Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/tkPNX52eVvjZ6xQcp6IpQsiDHYY.roa
File: tkPNX52eVvjZ6xQcp6IpQsiDHYY.roa (raw, json)
Hash identifier: 4sIpqeHHyTXX9ZSPxsrtwljE2aEjYczZMOSU64bQszc=
Subject key identifier: B6:43:CD:5F:9D:9E:56:F8:D9:EB:14:1C:A7:A2:29:42:C8:83:1D:86
Certificate issuer: /CN=de456cdb4d140345c3dcaebfc7634d4e7cdcb913
Certificate serial: 01856F0252AC149C41D7500F2BCD67B41F8D
Authority key identifier: DE:45:6C:DB:4D:14:03:45:C3:DC:AE:BF:C7:63:4D:4E:7C:DC:B9:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3kVs200UA0XD3K6_x2NNTnzcuRM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/tkPNX52eVvjZ6xQcp6IpQsiDHYY.roa
Signing time: Sun 01 Jan 2023 20:25:01 +0000
ROA not before: Sun 01 Jan 2023 20:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204561
IP address blocks: 128.127.182.0/24 maxlen: 24
185.192.44.0/24 maxlen: 24
2a05:8a40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 11 Jan 2023 10:33:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:52:ac:14:9c:41:d7:50:0f:2b:cd:67:b4:1f:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de456cdb4d140345c3dcaebfc7634d4e7cdcb913
Validity
Not Before: Jan 1 20:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b643cd5f9d9e56f8d9eb141ca7a22942c8831d86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:27:72:a2:6d:8f:d5:97:09:e6:d3:ab:46:13:
ec:b3:37:28:f9:27:da:71:21:4e:d8:41:78:be:43:
e4:43:61:a5:20:bf:f7:e3:cb:ba:89:49:85:52:f3:
4a:26:e7:4c:48:13:cd:1b:4c:f6:cc:2d:ed:6a:6f:
98:7e:95:73:79:47:e8:bc:94:41:cd:e9:50:e3:fd:
e5:4f:d6:7f:cc:e0:fb:a9:1e:16:fe:4c:1d:72:a5:
37:ab:f7:3a:72:87:91:f6:3f:3d:96:38:e1:f8:e0:
fc:4a:65:c3:67:64:f3:30:ec:27:44:46:df:cf:91:
0a:c1:7c:ca:4e:4d:9c:7f:d3:1f:9e:b0:f4:19:4a:
95:5b:68:6d:34:17:47:25:da:9c:6f:22:f9:17:10:
cd:1c:c5:f2:65:99:92:0b:46:fb:92:00:18:84:05:
7f:b0:a3:80:d1:62:f7:d9:0c:4d:c0:58:b4:9d:c0:
58:03:f6:b0:3f:46:9a:82:57:bd:c4:09:82:cb:98:
94:93:c3:7f:af:95:c1:75:4a:6e:ee:70:9d:fb:af:
d9:aa:bc:8c:90:83:d2:67:ec:7d:32:27:de:19:87:
ab:00:41:45:2a:c8:eb:84:61:6a:56:00:95:99:66:
d0:fe:0b:fa:05:a0:e9:7a:6c:1a:45:ba:ec:f3:e1:
54:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:43:CD:5F:9D:9E:56:F8:D9:EB:14:1C:A7:A2:29:42:C8:83:1D:86
X509v3 Authority Key Identifier:
keyid:DE:45:6C:DB:4D:14:03:45:C3:DC:AE:BF:C7:63:4D:4E:7C:DC:B9:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3kVs200UA0XD3K6_x2NNTnzcuRM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/tkPNX52eVvjZ6xQcp6IpQsiDHYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/3kVs200UA0XD3K6_x2NNTnzcuRM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.127.182.0/24
