Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/e13a01-c00b-4956-ab3a-309a4970bbfd/1/2-bNiAy4FEa4wzkTqF8qMckMdYE.roa
File: 2-bNiAy4FEa4wzkTqF8qMckMdYE.roa (raw, json)
Hash identifier: kcLNiCgPP/7FWOIFcrBDbKEYCcBOkyiYPfPpGO5GqQ8=
Subject key identifier: DB:E6:CD:88:0C:B8:14:46:B8:C3:39:13:A8:5F:2A:31:C9:0C:75:81
Certificate issuer: /CN=20f5307242fe3c95327b3220a1da5bffd12524fe
Certificate serial: 01856EAFA6684EE8366A58F439AFFF9EE3A9
Authority key identifier: 20:F5:30:72:42:FE:3C:95:32:7B:32:20:A1:DA:5B:FF:D1:25:24:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IPUwckL-PJUyezIgodpb_9ElJP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/e13a01-c00b-4956-ab3a-309a4970bbfd/1/2-bNiAy4FEa4wzkTqF8qMckMdYE.roa
Signing time: Sun 01 Jan 2023 18:54:42 +0000
ROA not before: Sun 01 Jan 2023 18:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202446
IP address blocks: 194.33.20.0/22 maxlen: 22
194.33.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:31:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:a6:68:4e:e8:36:6a:58:f4:39:af:ff:9e:e3:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20f5307242fe3c95327b3220a1da5bffd12524fe
Validity
Not Before: Jan 1 18:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dbe6cd880cb81446b8c33913a85f2a31c90c7581
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:8a:5c:6f:4d:ec:f0:31:c0:d9:e8:ff:64:09:
27:b2:55:95:90:f3:8a:e5:12:b6:8d:16:cc:af:f0:
e7:7d:67:78:5a:2f:12:ba:45:e9:70:eb:66:8f:a6:
a1:03:7b:02:72:d2:91:03:22:89:12:45:28:fc:51:
5f:1f:bb:cf:0e:d0:47:f5:a0:c5:cd:f3:50:f3:66:
43:32:91:fa:ce:cc:e9:5e:b3:ed:da:51:89:f2:08:
e1:59:f9:41:ac:6c:05:ce:93:e8:22:b3:8d:72:2e:
79:7b:f8:4a:fe:85:4d:f2:bc:9a:8a:72:86:1b:fc:
c2:2e:ce:76:4a:98:38:c2:25:68:4c:02:00:cb:01:
83:0b:78:2f:61:73:54:01:7c:56:ce:60:4e:31:05:
f7:e0:d0:e9:94:db:33:0c:2b:75:75:81:3c:9c:d0:
9d:44:74:35:b9:b1:30:2f:59:84:a5:93:8b:da:88:
ae:fd:ad:ed:17:00:68:af:d1:19:2c:72:e9:09:58:
44:7f:6c:c1:3d:38:17:ec:f8:a6:70:b0:90:d6:97:
88:f4:35:47:b0:b9:36:eb:ee:b6:e9:b3:78:af:fa:
a1:eb:a3:ee:66:69:bc:a8:b4:62:c2:bd:bc:a6:15:
b2:31:2b:01:e0:45:ae:41:dd:93:c8:a3:8c:28:9e:
68:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:E6:CD:88:0C:B8:14:46:B8:C3:39:13:A8:5F:2A:31:C9:0C:75:81
X509v3 Authority Key Identifier:
keyid:20:F5:30:72:42:FE:3C:95:32:7B:32:20:A1:DA:5B:FF:D1:25:24:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IPUwckL-PJUyezIgodpb_9ElJP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/e13a01-c00b-4956-ab3a-309a4970bbfd/1/2-bNiAy4FEa4wzkTqF8qMckMdYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/e13a01-c00b-4956-ab3a-309a4970bbfd/1/IPUwckL-PJUyezIgodpb_9ElJP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.33.20.0/22
