Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/7MoMmhA2vqG7JBKbCS9auOMlyDw.roa
File: 7MoMmhA2vqG7JBKbCS9auOMlyDw.roa (raw, json)
Hash identifier: mdKZTmrL3OujJl9jdN1MGv993JpJCjGDfHRvV/Som/Q=
Subject key identifier: EC:CA:0C:9A:10:36:BE:A1:BB:24:12:9B:09:2F:5A:B8:E3:25:C8:3C
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018FA2932248F4575DC2DC106B7450E80CF7
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/7MoMmhA2vqG7JBKbCS9auOMlyDw.roa
Signing time: Wed 22 May 2024 23:11:42 +0000
ROA not before: Wed 22 May 2024 23:11:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:9689:3f54/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 23 May 2024 00:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a2:93:22:48:f4:57:5d:c2:dc:10:6b:74:50:e8:0c:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 22 23:11:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ecca0c9a1036bea1bb24129b092f5ab8e325c83c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:17:b4:77:07:7d:2e:02:f5:87:30:fb:f0:39:
24:c6:36:6b:9c:16:36:43:19:61:b4:e4:3e:e6:e2:
c7:ff:bd:37:93:dd:d0:45:b0:12:ae:a1:d2:78:f9:
06:ab:19:97:97:28:e1:a7:6e:da:5e:e5:6d:7a:ee:
a5:ae:ff:83:95:23:c3:28:a4:e7:2f:45:ce:e1:77:
68:f4:05:05:48:52:4e:02:dc:7d:cd:93:d4:55:fc:
89:dd:1a:1d:83:81:00:68:ac:50:16:98:82:4e:b2:
94:95:c5:53:34:61:77:b2:2e:fd:d4:99:79:8a:17:
36:46:b4:7d:3b:b4:16:c3:4a:9b:9e:2a:dc:40:6f:
68:7f:de:ff:ff:26:3e:18:62:97:14:46:a6:9f:d6:
a5:28:97:f1:31:d7:1e:6c:4c:93:52:d2:1b:9b:55:
4e:1b:ab:e5:76:77:94:2f:39:17:c5:64:6e:94:a1:
cd:b7:ac:bf:35:ff:87:b0:0b:e8:f8:4e:83:2d:4a:
d3:c2:d1:56:95:9d:e5:10:b7:be:4f:e2:72:31:a0:
61:f0:70:82:af:b9:89:ec:8c:80:b1:04:b3:55:20:
9e:96:ed:0e:9d:c6:04:f4:a7:21:1c:e0:72:4f:e1:
ae:b7:ca:f9:c4:36:5a:34:c1:2f:f9:5c:40:71:bd:
f1:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:CA:0C:9A:10:36:BE:A1:BB:24:12:9B:09:2F:5A:B8:E3:25:C8:3C
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/7MoMmhA2vqG7JBKbCS9auOMlyDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
74:49:92:b8:43:98:1d:e9:c9:20:b2:f6:0c:a5:ab:17:6d:18:
02:d6:74:55:63:10:99:20:99:db:41:a0:d4:65:3f:4b:18:6b:
9b:0b:f0:ab:55:03:7d:8f:b0:a2:43:80:b3:a9:d5:38:94:cd:
6b:e3:2a:ad:2d:b3:07:4e:df:0e:9c:40:be:5f:1b:1e:40:fd:
68:68:c1:77:27:01:d2:0e:7c:8f:47:c4:3b:f1:ad:51:95:da:
0b:7a:c5:6f:ac:5b:bb:24:95:dc:75:3d:f2:9a:aa:93:83:1c:
18:38:39:bc:51:55:a9:e3:a9:07:fa:ad:73:4a:58:98:05:cb:
c3:3f:8f:13:88:b3:be:75:32:c6:dd:69:80:e9:12:18:27:c5:
a1:34:2b:c9:e3:b3:bd:d8:5d:8b:0a:c7:16:1c:4d:d1:bd:0d:
c3:06:24:a3:f6:34:6f:6e:60:95:95:07:3b:76:4d:e9:ab:6a:
78:20:79:bb:c9:26:05:1f:cd:36:89:24:8b:57:c5:2f:26:7e:
ca:80:3b:23:a3:a2:0b:95:34:94:f1:e3:37:d2:96:9c:8b:e3:
d8:5e:6c:2c:22:c0:f4:62:11:ef:ae:68:54:c0:86:65:ea:0e:
4b:0c:e2:12:20:12:f0:93:48:a9:ca:b1:3b:c3:b4:e6:3b:40:
02:86:69:78
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+ikyJI9FddwtwQa3RQ6Az3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTIyMjMxMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2NhMGM5YTEwMzZiZWExYmIyNDEyOWIwOTJmNWFiOGUzMjVjODNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRe0dwd9LgL1hzD78DkkxjZrnBY2
QxlhtOQ+5uLH/703k93QRbASrqHSePkGqxmXlyjhp27aXuVteu6lrv+DlSPDKKTn
L0XO4Xdo9AUFSFJOAtx9zZPUVfyJ3Rodg4EAaKxQFpiCTrKUlcVTNGF3si791Jl5
ihc2RrR9O7QWw0qbnircQG9of97//yY+GGKXFEamn9alKJfxMdcebEyTUtIbm1VO
G6vldneULzkXxWRulKHNt6y/Nf+HsAvo+E6DLUrTwtFWlZ3lELe+T+JyMaBh8HCC
r7mJ7IyAsQSzVSCelu0OncYE9KchHOByT+Gut8r5xDZaNMEv+VxAcb3xewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOzKDJoQNr6huyQSmwkvWrjjJcg8MB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvN01vTW1oQTJ2cUc3SkJLYkNTOWF1T01seUR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHRJkrhDmB3pySCy9gyl
qxdtGALWdFVjEJkgmdtBoNRlP0sYa5sL8KtVA32PsKJDgLOp1TiUzWvjKq0tswdO
3w6cQL5fGx5A/WhowXcnAdIOfI9HxDvxrVGV2gt6xW+sW7skldx1PfKaqpODHBg4
ObxRVanjqQf6rXNKWJgFy8M/jxOIs751MsbdaYDpEhgnxaE0K8njs73YXYsKxxYc
TdG9DcMGJKP2NG9uYJWVBzt2TemranggebvJJgUfzTaJJItXxS8mfsqAOyOjoguV
NJTx4zfSlpyL49hebCwiwPRiEe+uaFTAhmXqDksM4hIgEvCTSKnKsTvDtOY7QAKG
aXg=
-----END CERTIFICATE-----
Generated at Thu May 23 22:13:51 2024 by rpki-client on console.sobornost.net