Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/ILYkUrnfrS-TPK16LNpIJvjLOi4.roa
File: ILYkUrnfrS-TPK16LNpIJvjLOi4.roa (raw, json)
Hash identifier: 5fs9hgzKPX1AcrFKEbCdBv1hB51X9XG09wg4Ex8nDiI=
Subject key identifier: 20:B6:24:52:B9:DF:AD:2F:93:3C:AD:7A:2C:DA:48:26:F8:CB:3A:2E
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0186C26E4BDE9A778CF932AB53E9A3458804
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/ILYkUrnfrS-TPK16LNpIJvjLOi4.roa
Signing time: Wed 08 Mar 2023 18:14:13 +0000
ROA not before: Wed 08 Mar 2023 18:14:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 109.122.45.0/24 maxlen: 24
89.251.20.0/24 maxlen: 24
89.251.23.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 02 Apr 2023 04:27:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c2:6e:4b:de:9a:77:8c:f9:32:ab:53:e9:a3:45:88:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Mar 8 18:14:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20b62452b9dfad2f933cad7a2cda4826f8cb3a2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:5c:8e:46:2e:3f:41:d1:2d:7e:a1:0c:45:41:
36:f6:ee:a1:70:5d:6c:3b:d7:ad:f1:ed:b7:98:3a:
16:a4:3e:0e:f8:e0:0e:6e:2a:5d:66:c0:92:c4:d2:
90:d1:2b:96:8a:e1:22:dd:a4:7a:2b:94:0d:98:72:
09:91:c6:0d:21:23:e2:a4:39:29:0b:06:a4:9f:d4:
45:07:10:50:4b:87:5f:ab:6a:ba:ee:31:21:5e:18:
4b:e8:e6:45:cb:64:a2:94:61:53:ce:1d:0e:4b:b7:
43:57:6b:5f:5a:db:51:dd:8b:ec:ce:f2:14:45:93:
54:8e:42:bf:b5:2f:75:f2:b5:fb:eb:fd:05:3b:46:
e8:23:1d:98:01:98:1b:27:be:57:f3:78:53:d6:f2:
4c:08:b3:42:d0:21:f5:bf:6c:ba:96:df:60:4e:11:
da:42:73:27:85:b8:4f:e1:18:2e:3c:23:de:47:5b:
c7:c6:2e:24:8e:43:b1:d7:cd:bd:2c:6a:a5:92:e5:
fc:c3:94:ce:21:d4:ff:d8:a8:95:cf:91:5f:a4:c2:
36:04:51:1f:71:c9:22:a0:da:59:2e:67:2d:82:8d:
e5:01:48:fd:eb:ba:46:65:d0:9b:17:60:dc:a3:ea:
a7:09:05:28:cc:e7:ba:16:bf:b6:b1:c3:1b:2c:60:
b7:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:B6:24:52:B9:DF:AD:2F:93:3C:AD:7A:2C:DA:48:26:F8:CB:3A:2E
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/ILYkUrnfrS-TPK16LNpIJvjLOi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.20.0/24
89.251.23.0/24
109.122.45.0/24
Signature Algorithm: sha256WithRSAEncryption
93:b0:d7:8c:ab:23:b5:5c:70:47:d4:c4:62:9a:c7:fd:ed:2f:
a2:96:a0:46:fc:54:e6:b5:7d:fb:65:89:fc:e0:c8:30:ea:e9:
46:b1:ba:27:7c:93:d4:ca:24:fb:96:ec:6b:5b:23:87:43:f9:
d3:c1:34:ab:5c:f0:33:21:ac:7f:ca:d8:89:fd:0a:cb:59:3f:
70:5b:0c:d3:3b:6d:2a:39:43:d7:c8:34:18:ff:62:66:7a:0b:
e5:9f:b8:e9:d0:0b:82:df:52:41:87:4e:32:d6:8e:ce:05:fa:
fb:5d:ae:a8:f1:d4:91:bb:d7:45:51:63:86:4a:af:c2:38:6d:
03:31:6e:8a:c3:6c:b5:d3:7e:0d:8d:6f:5c:a0:e9:63:71:a9:
31:e1:da:04:dc:3a:e9:28:83:f2:47:25:72:aa:f8:4c:76:fb:
3b:3c:0d:79:1a:1f:ad:15:a8:0d:16:ab:08:98:40:30:34:dc:
a1:e3:f7:dd:b3:1a:22:76:88:2e:57:54:95:e2:7a:2a:71:52:
8e:85:39:7e:91:06:10:59:3d:aa:b2:25:43:95:9c:e9:5e:91:
fc:af:94:1b:90:9f:11:25:da:36:c1:7a:9e:65:c8:f3:d1:e0:
04:3e:74:a3:ba:a8:7b:ff:18:e1:0b:5b:ed:be:e0:fe:83:81:
ef:1a:3b:d9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYbCbkvemneM+TKrU+mjRYgEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwMzA4MTgxNDEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGI2MjQ1MmI5ZGZhZDJmOTMzY2FkN2EyY2RhNDgyNmY4Y2IzYTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1yORi4/QdEtfqEMRUE29u6hcF1s
O9et8e23mDoWpD4O+OAObipdZsCSxNKQ0SuWiuEi3aR6K5QNmHIJkcYNISPipDkp
Cwakn9RFBxBQS4dfq2q67jEhXhhL6OZFy2SilGFTzh0OS7dDV2tfWttR3YvszvIU
RZNUjkK/tS918rX76/0FO0boIx2YAZgbJ75X83hT1vJMCLNC0CH1v2y6lt9gThHa
QnMnhbhP4RguPCPeR1vHxi4kjkOx1829LGqlkuX8w5TOIdT/2KiVz5FfpMI2BFEf
cckioNpZLmctgo3lAUj967pGZdCbF2Dco+qnCQUozOe6Fr+2scMbLGC3awIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCC2JFK5360vkzyteizaSCb4yzouMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvSUxZa1VybmZyUy1UUEsxNkxOcElKdmpMT2k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWfsUAwQA
WfsXAwQAbXotMA0GCSqGSIb3DQEBCwUAA4IBAQCTsNeMqyO1XHBH1MRimsf97S+i
lqBG/FTmtX37ZYn84Mgw6ulGsbonfJPUyiT7luxrWyOHQ/nTwTSrXPAzIax/ytiJ
/QrLWT9wWwzTO20qOUPXyDQY/2Jmegvln7jp0AuC31JBh04y1o7OBfr7Xa6o8dSR
u9dFUWOGSq/COG0DMW6Kw2y1034NjW9coOljcakx4doE3DrpKIPyRyVyqvhMdvs7
PA15Gh+tFagNFqsImEAwNNyh4/fdsxoidoguV1SV4noqcVKOhTl+kQYQWT2qsiVD
lZzpXpH8r5QbkJ8RJdo2wXqeZcjz0eAEPnSjuqh7/xjhC1vtvuD+g4HvGjvZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org