Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/26d917-8c91-45ab-8442-e4e52ac0fefe/1/9KYTGPAzeR3VlMAxbPE1l29Fadg.roa
File: 9KYTGPAzeR3VlMAxbPE1l29Fadg.roa (raw, json)
Hash identifier: s6JKFJI5xi/Ielnn+21ogkqFLmOvhQ8Mhqbrnnl4tDs=
Subject key identifier: F4:A6:13:18:F0:33:79:1D:D5:94:C0:31:6C:F1:35:97:6F:45:69:D8
Certificate issuer: /CN=63d92b8256159894d2b9b25f4d85986c172723c3
Certificate serial: 0185F2D372EE926A486E7FCAFDA055EC9233
Authority key identifier: 63:D9:2B:82:56:15:98:94:D2:B9:B2:5F:4D:85:98:6C:17:27:23:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y9krglYVmJTSubJfTYWYbBcnI8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/26d917-8c91-45ab-8442-e4e52ac0fefe/1/9KYTGPAzeR3VlMAxbPE1l29Fadg.roa
Signing time: Fri 27 Jan 2023 10:43:41 +0000
ROA not before: Fri 27 Jan 2023 10:43:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29033
IP address blocks: 81.20.32.0/20 maxlen: 20
81.20.41.0/24 maxlen: 24
185.129.176.0/22 maxlen: 22
2a00:1fd0:ecc1::/48 maxlen: 48
2a00:1fd0:ecc2::/48 maxlen: 48
2a00:1fd0:ae00::/40 maxlen: 48
2a00:1fd0:ec00::/48 maxlen: 48
2a00:1fd0:ecc0::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Nov 2023 13:41:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f2:d3:72:ee:92:6a:48:6e:7f:ca:fd:a0:55:ec:92:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63d92b8256159894d2b9b25f4d85986c172723c3
Validity
Not Before: Jan 27 10:43:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4a61318f033791dd594c0316cf135976f4569d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:18:b9:43:50:24:59:93:79:f2:53:e5:3b:bf:
f7:0f:22:58:43:fe:21:ae:bb:0e:03:b1:07:a6:4b:
5f:c1:c5:d1:be:c2:1d:75:dc:6b:d6:0b:85:22:d6:
83:15:a6:2a:c0:3f:e3:86:8d:f1:c0:99:e0:50:bc:
46:97:e2:07:12:77:46:1e:c1:27:ca:a0:f6:0f:06:
e3:f2:d1:ac:0b:70:d0:41:9d:ab:93:eb:74:3d:1b:
81:04:dc:bc:ac:5b:c0:da:58:21:6c:d7:8d:93:b8:
f9:ab:50:0b:72:2e:9d:d8:9b:7d:d2:36:47:23:8f:
a2:f7:86:19:12:13:38:b6:34:fd:fc:cd:92:34:3d:
22:85:be:83:8f:f3:5b:b8:f7:52:91:c3:56:7a:1b:
63:5f:d9:76:6c:aa:be:fe:65:2f:01:7a:ff:b6:d7:
24:4b:4c:70:65:67:ce:61:8c:be:1c:85:cd:38:e0:
04:63:03:39:3f:ba:24:e7:e6:78:c6:76:9b:e8:d4:
18:42:1f:4d:20:32:8e:8d:8e:f0:fd:12:24:7f:9f:
f1:c9:1c:4d:44:08:e2:a1:86:ad:6f:e4:4d:3e:7e:
6c:4a:e6:cc:2f:69:aa:e5:ff:a8:7a:95:48:d0:89:
b2:6e:2f:23:d2:bb:01:ba:bd:e7:64:b6:11:f4:ed:
03:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:A6:13:18:F0:33:79:1D:D5:94:C0:31:6C:F1:35:97:6F:45:69:D8
X509v3 Authority Key Identifier:
keyid:63:D9:2B:82:56:15:98:94:D2:B9:B2:5F:4D:85:98:6C:17:27:23:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y9krglYVmJTSubJfTYWYbBcnI8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/26d917-8c91-45ab-8442-e4e52ac0fefe/1/9KYTGPAzeR3VlMAxbPE1l29Fadg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/26d917-8c91-45ab-8442-e4e52ac0fefe/1/Y9krglYVmJTSubJfTYWYbBcnI8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.20.32.0/20
