Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/wbNsYhxGNrSb4WtN8ZWtm2TqbAA.roa
File: wbNsYhxGNrSb4WtN8ZWtm2TqbAA.roa (raw, json)
Hash identifier: f4UoTRhznRuV0kf0WqSl2EL6R3OXLdtC0IU46TQbqcM=
Subject key identifier: C1:B3:6C:62:1C:46:36:B4:9B:E1:6B:4D:F1:95:AD:9B:64:EA:6C:00
Certificate issuer: /CN=9783a5487b35c1d1e1f157c191312b3df4bc17ab
Certificate serial: 01931D6D6A09503619B7804528F201867C49
Authority key identifier: 97:83:A5:48:7B:35:C1:D1:E1:F1:57:C1:91:31:2B:3D:F4:BC:17:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l4OlSHs1wdHh8VfBkTErPfS8F6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/wbNsYhxGNrSb4WtN8ZWtm2TqbAA.roa
Signing time: Mon 11 Nov 2024 22:52:10 +0000
ROA not before: Mon 11 Nov 2024 22:52:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 4601
IP address blocks: 147.189.216.0/21 maxlen: 21
193.5.16.0/22 maxlen: 22
2a0d:3dc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 12 Nov 2024 12:37:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1d:6d:6a:09:50:36:19:b7:80:45:28:f2:01:86:7c:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9783a5487b35c1d1e1f157c191312b3df4bc17ab
Validity
Not Before: Nov 11 22:52:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c1b36c621c4636b49be16b4df195ad9b64ea6c00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:db:04:ce:5a:fb:15:44:31:93:8f:07:7b:99:
b5:1b:a8:50:a8:e2:54:57:5c:b1:e0:e2:b7:6e:5d:
fb:47:dc:2e:d2:0c:13:33:c1:82:a5:14:62:79:d4:
ac:6b:0b:44:8f:e0:da:a9:2e:19:5c:d9:7a:95:4a:
43:8a:fe:58:1b:f8:81:ff:e3:0f:ee:fd:85:7d:6e:
25:70:f8:f5:41:2b:ca:e6:ae:12:1f:d5:b9:6c:f6:
22:b1:80:3c:e3:96:8d:d4:c1:6a:1f:c3:c7:86:2e:
f9:c6:56:cb:17:c8:03:61:d3:d4:bd:fe:55:69:ae:
30:c2:03:f9:8d:30:61:63:7c:5b:2e:b0:53:00:b9:
75:98:d8:94:52:75:91:eb:f3:29:a2:75:f4:2a:85:
a1:49:7c:63:37:64:73:c5:ef:a5:d1:0c:09:ee:97:
5d:e2:ca:d4:4c:c4:0c:3d:e1:54:44:14:a0:37:d1:
08:6e:af:c9:29:07:8d:8a:ce:e6:bc:97:53:bc:f9:
7f:6d:fa:43:e9:50:94:6a:d0:d2:4a:1c:a8:fd:a2:
9e:11:ae:b5:59:ea:c7:b8:0a:69:1f:70:32:be:43:
fb:17:62:7c:e6:9c:9f:44:e3:23:a3:ef:62:db:a9:
e4:8d:d8:14:63:38:a5:04:2a:d6:ab:84:b8:ae:cc:
05:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:B3:6C:62:1C:46:36:B4:9B:E1:6B:4D:F1:95:AD:9B:64:EA:6C:00
X509v3 Authority Key Identifier:
keyid:97:83:A5:48:7B:35:C1:D1:E1:F1:57:C1:91:31:2B:3D:F4:BC:17:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l4OlSHs1wdHh8VfBkTErPfS8F6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/wbNsYhxGNrSb4WtN8ZWtm2TqbAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/l4OlSHs1wdHh8VfBkTErPfS8F6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.216.0/21
193.5.16.0/22
