Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/e13a01-c00b-4956-ab3a-309a4970bbfd/1/krTYorihimIVZcYiItnvwbV1V6k.roa
File: krTYorihimIVZcYiItnvwbV1V6k.roa (raw, json)
Hash identifier: Tf2JQTNaBzOSfSGIDy7VTW3E49n1va01M0IGP0VgYoc=
Subject key identifier: 92:B4:D8:A2:B8:A1:8A:62:15:65:C6:22:22:D9:EF:C1:B5:75:57:A9
Certificate issuer: /CN=20f5307242fe3c95327b3220a1da5bffd12524fe
Certificate serial: 018CC87117C48E6180752B0B9781039BEBCE
Authority key identifier: 20:F5:30:72:42:FE:3C:95:32:7B:32:20:A1:DA:5B:FF:D1:25:24:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IPUwckL-PJUyezIgodpb_9ElJP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/e13a01-c00b-4956-ab3a-309a4970bbfd/1/krTYorihimIVZcYiItnvwbV1V6k.roa
Signing time: Tue 02 Jan 2024 04:31:43 +0000
ROA not before: Tue 02 Jan 2024 04:31:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202446
IP address blocks: 194.33.20.0/22 maxlen: 22
194.33.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Jan 2024 05:11:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:17:c4:8e:61:80:75:2b:0b:97:81:03:9b:eb:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20f5307242fe3c95327b3220a1da5bffd12524fe
Validity
Not Before: Jan 2 04:31:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92b4d8a2b8a18a621565c62222d9efc1b57557a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:7c:8d:97:a2:a9:f2:0f:a5:21:42:2c:f6:ca:
68:9b:04:ca:a3:aa:e0:f9:8c:9b:f5:e6:15:40:7a:
d1:73:ce:d8:6c:11:1c:f8:0d:3f:44:54:7f:07:fe:
34:5e:86:38:9a:0d:17:f5:f4:f6:d5:68:a5:12:3a:
2d:9b:94:ba:86:a1:06:bc:e7:e8:8e:9a:96:9a:70:
a4:2e:a1:e6:26:7e:ca:5a:db:2c:20:82:85:4e:12:
57:ed:02:51:bd:5a:3e:5a:68:aa:0a:26:70:ce:85:
b5:8b:5a:42:3d:c8:1d:23:8f:0c:8a:34:af:0f:1d:
02:09:4a:aa:94:e5:51:da:97:96:22:54:3d:49:6b:
4d:86:fc:83:2c:7a:f3:d5:53:f0:83:fd:87:c5:22:
12:b4:43:a3:98:a7:68:89:07:6a:a3:e7:37:a1:d2:
a2:79:4f:fe:dd:a0:7e:96:94:8e:83:50:ba:b6:a0:
ec:bf:2d:97:3a:8f:39:17:35:5f:8b:ab:19:4d:ad:
ee:4b:09:49:af:84:92:3c:8d:b1:b0:38:b9:8c:da:
12:5f:40:31:3f:b3:f2:ea:ed:c2:08:38:ab:be:96:
b6:b9:f2:45:9a:b3:70:cf:bd:87:53:cb:2c:5b:35:
08:f2:68:e5:44:54:5d:1c:fd:82:5e:72:4e:91:d8:
1e:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:B4:D8:A2:B8:A1:8A:62:15:65:C6:22:22:D9:EF:C1:B5:75:57:A9
X509v3 Authority Key Identifier:
keyid:20:F5:30:72:42:FE:3C:95:32:7B:32:20:A1:DA:5B:FF:D1:25:24:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IPUwckL-PJUyezIgodpb_9ElJP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/e13a01-c00b-4956-ab3a-309a4970bbfd/1/krTYorihimIVZcYiItnvwbV1V6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/e13a01-c00b-4956-ab3a-309a4970bbfd/1/IPUwckL-PJUyezIgodpb_9ElJP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.33.20.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:48:0b:60:fc:14:1d:11:d6:7a:2d:30:4d:9b:34:79:9b:d1:
