE04kTvJIHGeG0QC2Wb
HcZYeTijFb1FHwzOQc5DPW2CPE/KUR3NdAMjBG2uH8E97/BlglZl2gyHvRyGCslR
pRHu633LGt4kBo6+0cGnWf8kdd5Inba5SggIlzPpSQEnIFNC0XG7WG40rWFZxxiY
Utf3gD1/88euoigM/soVDBRl9RdP4FXAHsxV4HaMnZ3WYD98UQpPyQPE3wVZhXF+
it1Tp/2bK1PSqv32MeqfBvvaUvU4ueiXrWYAobRqyrfonQ7m5tT3s4YAmQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFqUB9ejap0bJ2zdSI1vHdVEoEG6MB8GA1UdIwQY
MBaAFJeDpUh7NcHR4fFXwZExKz30vBerMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDRPbFNIczF3ZEhoOFZmQmtURXJQZlM4RjZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mMjIxMzEtYTBmZi00ZjI3LThkZmEt
NjkxNTJlOWEwOGMzLzEvV3BRSDE2TnFuUnNuYk4xSWpXOGQxVVNnUWJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mMjIxMzEtYTBmZi00ZjI3LThkZmEtNjkxNTJlOWEwOGMz
LzEvbDRPbFNIczF3ZEhoOFZmQmtURXJQZlM4RjZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDk73YAwQC
wQUQMA0EAgACMAcDBQMqDT3AMA0GCSqGSIb3DQEBCwUAA4IBAQCDh6+s8i7BCCrZ
UUFeMCh1A/CsKA5uIposzz1N560ux9mBM8pmItdivVhrGkraOWj6aXIDurfqj7k8
04dW9mDgYStvO1ootH+JsHuRzE+vrC7iQRYbuCQRTxDoPPCy2AZ0rqXTEewdQGig
OAMd8EvSyfuOzMct1QcBJGEByuch4NF2I9YwK3H7rRkswg2WZlFWhrfaCGaOFmXS
zInrnIuIMldEyOTaKaQV4rdHcoroRv3wC3FaUdhzWbp7MjH/R1Ghr3aArLsSilPe
+NSStP80i29eH6qim9brD93+fp93601h6KiXCLFx/5U4KJHXbRHjKAGtBDEa8RRh
mbYCPgBN
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:10:55 2024 by rpki-client on console-ams.rpki-client.org