Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/XOw0CCMpT4i9mPb285O4AJdJOe8.roa
File: XOw0CCMpT4i9mPb285O4AJdJOe8.roa (raw, json)
Hash identifier: oeNy0HtNr9z+oT+u1zFBMDnX2MYGkqY6Z/oA1Hduus0=
Subject key identifier: 5C:EC:34:08:23:29:4F:88:BD:98:F6:F6:F3:93:B8:00:97:49:39:EF
Certificate issuer: /CN=9783a5487b35c1d1e1f157c191312b3df4bc17ab
Certificate serial: 018CC793469D78CD76C2984CF785F8044278
Authority key identifier: 97:83:A5:48:7B:35:C1:D1:E1:F1:57:C1:91:31:2B:3D:F4:BC:17:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l4OlSHs1wdHh8VfBkTErPfS8F6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/XOw0CCMpT4i9mPb285O4AJdJOe8.roa
Signing time: Tue 02 Jan 2024 00:29:27 +0000
ROA not before: Tue 02 Jan 2024 00:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210312
IP address blocks: 147.189.216.0/21 maxlen: 21
193.5.16.0/22 maxlen: 22
2a0d:3dc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 04 Jun 2024 14:12:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:46:9d:78:cd:76:c2:98:4c:f7:85:f8:04:42:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9783a5487b35c1d1e1f157c191312b3df4bc17ab
Validity
Not Before: Jan 2 00:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5cec340823294f88bd98f6f6f393b800974939ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:f9:06:c0:87:da:b4:38:83:4b:aa:23:32:1b:
6d:73:fd:de:fa:ed:80:a7:01:5e:2c:08:1d:cd:a1:
19:90:22:77:ef:6a:7a:56:91:1e:26:d4:56:c5:2e:
94:4a:2f:c1:e8:ce:39:63:5e:be:61:0a:69:d7:70:
ea:8e:8c:9f:17:4d:bf:38:16:2f:df:3e:dd:04:04:
11:bd:42:fe:d5:2a:75:48:a7:79:ca:e5:f9:ff:fb:
c8:cc:ee:60:0c:b0:86:7d:57:57:0b:0a:27:2f:4a:
eb:6f:71:8c:f9:a1:a6:cb:3e:37:f1:67:73:2d:09:
88:82:70:0b:2f:c1:2d:0e:97:db:57:89:cf:c9:ff:
a1:d9:67:e4:19:42:92:92:3e:8b:38:5f:4d:cf:59:
01:a9:96:c2:d4:e9:d1:9e:ed:b8:32:44:3b:b5:b9:
50:31:22:23:23:da:12:8c:8e:32:17:26:13:85:eb:
6e:12:4d:b2:79:20:06:b0:fb:bb:c5:c6:5e:70:17:
42:ba:82:7b:f9:b9:2f:2b:9f:a5:4d:86:40:c2:c1:
24:29:f0:5e:49:57:58:af:10:0f:91:b2:92:03:f5:
13:43:16:8d:62:dc:eb:e4:8b:a4:aa:78:d7:11:ef:
47:87:74:ed:fa:7d:e0:2f:a1:56:a5:7c:bd:ef:e3:
12:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:EC:34:08:23:29:4F:88:BD:98:F6:F6:F3:93:B8:00:97:49:39:EF
X509v3 Authority Key Identifier:
keyid:97:83:A5:48:7B:35:C1:D1:E1:F1:57:C1:91:31:2B:3D:F4:BC:17:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l4OlSHs1wdHh8VfBkTErPfS8F6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/XOw0CCMpT4i9mPb285O4AJdJOe8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/l4OlSHs1wdHh8VfBkTErPfS8F6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.216.0/21
193.5.16.0/22
