Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/ff00c4-b728-44a0-962d-973db9ce68b5/1/IKO2GaaHtQqLhvPo3mgszrCsxds.roa
File: IKO2GaaHtQqLhvPo3mgszrCsxds.roa (raw, json)
Hash identifier: 1EyYdn+ePKbH6fw2d5FDEjbtNoLp+Pi1CUWu/7/NZBM=
Subject key identifier: 20:A3:B6:19:A6:87:B5:0A:8B:86:F3:E8:DE:68:2C:CE:B0:AC:C5:DB
Certificate issuer: /CN=32c2be483ff27bb8f0dc09ce0f71f2a88eaf7e07
Certificate serial: 0188E2F07DD0A9056F5D5D397FF0AF30BF65
Authority key identifier: 32:C2:BE:48:3F:F2:7B:B8:F0:DC:09:CE:0F:71:F2:A8:8E:AF:7E:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MsK-SD_ye7jw3AnOD3HyqI6vfgc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/ff00c4-b728-44a0-962d-973db9ce68b5/1/IKO2GaaHtQqLhvPo3mgszrCsxds.roa
Signing time: Thu 22 Jun 2023 11:49:51 +0000
ROA not before: Thu 22 Jun 2023 11:49:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51941
IP address blocks: 185.128.252.0/22 maxlen: 22
185.128.255.0/24 maxlen: 24
46.183.76.0/23 maxlen: 23
46.183.72.0/23 maxlen: 23
46.183.72.0/21 maxlen: 21
46.183.78.0/24 maxlen: 24
46.183.74.0/23 maxlen: 23
2a02:2380::/32 maxlen: 32
2a02:2380:ff00::/48 maxlen: 48
2a02:2380:4::/48 maxlen: 48
2a02:2380:2::/48 maxlen: 48
2a02:2380:3::/48 maxlen: 48
2a02:2380:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e2:f0:7d:d0:a9:05:6f:5d:5d:39:7f:f0:af:30:bf:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32c2be483ff27bb8f0dc09ce0f71f2a88eaf7e07
Validity
Not Before: Jun 22 11:49:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20a3b619a687b50a8b86f3e8de682cceb0acc5db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c8:89:4b:34:34:ca:21:41:ad:2f:e2:55:61:
b0:0b:7a:76:78:27:d5:45:4f:77:32:07:1c:43:a2:
77:25:33:41:f1:69:97:c3:cb:e1:90:96:94:c9:3c:
37:a0:85:6d:80:64:c5:ab:cb:dd:93:72:4c:bf:b9:
bc:b7:37:fc:6c:ce:ee:3e:5e:3c:4b:fb:5f:67:15:
cc:42:4b:a4:a8:87:a6:6d:79:84:f0:f9:c6:39:2f:
d9:5f:48:c9:d1:26:f3:73:f1:1c:5d:60:76:22:51:
f2:88:9e:12:3c:ac:7d:de:7a:80:5e:01:36:a1:80:
07:a1:ad:e3:69:fc:e9:d1:d2:80:a8:19:84:60:24:
20:28:5f:1e:b5:5b:a1:3e:2c:1b:c4:4f:5b:00:74:
e0:aa:a1:e1:f4:9a:68:00:f3:c8:eb:64:02:5a:f0:
57:d0:35:bf:c9:cf:44:ed:09:43:cd:cf:4f:45:e0:
cd:09:52:c8:bc:3f:b2:28:29:6f:02:74:b7:db:c1:
8b:8a:2e:71:b4:f1:67:9f:cb:55:33:ad:42:5f:e8:
77:a2:61:ea:57:24:19:81:9e:93:69:16:de:4b:22:
34:cd:ba:c0:ed:e8:67:37:19:9a:c0:8a:62:c8:40:
5d:62:0a:ed:57:04:51:8f:e6:d9:6b:cd:99:ef:9f:
19:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:A3:B6:19:A6:87:B5:0A:8B:86:F3:E8:DE:68:2C:CE:B0:AC:C5:DB
X509v3 Authority Key Identifier:
keyid:32:C2:BE:48:3F:F2:7B:B8:F0:DC:09:CE:0F:71:F2:A8:8E:AF:7E:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MsK-SD_ye7jw3AnOD3HyqI6vfgc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/ff00c4-b728-44a0-962d-973db9ce68b5/1/IKO2GaaHtQqLhvPo3mgszrCsxds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/ff00c4-b728-44a0-962d-973db9ce68b5/1/MsK-SD_ye7jw3AnOD3HyqI6vfgc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.183.72.0/21