Signature Algorithm: sha256WithRSAEncryption
96:53:c3:67:d3:41:a8:9c:89:ed:2a:cd:e6:44:f0:f7:fc:15:
80:74:13:70:af:d7:3e:fa:66:14:63:0f:ef:b0:33:c5:96:4a:
70:22:be:b2:c9:d4:ed:ba:f1:05:2c:f0:27:af:d8:80:09:56:
df:07:45:d5:3c:45:f1:a3:c1:52:6d:30:84:71:ce:37:46:0d:
fc:34:e1:72:3a:d1:57:97:f8:b1:10:4f:8c:f3:12:d6:82:b0:
ec:a1:65:ad:56:89:46:74:8c:91:a6:cc:1f:a0:ad:ba:0c:f1:
4d:4c:88:96:1c:99:47:29:3e:16:92:8f:9f:e0:df:f7:3f:f5:
16:55:aa:e4:0d:15:d2:a6:c2:1a:ac:c9:01:49:ce:d4:d3:1a:
c1:96:7f:ff:9d:a9:f8:2f:b2:38:81:5f:f9:f6:f2:be:18:31:
70:f1:a7:44:48:93:ef:1a:54:fb:5d:ab:c9:b6:ba:41:3b:c9:
e6:cf:9c:91:2b:ca:05:e0:c2:56:18:da:ba:36:2a:c6:76:75:
56:32:fb:aa:0d:22:1d:75:cd:3d:a5:34:b0:82:65:40:4d:41:
25:17:51:dc:94:f7:47:8c:91:a4:47:3a:16:58:5d:b5:f3:d3:
e0:cc:c8:13:77:c8:ba:cb:04:b8:7d:98:91:e3:9a:0f:ca:f7:
67:e3:d4:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVur6ZoTug2alj0Oa//nuOpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZjUzMDcyNDJmZTNjOTUzMjdiMzIyMGExZGE1YmZmZDEy
NTI0ZmUwHhcNMjMwMTAxMTg1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmU2Y2Q4ODBjYjgxNDQ2YjhjMzM5MTNhODVmMmEzMWM5MGM3NTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4pcb03s8DHA2ej/ZAknslWVkPOK
5RK2jRbMr/DnfWd4Wi8SukXpcOtmj6ahA3sCctKRAyKJEkUo/FFfH7vPDtBH9aDF
zfNQ82ZDMpH6zszpXrPt2lGJ8gjhWflBrGwFzpPoIrONci55e/hK/oVN8ryainKG
G/zCLs52Spg4wiVoTAIAywGDC3gvYXNUAXxWzmBOMQX34NDplNszDCt1dYE8nNCd
RHQ1ubEwL1mEpZOL2oiu/a3tFwBor9EZLHLpCVhEf2zBPTgX7PimcLCQ1peI9DVH
sLk26+626bN4r/qh66PuZmm8qLRiwr28phWyMSsB4EWuQd2TyKOMKJ5oowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNvmzYgMuBRGuMM5E6hfKjHJDHWBMB8GA1UdIwQY
MBaAFCD1MHJC/jyVMnsyIKHaW//RJST+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVBVd2NrTC1QSlV5ZXpJZ29kcGJfOUVsSlA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9lMTNhMDEtYzAwYi00OTU2LWFiM2Et
MzA5YTQ5NzBiYmZkLzEvMi1iTmlBeTRGRWE0d3prVHFGOHFNY2tNZFlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9lMTNhMDEtYzAwYi00OTU2LWFiM2EtMzA5YTQ5NzBiYmZk
LzEvSVBVd2NrTC1QSlV5ZXpJZ29kcGJfOUVsSlA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwiEUMA0G
CSqGSIb3DQEBCwUAA4IBAQCWU8Nn00GonIntKs3mRPD3/BWAdBNwr9c++mYUYw/v
sDPFlkpwIr6yydTtuvEFLPAnr9iACVbfB0XVPEXxo8FSbTCEcc43Rg38NOFyOtFX
l/ixEE+M8xLWgrDsoWWtVolGdIyRpswfoK26DPFNTIiWHJlHKT4Wko+f4N/3P/UW
VarkDRXSpsIarMkBSc7U0xrBln//nan4L7I4gV/59vK+GDFw8adESJPvGlT7XavJ
trpBO8nmz5yRK8oF4MJWGNq6NirGdnVWMvuqDSIddc09pTSwgmVATUElF1HclPdH
jJGkRzoWWF2189PgzMgTd8i6ywS4fZiR45oPyvdn49ST
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:14 2024 by rpki-client on console-fra.rpki-client.org