Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/6twUzb7epci-tl-ycbAUwHNZc8E.roa
File: 6twUzb7epci-tl-ycbAUwHNZc8E.roa (raw, json)
Hash identifier: FMJfrrpnJIxyM9k0kWsjzIfhSqFSO2PVza4Two7VUTA=
Subject key identifier: EA:DC:14:CD:BE:DE:A5:C8:BE:B6:5F:B2:71:B0:14:C0:73:59:73:C1
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 01874038C3146B49CE858B72FE87136085FA
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/6twUzb7epci-tl-ycbAUwHNZc8E.roa
Signing time: Sun 02 Apr 2023 04:27:54 +0000
ROA not before: Sun 02 Apr 2023 04:27:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 109.122.45.0/24 maxlen: 24
89.251.20.0/24 maxlen: 24
89.251.23.0/24 maxlen: 24
193.93.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 May 2023 18:52:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:40:38:c3:14:6b:49:ce:85:8b:72:fe:87:13:60:85:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Apr 2 04:27:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eadc14cdbedea5c8beb65fb271b014c0735973c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:1e:b4:8b:b4:49:36:b6:90:e4:d1:e1:8f:25:
6a:9d:56:7c:4a:86:6d:4e:ab:e3:d7:03:10:32:94:
a8:0b:73:6b:40:78:ad:87:45:b2:3f:f6:3e:70:f8:
13:1f:56:b8:c6:0f:bc:d9:9c:97:e5:00:97:46:e0:
53:09:ee:a3:1e:cc:30:9c:86:9f:75:ae:32:d6:c0:
4a:cf:0b:db:74:16:f2:15:8d:b5:7b:a9:01:a1:79:
dd:fe:ee:ed:31:bc:ab:c0:3b:f8:a9:9c:a3:8f:da:
fb:2f:52:19:34:27:eb:e0:67:1e:92:04:62:2d:e9:
e7:ab:3d:51:b6:e6:b8:8a:57:44:6b:b8:04:f8:ba:
d6:bd:c0:06:85:8b:ee:23:b7:06:60:64:60:6f:5e:
68:96:a2:6b:2f:7d:2f:ea:82:0a:4f:02:0e:51:1e:
34:ab:51:8d:15:3b:d5:d9:f5:e4:19:67:7c:1e:f6:
7b:25:c5:4c:c8:ae:8f:30:b1:30:ec:87:fb:cd:6f:
5d:ca:e9:ba:01:f2:1d:c0:e7:93:1a:63:7c:50:fe:
04:5a:74:df:d8:11:35:80:ea:ce:e0:7a:6f:12:0b:
6b:a2:a6:48:66:89:89:a6:79:21:3a:be:be:ba:80:
0e:ac:4e:8b:25:4d:fe:3a:14:1f:81:5f:01:25:07:
a8:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:DC:14:CD:BE:DE:A5:C8:BE:B6:5F:B2:71:B0:14:C0:73:59:73:C1
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/6twUzb7epci-tl-ycbAUwHNZc8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.20.0/24
89.251.23.0/24
109.122.45.0/24
193.93.55.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:60:e4:b8:bb:1b:a3:16:f5:f9:0d:d4:eb:da:0b:78:c8:38:
1e:77:17:02:4f:e8:4f:ba:c4:de:c6:c9:fa:57:b3:42:92:1d:
2f:4e:ff:1e:20:3a:cc:8d:75:09:09:40:0d:33:74:b6:86:9a:
30:96:d7:79:9e:4e:3c:33:0c:7d:2e:ea:90:91:46:aa:e7:a1:
8f:cd:04:88:03:19:86:f2:96:f6:7c:2b:3c:1d:98:12:2c:f6:
bf:4b:17:5a:51:c1:89:2e:a0:49:c5:39:37:76:bc:ff:14:fd:
78:a8:b3:11:84:2f:13:b0:c8:f5:8c:f6:54:fd:30:ef:d2:60:
cf:a9:d9:c9:56:fa:cb:5f:53:14:60:48:aa:0f:6c:da:bb:58:
24:8d:11:1d:7c:d2:8c:50:6f:70:8b:0c:7c:17:d1:9f:d1:a4:
1f:38:17:da:57:d8:7b:c3:e2:90:d3:9a:9d:0a:0d:06:ce:3c:
95:94:9c:b0:49:cb:3a:d9:d4:92:52:cb:97:17:ce:ce:b9:6b:
c7:47:10:b3:4b:ae:62:d2:e5:7d:e3:0b:b3:aa:03:9e:5b:c6:
50:4b:20:28:03:73:dd:63:d1:5c:57:60:22:6c:9a:78:c0:55:
f1:73:f0:0c:43:5a:d3:b1:44:66:02:a1:bd:96:4a:44:37:69:
0e:38:cd:ea
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYdAOMMUa0nOhYty/ocTYIX6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNDAyMDQyNzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWRjMTRjZGJlZGVhNWM4YmViNjVmYjI3MWIwMTRjMDczNTk3M2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmR60i7RJNraQ5NHhjyVqnVZ8SoZt
Tqvj1wMQMpSoC3NrQHith0WyP/Y+cPgTH1a4xg+82ZyX5QCXRuBTCe6jHswwnIaf
da4y1sBKzwvbdBbyFY21e6kBoXnd/u7tMbyrwDv4qZyjj9r7L1IZNCfr4GcekgRi
Lennqz1Rtua4ildEa7gE+LrWvcAGhYvuI7cGYGRgb15olqJrL30v6oIKTwIOUR40
q1GNFTvV2fXkGWd8HvZ7JcVMyK6PMLEw7If7zW9dyum6AfIdwOeTGmN8UP4EWnTf
2BE1gOrO4HpvEgtroqZIZomJpnkhOr6+uoAOrE6LJU3+OhQfgV8BJQeoWwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOrcFM2+3qXIvrZfsnGwFMBzWXPBMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvNnR3VXpiN2VwY2ktdGwteWNiQVV3SE5aYzhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWfsUAwQA
WfsXAwQAbXotAwQAwV03MA0GCSqGSIb3DQEBCwUAA4IBAQA8YOS4uxujFvX5DdTr
2gt4yDgedxcCT+hPusTexsn6V7NCkh0vTv8eIDrMjXUJCUANM3S2hpowltd5nk48
Mwx9LuqQkUaq56GPzQSIAxmG8pb2fCs8HZgSLPa/SxdaUcGJLqBJxTk3drz/FP14
qLMRhC8TsMj1jPZU/TDv0mDPqdnJVvrLX1MUYEiqD2zau1gkjREdfNKMUG9wiwx8
F9Gf0aQfOBfaV9h7w+KQ05qdCg0GzjyVlJywScs62dSSUsuXF87OuWvHRxCzS65i
0uV94wuzqgOeW8ZQSyAoA3PdY9FcV2AibJp4wFXxc/AMQ1rTsURmAqG9lkpEN2kO
OM3q
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org