Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/e13a01-c00b-4956-ab3a-309a4970bbfd/1/zQ6EXVPNfxDIV_oJhZybuuL8rTc.roa
File: zQ6EXVPNfxDIV_oJhZybuuL8rTc.roa (raw, json)
Hash identifier: wLAGDzw0T24ekaIv5gaz+NRr9B9jg7OWdIriTZtINT8=
Subject key identifier: CD:0E:84:5D:53:CD:7F:10:C8:57:FA:09:85:9C:9B:BA:E2:FC:AD:37
Certificate issuer: /CN=20f5307242fe3c95327b3220a1da5bffd12524fe
Certificate serial: 018D10AEB1CF002E8DEA25854BEA0BDE8475
Authority key identifier: 20:F5:30:72:42:FE:3C:95:32:7B:32:20:A1:DA:5B:FF:D1:25:24:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IPUwckL-PJUyezIgodpb_9ElJP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/e13a01-c00b-4956-ab3a-309a4970bbfd/1/zQ6EXVPNfxDIV_oJhZybuuL8rTc.roa
Signing time: Tue 16 Jan 2024 05:11:40 +0000
ROA not before: Tue 16 Jan 2024 05:11:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202446
IP address blocks: 194.33.20.0/22 maxlen: 22
194.33.21.0/24 maxlen: 24
194.33.20.0/24 maxlen: 24
194.33.22.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 26 Jan 2024 12:38:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:10:ae:b1:cf:00:2e:8d:ea:25:85:4b:ea:0b:de:84:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20f5307242fe3c95327b3220a1da5bffd12524fe
Validity
Not Before: Jan 16 05:11:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd0e845d53cd7f10c857fa09859c9bbae2fcad37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:12:a7:8e:ae:80:bc:9a:e2:be:36:4f:25:c3:
c1:dd:fe:a0:af:ed:02:50:8e:46:25:59:fd:e7:a3:
e1:32:26:3f:d6:9f:13:fa:8d:36:6d:ca:22:c8:af:
7f:29:be:01:2f:0c:94:b9:6c:ff:c4:9c:4d:35:98:
1b:df:d1:48:d0:e4:f9:cc:32:f1:0c:7c:b2:5d:25:
3a:54:eb:3c:9c:92:d2:bc:e4:40:21:39:43:1d:58:
fe:47:2a:a6:76:86:59:a5:e6:6e:e1:55:9f:45:08:
68:e1:e6:ea:3a:30:95:7f:b2:21:12:26:7f:93:e9:
fc:d1:84:22:85:fa:49:85:70:cc:b0:bd:5f:0a:f7:
bd:1e:dd:8e:f9:91:d7:6b:ff:1b:74:1a:71:c1:3f:
01:2b:2d:e1:41:35:ca:18:e6:f9:36:84:42:97:fe:
95:47:25:55:fa:d4:f3:e0:97:66:88:ec:d7:5b:3c:
78:78:80:e3:b0:66:25:15:5a:05:59:9c:5c:b9:28:
10:54:90:54:04:33:c4:6a:5d:9d:79:ed:5e:89:74:
04:4e:bc:b9:a2:10:d0:2b:c7:ed:d6:3f:fd:49:25:
9d:08:ff:61:30:f3:ae:ec:77:41:d0:c4:17:2c:bc:
47:3a:6a:ed:69:51:4a:ad:96:28:1e:4f:d7:84:e7:
39:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:0E:84:5D:53:CD:7F:10:C8:57:FA:09:85:9C:9B:BA:E2:FC:AD:37
X509v3 Authority Key Identifier:
keyid:20:F5:30:72:42:FE:3C:95:32:7B:32:20:A1:DA:5B:FF:D1:25:24:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IPUwckL-PJUyezIgodpb_9ElJP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/e13a01-c00b-4956-ab3a-309a4970bbfd/1/zQ6EXVPNfxDIV_oJhZybuuL8rTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/e13a01-c00b-4956-ab3a-309a4970bbfd/1/IPUwckL-PJUyezIgodpb_9ElJP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.33.20.0/22
