Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/tILzXtqE3lnKhBrynPO2tmLm1Xc.roa
File: tILzXtqE3lnKhBrynPO2tmLm1Xc.roa (raw, json)
Hash identifier: IionCluK/EYkanDWTMrGajGWjMxWVkukN/F2Ri5xIcE=
Subject key identifier: B4:82:F3:5E:DA:84:DE:59:CA:84:1A:F2:9C:F3:B6:B6:62:E6:D5:77
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 01856F42926323F0B262D9720AF32CB85449
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/tILzXtqE3lnKhBrynPO2tmLm1Xc.roa
Signing time: Sun 01 Jan 2023 21:35:11 +0000
ROA not before: Sun 01 Jan 2023 21:35:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16276
IP address blocks: 92.204.128.0/20 maxlen: 24
151.106.32.0/20 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:92:63:23:f0:b2:62:d9:72:0a:f3:2c:b8:54:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Jan 1 21:35:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b482f35eda84de59ca841af29cf3b6b662e6d577
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ae:11:37:a2:bf:5c:71:af:4b:c0:c1:14:ec:
00:35:4a:4d:74:0c:28:44:ff:27:f4:2b:13:e8:c6:
2d:91:71:f3:00:79:02:25:70:8b:a5:37:89:b4:fa:
dd:69:1a:90:f2:1b:f3:f3:ef:b2:8e:07:eb:7b:71:
0f:eb:70:b4:96:65:14:9a:61:94:8a:3f:d5:93:d5:
a1:4c:95:12:14:11:0c:27:8a:2d:1d:8f:3e:01:c5:
5d:b4:08:6c:bc:52:f0:93:90:9e:85:d6:59:84:9e:
e0:fd:97:79:3f:01:7e:57:ea:7b:09:6d:1d:56:4b:
39:2e:62:de:d3:00:b7:7f:a8:83:9f:fe:53:72:e9:
75:3a:38:d8:90:f5:90:4c:c3:a4:7d:d7:e3:b3:95:
8d:5b:0d:4b:c3:04:c4:4e:f1:7e:d0:5e:64:e0:b8:
2c:9f:58:cc:66:f3:82:7b:33:42:48:5a:c3:15:a1:
cd:fa:ec:ab:cc:d5:c3:e1:eb:9a:39:8c:98:8a:00:
8c:eb:23:59:34:54:63:74:2b:ee:f4:5f:be:18:40:
97:a4:16:36:2f:81:18:6a:fd:5c:8a:3b:48:b8:10:
84:9f:be:8a:b4:55:f0:b5:17:8f:07:71:7e:79:1a:
07:c2:74:b3:8b:48:92:bc:95:20:09:75:8b:5e:85:
8a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:82:F3:5E:DA:84:DE:59:CA:84:1A:F2:9C:F3:B6:B6:62:E6:D5:77
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/tILzXtqE3lnKhBrynPO2tmLm1Xc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.204.128.0/20
151.106.32.0/20
Signature Algorithm: sha256WithRSAEncryption
3e:e0:3f:1b:22:10:1f:49:0d:17:a4:f0:8e:a4:e1:2f:31:da:
66:74:a9:a1:3a:ee:a8:6d:fd:d7:06:70:cd:37:71:81:7c:ea:
30:9a:a3:d7:3c:98:1b:aa:65:c7:d7:9e:c4:88:ce:6e:2a:65:
4b:5d:fd:6e:ad:04:49:2b:b3:f0:91:60:c3:e6:b8:2e:a0:19:
a6:e9:d0:09:5c:68:7a:eb:18:42:de:58:3b:77:13:99:12:89:
f2:d5:89:4d:81:82:29:ba:a5:af:58:c4:91:c1:8c:cc:20:d6:
34:ca:2c:a8:3e:9d:83:e8:43:1d:05:ed:0e:d2:3d:d0:4b:08:
6e:f7:7f:43:45:e3:84:9b:f1:d5:3f:d5:b9:d3:ca:bf:71:18:
88:f9:08:18:07:5f:68:e5:70:18:dc:44:fd:cb:21:d1:0f:54:
a0:30:d3:e7:d9:4a:7f:81:21:6f:2a:72:57:fb:73:0d:05:90:
43:05:f0:fe:ae:99:f9:a6:66:0d:ff:1b:6f:9e:54:96:92:bc:
65:09:b6:79:05:31:4c:2d:1a:bf:da:91:f1:48:47:40:11:77:
a9:8f:7a:87:e9:78:b7:16:2d:d0:11:6a:56:37:c4:21:2d:6c:
f3:90:15:57:70:1e:5a:cb:3b:3c:00:55:07:ee:8c:fb:f4:cb:
25:d7:83:b1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvQpJjI/CyYtlyCvMsuFRJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNmVkMGZiN2IzMjA4MzJhYzE1ODA1MzRjN2IyNjNmMzA0
ZTk4MWIwHhcNMjMwMTAxMjEzNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDgyZjM1ZWRhODRkZTU5Y2E4NDFhZjI5Y2YzYjZiNjYyZTZkNTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxa4RN6K/XHGvS8DBFOwANUpNdAwo
RP8n9CsT6MYtkXHzAHkCJXCLpTeJtPrdaRqQ8hvz8++yjgfre3EP63C0lmUUmmGU
ij/Vk9WhTJUSFBEMJ4otHY8+AcVdtAhsvFLwk5CehdZZhJ7g/Zd5PwF+V+p7CW0d
Vks5LmLe0wC3f6iDn/5Tcul1OjjYkPWQTMOkfdfjs5WNWw1LwwTETvF+0F5k4Lgs
n1jMZvOCezNCSFrDFaHN+uyrzNXD4euaOYyYigCM6yNZNFRjdCvu9F++GECXpBY2
L4EYav1cijtIuBCEn76KtFXwtRePB3F+eRoHwnSzi0iSvJUgCXWLXoWKCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLSC817ahN5ZyoQa8pzztrZi5tV3MB8GA1UdIwQY
MBaAFLpu0Pt7MggyrBWAU0x7Jj8wTpgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQt
MTYxZjM0MjM4N2QxLzEvdElMelh0cUUzbG5LaEJyeW5QTzJ0bUxtMVhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQtMTYxZjM0MjM4N2Qx
LzEvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEXMyAAwQE
l2ogMA0GCSqGSIb3DQEBCwUAA4IBAQA+4D8bIhAfSQ0XpPCOpOEvMdpmdKmhOu6o
bf3XBnDNN3GBfOowmqPXPJgbqmXH157EiM5uKmVLXf1urQRJK7PwkWDD5rguoBmm
6dAJXGh66xhC3lg7dxOZEony1YlNgYIpuqWvWMSRwYzMINY0yiyoPp2D6EMdBe0O
0j3QSwhu939DReOEm/HVP9W508q/cRiI+QgYB19o5XAY3ET9yyHRD1SgMNPn2Up/
gSFvKnJX+3MNBZBDBfD+rpn5pmYN/xtvnlSWkrxlCbZ5BTFMLRq/2pHxSEdAEXep
j3qH6Xi3Fi3QEWpWN8QhLWzzkBVXcB5ayzs8AFUH7oz79Msl14Ox
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:40 2024 by rpki-client on console-ams.rpki-client.org