Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/5ADmhY67DxWNkf58Tc61DfBdYbA.roa
File: 5ADmhY67DxWNkf58Tc61DfBdYbA.roa (raw, json)
Hash identifier: pX+RoZYodHnoFI6MJdsltYnkeUprk2iqk4zHUD9W4rY=
Subject key identifier: E4:00:E6:85:8E:BB:0F:15:8D:91:FE:7C:4D:CE:B5:0D:F0:5D:61:B0
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F938D579AFB87F2DF7C9712A71F7603DB
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/5ADmhY67DxWNkf58Tc61DfBdYbA.roa
Signing time: Mon 20 May 2024 01:11:04 +0000
ROA not before: Mon 20 May 2024 01:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 20 May 2024 02:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:93:8d:57:9a:fb:87:f2:df:7c:97:12:a7:1f:76:03:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 20 01:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e400e6858ebb0f158d91fe7c4dceb50df05d61b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:25:44:78:84:c4:0f:a0:f0:d1:fa:f9:47:6b:
b5:23:a9:07:11:5c:b8:41:d9:10:3d:63:f4:74:0d:
2d:27:8b:77:49:5e:95:fb:b1:22:02:9f:5b:86:dd:
a6:9f:39:8f:fa:d1:56:58:7a:d2:c5:0a:51:0c:8a:
07:6a:3f:e1:c7:ca:17:0c:55:cd:53:a7:62:32:6f:
29:37:f2:ab:a5:d0:df:67:0e:79:6a:92:41:a0:11:
e4:d1:84:d8:e7:80:2a:f7:29:32:c7:4a:ba:f1:94:
2a:27:e7:8b:65:ef:e1:93:16:a2:b6:0b:1a:7e:33:
f8:61:e6:71:b5:f7:42:8a:0e:96:76:48:8b:2b:57:
db:7b:d1:f9:25:52:b9:eb:e1:fc:d3:80:86:dc:9b:
55:ec:11:6e:5e:43:ba:66:e0:10:7e:7e:ff:5b:ac:
69:af:ff:1f:fe:e5:a5:87:ae:a2:73:4f:aa:84:dc:
68:ef:ca:78:69:d2:03:5a:de:60:1e:7e:44:ff:9c:
b9:af:06:f7:5d:9f:c6:27:93:16:b6:4f:8b:6d:80:
30:4a:e7:bf:4f:31:ab:7a:4c:36:de:31:94:5e:02:
bd:25:f0:64:8d:01:c6:f9:86:3b:03:bd:d1:f5:a7:
fe:72:01:96:5f:e7:b7:fa:25:0f:07:4b:25:c5:6e:
73:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:00:E6:85:8E:BB:0F:15:8D:91:FE:7C:4D:CE:B5:0D:F0:5D:61:B0
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/5ADmhY67DxWNkf58Tc61DfBdYbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4c:1e:d4:e1:25:09:39:db:c6:94:77:e4:19:89:e5:00:ac:61:
15:59:56:3c:b2:83:6c:df:f2:21:eb:20:2a:43:8d:0d:de:e2:
95:f5:35:4c:c4:1d:0d:f9:65:3c:65:a3:2a:12:ae:7b:59:e0:
7d:da:5a:d8:5f:5f:6d:ec:44:ff:a9:e4:ba:ba:bd:75:3c:be:
5e:99:79:fb:9c:6b:c9:2c:29:e2:ad:c5:b8:ab:3d:36:13:1e:
8b:30:6a:78:7e:90:49:ce:0b:bc:c6:c2:f0:d4:4d:b7:73:4d:
73:42:64:6a:30:b4:9a:f4:fc:43:a6:0c:d0:38:bb:fe:7e:6c:
22:aa:bf:5c:ca:12:09:c3:ae:a7:4d:fd:1a:ae:e6:62:59:87:
ac:69:99:93:49:9e:a0:97:68:c5:76:68:d6:f4:80:b1:9e:84:
fd:46:22:df:53:47:19:63:f5:3e:83:e8:87:e6:95:4e:53:3b:
55:a4:48:d8:7d:0c:4d:68:87:08:6d:00:e8:0e:98:fe:40:ca:
b2:52:57:8e:7c:c9:68:59:ae:a4:6e:51:3c:ab:a6:39:24:ed:
df:82:5c:a3:43:b8:ec:81:e1:77:c6:a2:55:6b:6b:49:56:da:
2c:44:48:1e:1e:3e:70:f7:e2:bf:1d:1e:1a:17:a6:b6:1a:3b:
aa:74:13:77
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+TjVea+4fy33yXEqcfdgPbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTIwMDExMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDAwZTY4NThlYmIwZjE1OGQ5MWZlN2M0ZGNlYjUwZGYwNWQ2MWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryVEeITED6Dw0fr5R2u1I6kHEVy4
QdkQPWP0dA0tJ4t3SV6V+7EiAp9bht2mnzmP+tFWWHrSxQpRDIoHaj/hx8oXDFXN
U6diMm8pN/KrpdDfZw55apJBoBHk0YTY54Aq9ykyx0q68ZQqJ+eLZe/hkxaitgsa
fjP4YeZxtfdCig6WdkiLK1fbe9H5JVK56+H804CG3JtV7BFuXkO6ZuAQfn7/W6xp
r/8f/uWlh66ic0+qhNxo78p4adIDWt5gHn5E/5y5rwb3XZ/GJ5MWtk+LbYAwSue/
TzGrekw23jGUXgK9JfBkjQHG+YY7A73R9af+cgGWX+e3+iUPB0slxW5zywIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOQA5oWOuw8VjZH+fE3OtQ3wXWGwMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvNUFEbWhZNjdEeFdOa2Y1OFRjNjFEZkJkWWJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEwe1OElCTnbxpR35BmJ
5QCsYRVZVjyyg2zf8iHrICpDjQ3e4pX1NUzEHQ35ZTxloyoSrntZ4H3aWthfX23s
RP+p5Lq6vXU8vl6Zefuca8ksKeKtxbirPTYTHoswanh+kEnOC7zGwvDUTbdzTXNC
ZGowtJr0/EOmDNA4u/5+bCKqv1zKEgnDrqdN/Rqu5mJZh6xpmZNJnqCXaMV2aNb0
gLGehP1GIt9TRxlj9T6D6IfmlU5TO1WkSNh9DE1ohwhtAOgOmP5AyrJSV458yWhZ
rqRuUTyrpjkk7d+CXKNDuOyB4XfGolVra0lW2ixESB4ePnD34r8dHhoXprYaO6p0
E3c=
-----END CERTIFICATE-----
Generated at Mon May 20 10:09:09 2024 by rpki-client on console.sobornost.net