Signature Algorithm: sha256WithRSAEncryption
46:98:a2:16:f3:61:83:39:9a:e1:59:ea:6c:16:f0:2a:06:b7:
07:c7:a9:84:4d:a1:6f:6a:86:1e:9a:48:62:cf:7d:1f:19:f3:
6e:c8:22:10:d8:81:0c:f6:02:bb:36:72:08:d7:7f:2a:48:c0:
bf:2c:50:b0:dc:2a:75:2f:f5:73:70:b8:20:bf:bd:a6:0e:af:
1d:d1:7e:e5:0c:1e:3f:55:bf:ed:b0:00:80:89:a3:3a:e4:06:
8f:d8:be:1e:1b:18:13:b5:cf:6d:a0:ce:92:8d:a4:84:dd:e2:
ce:9d:da:a4:8c:e6:0e:d0:63:ca:c0:54:e3:81:d2:61:53:42:
a1:9a:06:05:12:da:db:b1:8a:f4:3d:a8:82:cb:fd:93:40:0c:
9a:e9:d6:29:30:bc:89:4a:35:2e:e0:08:a3:6e:fe:c5:46:6f:
f4:6e:81:4a:40:36:7a:7d:a5:90:2c:f1:7e:b8:10:57:85:84:
7b:25:99:83:05:b7:49:af:69:f5:ab:10:c6:e7:c0:8c:a4:90:
b4:cf:9b:6b:5b:ad:c9:ca:f2:d6:e5:d5:87:5a:f2:ea:94:93:
88:a9:1d:14:83:44:42:92:87:4b:5b:fd:7d:b3:fe:87:13:11:
76:f4:54:c2:63:46:2e:76:fb:9c:70:95:54:06:33:fd:cb:cf:
f1:27:5b:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0QrrHPAC6N6iWFS+oL3oR1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZjUzMDcyNDJmZTNjOTUzMjdiMzIyMGExZGE1YmZmZDEy
NTI0ZmUwHhcNMjQwMTE2MDUxMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDBlODQ1ZDUzY2Q3ZjEwYzg1N2ZhMDk4NTljOWJiYWUyZmNhZDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBKnjq6AvJrivjZPJcPB3f6gr+0C
UI5GJVn956PhMiY/1p8T+o02bcoiyK9/Kb4BLwyUuWz/xJxNNZgb39FI0OT5zDLx
DHyyXSU6VOs8nJLSvORAITlDHVj+RyqmdoZZpeZu4VWfRQho4ebqOjCVf7IhEiZ/
k+n80YQihfpJhXDMsL1fCve9Ht2O+ZHXa/8bdBpxwT8BKy3hQTXKGOb5NoRCl/6V
RyVV+tTz4JdmiOzXWzx4eIDjsGYlFVoFWZxcuSgQVJBUBDPEal2dee1eiXQETry5
ohDQK8ft1j/9SSWdCP9hMPOu7HdB0MQXLLxHOmrtaVFKrZYoHk/XhOc5QQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM0OhF1TzX8QyFf6CYWcm7ri/K03MB8GA1UdIwQY
MBaAFCD1MHJC/jyVMnsyIKHaW//RJST+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVBVd2NrTC1QSlV5ZXpJZ29kcGJfOUVsSlA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9lMTNhMDEtYzAwYi00OTU2LWFiM2Et
MzA5YTQ5NzBiYmZkLzEvelE2RVhWUE5meERJVl9vSmhaeWJ1dUw4clRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9lMTNhMDEtYzAwYi00OTU2LWFiM2EtMzA5YTQ5NzBiYmZk
LzEvSVBVd2NrTC1QSlV5ZXpJZ29kcGJfOUVsSlA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwiEUMA0G
CSqGSIb3DQEBCwUAA4IBAQBGmKIW82GDOZrhWepsFvAqBrcHx6mETaFvaoYemkhi
z30fGfNuyCIQ2IEM9gK7NnII138qSMC/LFCw3Cp1L/VzcLggv72mDq8d0X7lDB4/
Vb/tsACAiaM65AaP2L4eGxgTtc9toM6SjaSE3eLOndqkjOYO0GPKwFTjgdJhU0Kh
mgYFEtrbsYr0PaiCy/2TQAya6dYpMLyJSjUu4Aijbv7FRm/0boFKQDZ6faWQLPF+
uBBXhYR7JZmDBbdJr2n1qxDG58CMpJC0z5trW63JyvLW5dWHWvLqlJOIqR0Ug0RC
kodLW/19s/6HExF29FTCY0YudvuccJVUBjP9y8/xJ1uZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:14 2024 by rpki-client on console-fra.rpki-client.org