185.192.44.0/24
IPv6:
2a05:8a40::/29
Signature Algorithm: sha256WithRSAEncryption
92:9d:fb:8b:0e:78:63:95:6b:78:d8:1b:20:61:98:df:7c:50:
35:50:af:0b:ee:c1:d8:a9:98:5e:86:1b:2e:44:2c:6c:2b:d8:
f7:1a:7f:8e:ac:fe:ac:f1:c7:c5:0d:65:2f:98:8c:6a:c0:25:
e1:b5:48:87:63:f1:88:00:06:7c:09:b3:49:51:46:48:6c:11:
a7:2a:59:70:bc:65:c3:42:73:48:ed:45:da:91:38:da:47:79:
8d:61:73:a5:83:57:99:29:0d:8d:aa:95:8e:f3:5b:29:3d:9a:
6b:59:f7:56:5a:e1:c6:84:ac:30:fe:0a:03:3e:05:68:75:6d:
1b:4a:0d:d9:ef:0f:e6:b5:88:d4:81:68:f7:e3:0d:55:04:89:
69:6c:20:95:0a:9a:f6:c1:da:83:d2:cc:2f:44:7a:6b:1b:39:
c5:0b:4f:8e:30:c6:e9:f2:d3:ae:8d:5f:5f:07:a7:6a:0a:40:
41:eb:77:da:51:14:90:92:69:67:2c:70:02:6b:1d:cd:e2:e4:
43:aa:b0:fc:55:84:bb:3f:04:a2:7d:ec:c3:7f:c5:f3:19:fb:
76:68:0f:0d:22:38:27:14:11:2f:da:b6:d8:80:64:72:93:d8:
99:72:b0:d2:6a:10:73:cc:c5:6f:d5:77:b5:b2:88:85:0e:e5:
8f:87:ea:c3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvAlKsFJxB11APK81ntB+NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNDU2Y2RiNGQxNDAzNDVjM2RjYWViZmM3NjM0ZDRlN2Nk
Y2I5MTMwHhcNMjMwMTAxMjAyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjQzY2Q1ZjlkOWU1NmY4ZDllYjE0MWNhN2EyMjk0MmM4ODMxZDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlidyom2P1ZcJ5tOrRhPsszco+Sfa
cSFO2EF4vkPkQ2GlIL/348u6iUmFUvNKJudMSBPNG0z2zC3tam+YfpVzeUfovJRB
zelQ4/3lT9Z/zOD7qR4W/kwdcqU3q/c6coeR9j89ljjh+OD8SmXDZ2TzMOwnREbf
z5EKwXzKTk2cf9MfnrD0GUqVW2htNBdHJdqcbyL5FxDNHMXyZZmSC0b7kgAYhAV/
sKOA0WL32QxNwFi0ncBYA/awP0aagle9xAmCy5iUk8N/r5XBdUpu7nCd+6/ZqryM
kIPSZ+x9MifeGYerAEFFKsjrhGFqVgCVmWbQ/gv6BaDpemwaRbrs8+FU+wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLZDzV+dnlb42esUHKeiKULIgx2GMB8GA1UdIwQY
MBaAFN5FbNtNFANFw9yuv8djTU583LkTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tWczIwMFVBMFhEM0s2X3gyTk5UbnpjdVJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8yMGNiMzMtZTJiZi00NmFhLWFiZmEt
OTI4ZTdiYzY5NTcwLzEvdGtQTlg1MmVWdmpaNnhRY3A2SXBRc2lESFlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8yMGNiMzMtZTJiZi00NmFhLWFiZmEtOTI4ZTdiYzY5NTcw
LzEvM2tWczIwMFVBMFhEM0s2X3gyTk5UbnpjdVJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAgH+2AwQA
ucAsMA0EAgACMAcDBQMqBYpAMA0GCSqGSIb3DQEBCwUAA4IBAQCSnfuLDnhjlWt4
2BsgYZjffFA1UK8L7sHYqZhehhsuRCxsK9j3Gn+OrP6s8cfFDWUvmIxqwCXhtUiH
Y/GIAAZ8CbNJUUZIbBGnKllwvGXDQnNI7UXakTjaR3mNYXOlg1eZKQ2NqpWO81sp
PZprWfdWWuHGhKww/goDPgVodW0bSg3Z7w/mtYjUgWj34w1VBIlpbCCVCpr2wdqD
0swvRHprGznFC0+OMMbp8tOujV9fB6dqCkBB63faURSQkmlnLHACax3N4uRDqrD8
VYS7PwSifezDf8XzGft2aA8NIjgnFBEv2rbYgGRyk9iZcrDSahBzzMVv1Xe1soiF
DuWPh+rD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:17 2024 by rpki-client on console-fra.rpki-client.org