185.128.252.0/22
IPv6:
2a02:2380::/32
Signature Algorithm: sha256WithRSAEncryption
46:39:96:41:98:ba:33:7a:b9:bb:72:cb:0e:0e:12:cf:7e:c4:
bb:58:a4:2d:b9:11:85:53:74:00:02:a3:10:38:a7:89:53:9a:
f8:0b:1c:af:46:97:b7:51:bf:da:a5:58:9f:9c:e8:39:f5:99:
b2:c6:46:b6:48:15:f0:7e:3e:5b:59:ee:6d:25:b3:a9:61:fb:
ce:25:2e:75:d5:1c:32:50:15:4d:0d:f6:e9:63:4b:f9:07:77:
83:ad:35:ad:60:c2:ce:6e:52:b6:9a:25:b9:71:4f:a3:9d:08:
31:19:0c:a1:09:11:1e:0d:2f:78:3b:f8:d1:af:b0:78:f1:66:
72:12:10:bc:de:be:76:5e:f3:21:51:1c:47:65:ed:80:44:f6:
cc:c5:fd:d4:1b:5d:74:07:e7:fa:66:91:a6:4c:f4:b2:2d:a6:
3e:f7:81:9f:a9:af:ba:de:ad:ce:dd:b6:d0:5c:da:aa:3d:92:
eb:e3:99:ac:dc:c6:af:d0:da:b3:b6:5f:c7:94:73:f9:c7:6f:
77:a2:19:a5:0b:56:b5:07:dc:2b:05:c4:db:ce:ac:25:74:a7:
14:9e:ca:b4:fd:d8:9e:54:e7:9c:2e:1d:43:e4:2c:12:37:cc:
72:e7:ed:20:aa:6b:d1:53:43:13:a1:b6:31:c9:36:10:2b:92:
b6:1f:a5:d3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYji8H3QqQVvXV05f/CvML9lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyYzJiZTQ4M2ZmMjdiYjhmMGRjMDljZTBmNzFmMmE4OGVh
ZjdlMDcwHhcNMjMwNjIyMTE0OTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGEzYjYxOWE2ODdiNTBhOGI4NmYzZThkZTY4MmNjZWIwYWNjNWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqciJSzQ0yiFBrS/iVWGwC3p2eCfV
RU93MgccQ6J3JTNB8WmXw8vhkJaUyTw3oIVtgGTFq8vdk3JMv7m8tzf8bM7uPl48
S/tfZxXMQkukqIembXmE8PnGOS/ZX0jJ0Sbzc/EcXWB2IlHyiJ4SPKx93nqAXgE2
oYAHoa3jafzp0dKAqBmEYCQgKF8etVuhPiwbxE9bAHTgqqHh9JpoAPPI62QCWvBX
0DW/yc9E7QlDzc9PReDNCVLIvD+yKClvAnS328GLii5xtPFnn8tVM61CX+h3omHq
VyQZgZ6TaRbeSyI0zbrA7ehnNxmawIpiyEBdYgrtVwRRj+bZa82Z758Z5QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCCjthmmh7UKi4bz6N5oLM6wrMXbMB8GA1UdIwQY
MBaAFDLCvkg/8nu48NwJzg9x8qiOr34HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXNLLVNEX3llN2p3M0FuT0QzSHlxSTZ2ZmdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9mZjAwYzQtYjcyOC00NGEwLTk2MmQt
OTczZGI5Y2U2OGI1LzEvSUtPMkdhYUh0UXFMaHZQbzNtZ3N6ckNzeGRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9mZjAwYzQtYjcyOC00NGEwLTk2MmQtOTczZGI5Y2U2OGI1
LzEvTXNLLVNEX3llN2p3M0FuT0QzSHlxSTZ2ZmdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDLrdIAwQC
uYD8MA0EAgACMAcDBQAqAiOAMA0GCSqGSIb3DQEBCwUAA4IBAQBGOZZBmLozerm7
cssODhLPfsS7WKQtuRGFU3QAAqMQOKeJU5r4CxyvRpe3Ub/apVifnOg59Zmyxka2
SBXwfj5bWe5tJbOpYfvOJS511RwyUBVNDfbpY0v5B3eDrTWtYMLOblK2miW5cU+j
nQgxGQyhCREeDS94O/jRr7B48WZyEhC83r52XvMhURxHZe2ARPbMxf3UG110B+f6
ZpGmTPSyLaY+94Gfqa+63q3O3bbQXNqqPZLr45ms3Mav0Nqztl/HlHP5x293ohml
C1a1B9wrBcTbzqwldKcUnsq0/dieVOecLh1D5CwSN8xy5+0gqmvRU0MTobYxyTYQ
K5K2H6XT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:09 2024 by rpki-client on console-ams.rpki-client.org