IPv6:
2a0d:3dc0::/29
Signature Algorithm: sha256WithRSAEncryption
24:64:21:cf:d6:01:da:46:5a:5d:3d:90:f5:99:07:81:28:9b:
72:58:a1:5b:62:c4:3b:e0:e9:76:bd:f9:82:0a:b4:a4:47:c7:
94:ea:06:97:0f:50:d4:83:c3:88:84:10:ce:be:d5:ae:83:b8:
4e:11:80:f3:19:b2:27:5b:6b:b6:dc:e1:a8:31:65:c5:39:69:
b1:60:40:26:81:c1:6d:99:d6:b9:61:04:5b:ad:f4:ec:3a:78:
6c:ef:26:da:66:f7:fd:a0:87:fc:f3:de:3a:0e:eb:69:64:54:
f1:d9:1a:43:7a:11:5c:45:b4:dc:a9:5d:36:0e:f4:c0:3d:0d:
40:f0:a9:ed:0e:f4:90:67:10:63:c4:62:f1:0a:8c:1c:ac:af:
2e:4c:c9:0c:b5:2b:0a:b8:8b:30:74:2a:12:50:13:bc:fc:c9:
59:ea:2d:a6:f9:a9:9c:2f:33:ed:55:9b:2d:81:38:77:51:3d:
f2:74:c4:ba:b5:ab:47:0e:15:4c:6c:00:43:79:f2:cf:a9:a1:
32:35:75:d9:02:6b:18:a5:cc:da:c0:72:3b:4d:83:95:95:14:
fa:c5:dc:30:36:37:98:3b:15:be:13:68:b4:77:d8:94:73:78:
dc:d6:59:a2:cf:e6:51:06:1b:45:ad:6e:5c:d8:be:ce:ae:9d:
f9:0e:08:3d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzHk0adeM12wphM94X4BEJ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ODNhNTQ4N2IzNWMxZDFlMWYxNTdjMTkxMzEyYjNkZjRi
YzE3YWIwHhcNMjQwMTAyMDAyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2VjMzQwODIzMjk0Zjg4YmQ5OGY2ZjZmMzkzYjgwMDk3NDkzOWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifkGwIfatDiDS6ojMhttc/3e+u2A
pwFeLAgdzaEZkCJ372p6VpEeJtRWxS6USi/B6M45Y16+YQpp13DqjoyfF02/OBYv
3z7dBAQRvUL+1Sp1SKd5yuX5//vIzO5gDLCGfVdXCwonL0rrb3GM+aGmyz438Wdz
LQmIgnALL8EtDpfbV4nPyf+h2WfkGUKSkj6LOF9Nz1kBqZbC1OnRnu24MkQ7tblQ
MSIjI9oSjI4yFyYThetuEk2yeSAGsPu7xcZecBdCuoJ7+bkvK5+lTYZAwsEkKfBe
SVdYrxAPkbKSA/UTQxaNYtzr5IukqnjXEe9Hh3Tt+n3gL6FWpXy97+MSfwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFzsNAgjKU+IvZj29vOTuACXSTnvMB8GA1UdIwQY
MBaAFJeDpUh7NcHR4fFXwZExKz30vBerMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDRPbFNIczF3ZEhoOFZmQmtURXJQZlM4RjZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mMjIxMzEtYTBmZi00ZjI3LThkZmEt
NjkxNTJlOWEwOGMzLzEvWE93MENDTXBUNGk5bVBiMjg1TzRBSmRKT2U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mMjIxMzEtYTBmZi00ZjI3LThkZmEtNjkxNTJlOWEwOGMz
LzEvbDRPbFNIczF3ZEhoOFZmQmtURXJQZlM4RjZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDk73YAwQC
wQUQMA0EAgACMAcDBQMqDT3AMA0GCSqGSIb3DQEBCwUAA4IBAQAkZCHP1gHaRlpd
PZD1mQeBKJtyWKFbYsQ74Ol2vfmCCrSkR8eU6gaXD1DUg8OIhBDOvtWug7hOEYDz
GbInW2u23OGoMWXFOWmxYEAmgcFtmda5YQRbrfTsOnhs7ybaZvf9oIf88946Dutp
ZFTx2RpDehFcRbTcqV02DvTAPQ1A8KntDvSQZxBjxGLxCowcrK8uTMkMtSsKuIsw
dCoSUBO8/MlZ6i2m+amcLzPtVZstgTh3UT3ydMS6tatHDhVMbABDefLPqaEyNXXZ
AmsYpczawHI7TYOVlRT6xdwwNjeYOxW+E2i0d9iUc3jc1lmiz+ZRBhtFrW5c2L7O
rp35Dgg9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:01 2024 by rpki-client on console-fra.rpki-client.org