Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/3hQYn_HHGVDnrLu3JFYKx5z4me0.roa
File: 3hQYn_HHGVDnrLu3JFYKx5z4me0.roa (raw, json)
Hash identifier: yhfryVYhvhjdkU9KjBAcKTy1OBVygVpazLHruQ/BVH8=
Subject key identifier: DE:14:18:9F:F1:C7:19:50:E7:AC:BB:B7:24:56:0A:C7:9C:F8:99:ED
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018EFC804686C3CE32B0912A07BBCF7D7F06
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/3hQYn_HHGVDnrLu3JFYKx5z4me0.roa
Signing time: Sat 20 Apr 2024 17:14:08 +0000
ROA not before: Sat 20 Apr 2024 17:14:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
Validation: Failed, certificate revoked on Sat 20 Apr 2024 18:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:fc:80:46:86:c3:ce:32:b0:91:2a:07:bb:cf:7d:7f:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 20 17:14:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de14189ff1c71950e7acbbb724560ac79cf899ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b8:57:ba:6e:2f:0e:f3:f5:dd:43:61:bc:d4:
cf:b3:52:a8:88:96:57:ea:5d:f9:cd:33:ef:60:f8:
a5:72:cf:08:30:57:41:42:b2:72:4a:13:87:94:e3:
12:83:78:70:22:09:a9:58:73:77:aa:2c:7e:f7:35:
88:45:41:58:cd:c3:98:b7:ad:e8:0a:52:41:fc:01:
15:e9:52:e3:fe:59:a4:37:09:dd:e9:d6:ce:2b:27:
1a:dd:fd:06:91:b2:fe:8b:5a:4c:df:67:12:7d:86:
46:03:1b:87:0d:d3:b3:a8:12:fa:a5:94:10:45:3d:
f1:21:b6:66:ce:44:26:b4:ea:5c:9b:33:10:a8:a3:
e2:99:53:7f:0b:7a:96:78:f3:1d:d3:46:ad:59:76:
98:77:7f:4d:97:03:9b:04:cf:05:d5:60:e0:0f:7f:
84:5c:b0:d5:07:f7:42:b5:68:77:5f:bd:62:6f:0b:
2a:6a:07:e1:ab:38:1b:5d:7e:39:26:ef:d4:5e:11:
a1:9c:84:43:95:c3:42:93:f1:d6:fd:7d:ea:c2:aa:
50:35:eb:fe:80:7a:6d:bc:ab:b7:8c:e3:8d:a9:b8:
c0:71:95:dc:3b:20:8f:20:7a:31:f9:7d:b1:ee:34:
8a:2b:de:bd:e8:40:7a:f8:58:21:1e:a8:5e:11:ef:
52:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:14:18:9F:F1:C7:19:50:E7:AC:BB:B7:24:56:0A:C7:9C:F8:99:ED
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/3hQYn_HHGVDnrLu3JFYKx5z4me0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
Signature Algorithm: sha256WithRSAEncryption
2b:ed:71:c9:72:f6:e7:de:17:e0:aa:00:84:c6:ae:00:2b:db:
55:fc:7d:8d:93:2f:28:b4:67:8d:09:c8:35:ad:f9:86:60:c8:
d0:3c:93:d3:46:41:3c:db:a1:d0:56:bf:83:ea:89:1b:d7:81:
d8:59:4d:de:58:23:7e:17:21:48:dc:b9:fd:60:54:3a:47:ab:
2d:93:bc:49:21:d4:5e:d6:c6:2e:e9:f5:53:5f:8b:13:ea:10:
98:0d:db:d5:d5:dd:3d:c7:d4:a5:b9:28:f9:b5:80:7f:10:c7:
48:79:02:e5:ab:d2:ff:1c:f3:0f:87:15:18:13:fc:38:eb:c6:
a9:70:9e:1f:7a:27:79:d8:7b:8a:02:b1:42:f8:32:bc:62:8f:
57:9c:d7:b2:d6:bc:f1:5b:2d:c5:e3:bc:c7:7d:5e:ea:ec:1e:
b2:ca:4c:3a:5b:a9:80:11:69:27:cf:ef:04:f0:75:91:dc:4e:
1c:6a:fe:6f:63:ae:50:d3:42:46:95:9b:bb:ef:7c:43:66:53:
d2:98:78:15:95:05:2b:56:0f:b9:a6:b8:aa:bf:26:e2:f7:10:
4b:3c:b4:a4:1d:e3:a1:9b:13:d0:5c:79:62:be:ad:8f:2a:0f:
e1:01:ca:99:f0:79:21:26:08:cf:2f:dc:67:ce:25:14:e2:33:
dc:2b:1e:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY78gEaGw84ysJEqB7vPfX8GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDIwMTcxNDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTE0MTg5ZmYxYzcxOTUwZTdhY2JiYjcyNDU2MGFjNzljZjg5OWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7hXum4vDvP13UNhvNTPs1KoiJZX
6l35zTPvYPilcs8IMFdBQrJyShOHlOMSg3hwIgmpWHN3qix+9zWIRUFYzcOYt63o
ClJB/AEV6VLj/lmkNwnd6dbOKyca3f0GkbL+i1pM32cSfYZGAxuHDdOzqBL6pZQQ
RT3xIbZmzkQmtOpcmzMQqKPimVN/C3qWePMd00atWXaYd39NlwObBM8F1WDgD3+E
XLDVB/dCtWh3X71ibwsqagfhqzgbXX45Ju/UXhGhnIRDlcNCk/HW/X3qwqpQNev+
gHptvKu3jOONqbjAcZXcOyCPIHox+X2x7jSKK9696EB6+FghHqheEe9SAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN4UGJ/xxxlQ56y7tyRWCsec+JntMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvM2hRWW5fSEhHVkRuckx1M0pGWUt4NXo0bWUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwQAYMA0G
CSqGSIb3DQEBCwUAA4IBAQAr7XHJcvbn3hfgqgCExq4AK9tV/H2Nky8otGeNCcg1
rfmGYMjQPJPTRkE826HQVr+D6okb14HYWU3eWCN+FyFI3Ln9YFQ6R6stk7xJIdRe
1sYu6fVTX4sT6hCYDdvV1d09x9SluSj5tYB/EMdIeQLlq9L/HPMPhxUYE/w468ap
cJ4feid52HuKArFC+DK8Yo9XnNey1rzxWy3F47zHfV7q7B6yykw6W6mAEWknz+8E
8HWR3E4cav5vY65Q00JGlZu773xDZlPSmHgVlQUrVg+5priqvybi9xBLPLSkHeOh
mxPQXHlivq2PKg/hAcqZ8HkhJgjPL9xnziUU4jPcKx5G
-----END CERTIFICATE-----
Generated at Sun Apr 21 00:35:22 2024 by rpki-client on console.sobornost.net