185.129.176.0/22
IPv6:
2a00:1fd0:ae00::/40
2a00:1fd0:ec00::/48
2a00:1fd0:ecc0::-2a00:1fd0:ecc2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
79:73:88:c1:54:14:fb:9c:59:90:2a:89:d5:ef:c5:88:df:72:
94:29:8f:1f:4f:97:59:3d:e7:65:4e:bb:53:f7:de:d6:6d:93:
28:32:fd:12:31:62:7b:cd:62:53:2f:22:44:ee:b8:68:2a:f9:
b1:01:a0:71:c6:4f:03:40:fc:b1:22:ed:00:b3:d7:21:b2:57:
c7:ab:16:4d:d2:da:74:8e:72:47:b5:55:21:4a:9b:2c:cc:28:
7f:4a:63:fe:69:cb:cd:e7:1e:84:31:c0:9a:dc:9b:cf:d6:a9:
fb:f6:97:4c:57:e4:6b:a9:ef:80:c9:64:7a:34:2d:e1:18:51:
09:49:a8:7a:38:98:9a:a6:1d:ed:87:70:75:07:11:f3:a9:6a:
1f:92:90:fc:19:91:a4:2c:d1:3c:74:bf:e2:f6:49:93:0c:d2:
be:2f:0a:03:4b:2b:ef:9a:28:7e:9c:a7:90:b0:1e:6a:1a:7a:
68:b0:ae:c3:67:92:d9:0e:b7:76:7e:2f:80:5f:f5:54:be:4b:
a2:04:83:3e:60:3f:5e:1d:dc:97:ab:65:b8:1f:2b:f6:c8:e5:
b0:5c:f8:94:86:5a:f4:c6:35:3f:4c:8e:52:76:6a:91:94:da:
20:76:c8:42:6f:2c:bd:9c:49:9c:c4:7c:b5:4f:c4:62:79:39:
c2:b9:10:63
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYXy03LukmpIbn/K/aBV7JIzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZDkyYjgyNTYxNTk4OTRkMmI5YjI1ZjRkODU5ODZjMTcy
NzIzYzMwHhcNMjMwMTI3MTA0MzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGE2MTMxOGYwMzM3OTFkZDU5NGMwMzE2Y2YxMzU5NzZmNDU2OWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhi5Q1AkWZN58lPlO7/3DyJYQ/4h
rrsOA7EHpktfwcXRvsIdddxr1guFItaDFaYqwD/jho3xwJngULxGl+IHEndGHsEn
yqD2Dwbj8tGsC3DQQZ2rk+t0PRuBBNy8rFvA2lghbNeNk7j5q1ALci6d2Jt90jZH
I4+i94YZEhM4tjT9/M2SND0ihb6Dj/NbuPdSkcNWehtjX9l2bKq+/mUvAXr/ttck
S0xwZWfOYYy+HIXNOOAEYwM5P7ok5+Z4xnab6NQYQh9NIDKOjY7w/RIkf5/xyRxN
RAjioYatb+RNPn5sSubML2mq5f+oepVI0Imybi8j0rsBur3nZLYR9O0DXQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFPSmExjwM3kd1ZTAMWzxNZdvRWnYMB8GA1UdIwQY
MBaAFGPZK4JWFZiU0rmyX02FmGwXJyPDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTlrcmdsWVZtSlRTdWJKZlRZV1liQmNuSThNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8yNmQ5MTctOGM5MS00NWFiLTg0NDIt
ZTRlNTJhYzBmZWZlLzEvOUtZVEdQQXplUjNWbE1BeGJQRTFsMjlGYWRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8yNmQ5MTctOGM5MS00NWFiLTg0NDItZTRlNTJhYzBmZWZl
LzEvWTlrcmdsWVZtSlRTdWJKZlRZV1liQmNuSThNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTASBAIAATAMAwQEURQgAwQC
uYGwMCsEAgACMCUDBgAqAB/QrgMHACoAH9DsADASAwcGKgAf0OzAAwcAKgAf0OzC
MA0GCSqGSIb3DQEBCwUAA4IBAQB5c4jBVBT7nFmQKonV78WI33KUKY8fT5dZPedl
TrtT997WbZMoMv0SMWJ7zWJTLyJE7rhoKvmxAaBxxk8DQPyxIu0As9chslfHqxZN
0tp0jnJHtVUhSpsszCh/SmP+acvN5x6EMcCa3JvP1qn79pdMV+Rrqe+AyWR6NC3h
GFEJSah6OJiaph3th3B1BxHzqWofkpD8GZGkLNE8dL/i9kmTDNK+LwoDSyvvmih+
nKeQsB5qGnposK7DZ5LZDrd2fi+AX/VUvkuiBIM+YD9eHdyXq2W4Hyv2yOWwXPiU
hlr0xjU/TI5SdmqRlNogdshCbyy9nEmcxHy1T8RieTnCuRBj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:26 2024 by rpki-client on console-fra.rpki-client.org