IPv6:
2a0d:3dc0::/29
Signature Algorithm: sha256WithRSAEncryption
8a:63:78:5e:9c:02:69:15:28:91:32:0a:8c:1d:43:2e:e4:2e:
a7:5a:bf:46:45:c8:73:1a:7d:27:5f:b5:69:b5:16:c1:e1:59:
96:28:f5:bf:10:51:6f:aa:b7:b1:c5:2a:7f:79:8f:41:01:b3:
6f:26:4e:a4:f7:44:12:76:96:0d:91:00:61:4c:01:65:32:1f:
d2:ec:31:f5:eb:c9:e9:94:76:dd:9d:99:86:ef:0a:c6:60:c9:
37:a4:6c:6f:20:72:14:5a:8a:10:7a:41:2a:4b:bb:22:57:1e:
22:f4:f9:5e:89:49:09:15:ff:cc:c2:8c:3d:bd:a7:2e:70:90:
6b:2d:75:19:db:72:64:02:5d:04:93:35:3f:f4:0f:ab:8b:31:
18:55:c8:c7:57:c9:57:71:85:ba:29:01:18:48:6e:e1:c8:37:
a0:00:5f:1a:65:76:e9:64:36:df:4a:23:ea:47:91:af:97:43:
86:6f:62:68:01:68:28:56:92:0f:58:36:c8:c4:3b:8d:2e:d3:
d1:cd:3e:10:a4:c1:59:91:da:3e:d9:c4:b9:30:17:d4:16:cf:
9c:8f:77:e9:2d:7b:67:fb:32:ef:bb:42:b3:1d:a5:0b:54:75:
f0:11:b9:4f:e3:d3:1c:64:cd:1b:12:da:2b:f1:4a:94:2f:04:
ff:97:7e:cd
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZMdbWoJUDYZt4BFKPIBhnxJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ODNhNTQ4N2IzNWMxZDFlMWYxNTdjMTkxMzEyYjNkZjRi
YzE3YWIwHhcNMjQxMTExMjI1MjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWIzNmM2MjFjNDYzNmI0OWJlMTZiNGRmMTk1YWQ5YjY0ZWE2YzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9sEzlr7FUQxk48He5m1G6hQqOJU
V1yx4OK3bl37R9wu0gwTM8GCpRRiedSsawtEj+DaqS4ZXNl6lUpDiv5YG/iB/+MP
7v2FfW4lcPj1QSvK5q4SH9W5bPYisYA845aN1MFqH8PHhi75xlbLF8gDYdPUvf5V
aa4wwgP5jTBhY3xbLrBTALl1mNiUUnWR6/MponX0KoWhSXxjN2Rzxe+l0QwJ7pdd
4srUTMQMPeFURBSgN9EIbq/JKQeNis7mvJdTvPl/bfpD6VCUatDSShyo/aKeEa61
WerHuAppH3AyvkP7F2J85pyfROMjo+9i26nkjdgUYzilBCrWq4S4rswFuwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMGzbGIcRja0m+FrTfGVrZtk6mwAMB8GA1UdIwQY
MBaAFJeDpUh7NcHR4fFXwZExKz30vBerMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDRPbFNIczF3ZEhoOFZmQmtURXJQZlM4RjZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mMjIxMzEtYTBmZi00ZjI3LThkZmEt
NjkxNTJlOWEwOGMzLzEvd2JOc1loeEdOclNiNFd0TjhaV3RtMlRxYkFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mMjIxMzEtYTBmZi00ZjI3LThkZmEtNjkxNTJlOWEwOGMz
LzEvbDRPbFNIczF3ZEhoOFZmQmtURXJQZlM4RjZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDk73YAwQC
wQUQMA0EAgACMAcDBQMqDT3AMA0GCSqGSIb3DQEBCwUAA4IBAQCKY3henAJpFSiR
MgqMHUMu5C6nWr9GRchzGn0nX7VptRbB4VmWKPW/EFFvqrexxSp/eY9BAbNvJk6k
90QSdpYNkQBhTAFlMh/S7DH168nplHbdnZmG7wrGYMk3pGxvIHIUWooQekEqS7si
Vx4i9PleiUkJFf/Mwow9vacucJBrLXUZ23JkAl0EkzU/9A+rizEYVcjHV8lXcYW6
KQEYSG7hyDegAF8aZXbpZDbfSiPqR5Gvl0OGb2JoAWgoVpIPWDbIxDuNLtPRzT4Q
pMFZkdo+2cS5MBfUFs+cj3fpLXtn+zLvu0KzHaULVHXwEblP49McZM0bEtor8UqU
LwT/l37N
-----END CERTIFICATE-----
Generated at Tue Nov 12 16:24:13 2024 by rpki-client on console-ams.rpki-client.org