0e:db:39:a4:6b:af:95:42:33:25:5f:79:bf:5a:60:29:93:c0:
a0:31:58:9d:6c:1f:7e:bd:f7:ca:3d:2c:c0:b7:c3:e4:55:f6:
e1:da:38:14:d1:ac:76:57:b3:18:53:6f:d6:98:81:27:92:ed:
ec:28:48:6e:da:4a:ae:75:67:e5:ae:64:9a:3a:3e:1d:27:10:
ab:c8:6a:79:7c:fb:6c:6f:cf:62:8f:37:6f:01:e0:12:ed:6f:
20:7c:4b:69:79:75:ed:cd:00:c8:22:0e:dc:03:06:b5:96:c4:
bd:13:70:34:66:41:47:23:60:30:2f:35:75:2e:ef:9b:95:d1:
ae:48:3d:b2:58:55:fe:02:bc:3a:a0:16:37:2d:0d:b3:de:48:
c8:f5:cc:35:71:c1:cc:d3:a0:ed:28:0c:c9:58:7b:86:f4:79:
56:8b:17:85:f8:9a:b2:93:08:d2:59:64:d8:77:b7:43:f1:93:
b4:f1:6f:68:07:20:fc:17:6b:b0:a6:fc:25:33:d5:fe:e7:75:
c8:58:84:c5:9d:f0:49:03:4e:bc:3d:79:05:65:2b:5e:67:57:
40:4a:e7:b2:d7:b3:33:ed:c7:ea:14:d1:51:17:be:0e:8d:f2:
a6:b4:7b:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcRfEjmGAdSsLl4EDm+vOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZjUzMDcyNDJmZTNjOTUzMjdiMzIyMGExZGE1YmZmZDEy
NTI0ZmUwHhcNMjQwMTAyMDQzMTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmI0ZDhhMmI4YTE4YTYyMTU2NWM2MjIyMmQ5ZWZjMWI1NzU1N2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3yNl6Kp8g+lIUIs9spomwTKo6rg
+Yyb9eYVQHrRc87YbBEc+A0/RFR/B/40XoY4mg0X9fT21WilEjotm5S6hqEGvOfo
jpqWmnCkLqHmJn7KWtssIIKFThJX7QJRvVo+WmiqCiZwzoW1i1pCPcgdI48MijSv
Dx0CCUqqlOVR2peWIlQ9SWtNhvyDLHrz1VPwg/2HxSIStEOjmKdoiQdqo+c3odKi
eU/+3aB+lpSOg1C6tqDsvy2XOo85FzVfi6sZTa3uSwlJr4SSPI2xsDi5jNoSX0Ax
P7Py6u3CCDirvpa2ufJFmrNwz72HU8ssWzUI8mjlRFRdHP2CXnJOkdgeyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJK02KK4oYpiFWXGIiLZ78G1dVepMB8GA1UdIwQY
MBaAFCD1MHJC/jyVMnsyIKHaW//RJST+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVBVd2NrTC1QSlV5ZXpJZ29kcGJfOUVsSlA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9lMTNhMDEtYzAwYi00OTU2LWFiM2Et
MzA5YTQ5NzBiYmZkLzEva3JUWW9yaWhpbUlWWmNZaUl0bnZ3YlYxVjZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9lMTNhMDEtYzAwYi00OTU2LWFiM2EtMzA5YTQ5NzBiYmZk
LzEvSVBVd2NrTC1QSlV5ZXpJZ29kcGJfOUVsSlA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwiEUMA0G
CSqGSIb3DQEBCwUAA4IBAQAaSAtg/BQdEdZ6LTBNmzR5m9EO2zmka6+VQjMlX3m/
WmApk8CgMVidbB9+vffKPSzAt8PkVfbh2jgU0ax2V7MYU2/WmIEnku3sKEhu2kqu
dWflrmSaOj4dJxCryGp5fPtsb89ijzdvAeAS7W8gfEtpeXXtzQDIIg7cAwa1lsS9
E3A0ZkFHI2AwLzV1Lu+bldGuSD2yWFX+Arw6oBY3LQ2z3kjI9cw1ccHM06DtKAzJ
WHuG9HlWixeF+JqykwjSWWTYd7dD8ZO08W9oByD8F2uwpvwlM9X+53XIWITFnfBJ
A068PXkFZSteZ1dASuey17Mz7cfqFNFRF74OjfKmtHud
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:22 2024 by rpki-client on console-ams.rpki-client.org