Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/8A3mOsuqQrDu-Jmg6elfHMfpm2s.roa
File: 8A3mOsuqQrDu-Jmg6elfHMfpm2s.roa (raw, json)
Hash identifier: QUeUbmH0kBf0TKGY4QCggf09vFCj5aayTcGqNAqkLJA=
Subject key identifier: F0:0D:E6:3A:CB:AA:42:B0:EE:F8:99:A0:E9:E9:5F:1C:C7:E9:9B:6B
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F3110FE7F002D68E3D457849A332A66A1
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/8A3mOsuqQrDu-Jmg6elfHMfpm2s.roa
Signing time: Tue 30 Apr 2024 22:12:28 +0000
ROA not before: Tue 30 Apr 2024 22:12:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 30 Apr 2024 23:04:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:31:10:fe:7f:00:2d:68:e3:d4:57:84:9a:33:2a:66:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 30 22:12:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f00de63acbaa42b0eef899a0e9e95f1cc7e99b6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d0:28:3e:c9:ac:d1:be:0e:f8:f5:52:23:cf:
57:0c:45:5e:1c:2d:06:46:af:43:d0:50:a6:a8:89:
17:6b:da:e9:4b:a8:f1:93:fc:cc:f2:c6:21:76:5b:
ec:44:95:5e:13:4c:8b:ae:3d:f9:ce:1d:92:72:f6:
c7:39:c3:10:4c:39:b7:97:87:f8:35:e3:8d:2d:d2:
7f:32:da:fd:d7:28:4c:3c:6e:bf:5c:6c:3c:54:f4:
8c:cf:9f:1d:3f:de:11:e1:64:f5:bb:e2:fe:6c:73:
14:f8:3b:44:b2:d5:4f:8c:73:4b:6d:62:4b:70:b7:
98:cc:e8:3d:c2:63:94:91:9e:b1:58:86:1c:15:4d:
03:77:92:00:38:fb:d8:ae:8e:99:cc:a0:04:48:c5:
26:b4:3a:86:2d:d9:43:e2:34:19:05:a8:fa:7c:d0:
66:c7:c7:7e:06:17:1e:3d:7c:3a:af:9b:db:0f:7a:
cb:fb:3d:aa:00:01:92:35:e1:63:32:3b:2f:3b:64:
54:3a:50:4c:50:22:88:4f:a9:cd:db:46:3a:bb:83:
ad:e3:ec:08:59:a3:44:de:fd:11:2e:0e:19:fc:da:
b7:cb:b0:31:5c:fe:8e:b3:2e:e5:e1:13:2a:a4:bc:
c2:68:a9:06:7d:3f:ed:29:9e:7a:32:06:e5:74:d6:
7a:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:0D:E6:3A:CB:AA:42:B0:EE:F8:99:A0:E9:E9:5F:1C:C7:E9:9B:6B
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/8A3mOsuqQrDu-Jmg6elfHMfpm2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c7:ba:ed:e2:6a:49:2c:c0:2c:dc:76:b7:dd:28:bd:35:d7:62:
ab:4f:26:c7:8f:bb:5c:55:5a:fe:f3:ce:b9:b2:4e:3b:21:20:
7c:c9:f7:fa:56:0a:2b:5c:46:52:22:69:8e:40:ff:be:00:00:
94:99:4d:b7:82:5c:d3:27:9b:a6:d9:bb:10:e6:c4:92:df:e1:
fe:6f:94:bf:00:d8:aa:6c:d1:c9:a4:c1:33:40:5b:d9:03:34:
4f:4e:f0:1e:4b:a1:a7:09:34:b8:34:f0:4d:41:36:d4:d2:90:
67:03:f7:cc:b0:40:4d:8b:e7:30:f3:45:21:1e:52:c6:41:86:
84:4e:13:18:4d:d3:1f:df:b1:21:e5:9a:64:5e:40:c9:57:10:
6d:60:4a:64:9a:de:0a:9a:00:21:05:ba:ae:e1:97:be:28:fd:
18:eb:72:db:c7:54:a7:cc:34:77:fb:72:f6:69:a3:e1:96:22:
5a:1c:bc:e4:40:5c:e2:bf:82:88:a4:fb:da:11:8b:50:b1:85:
6e:f1:40:7c:7a:a0:4e:c8:6f:51:e0:a3:c8:e6:d5:94:58:6a:
01:38:1e:76:7c:1a:67:50:bb:71:59:11:6c:b4:e3:40:4f:8d:
88:2c:66:e6:41:2a:3e:3b:b3:d9:3c:08:06:8f:a2:b9:ea:f2:
24:63:c3:39
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY8xEP5/AC1o49RXhJozKmahMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDMwMjIxMjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDBkZTYzYWNiYWE0MmIwZWVmODk5YTBlOWU5NWYxY2M3ZTk5YjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtAoPsms0b4O+PVSI89XDEVeHC0G
Rq9D0FCmqIkXa9rpS6jxk/zM8sYhdlvsRJVeE0yLrj35zh2ScvbHOcMQTDm3l4f4
NeONLdJ/Mtr91yhMPG6/XGw8VPSMz58dP94R4WT1u+L+bHMU+DtEstVPjHNLbWJL
cLeYzOg9wmOUkZ6xWIYcFU0Dd5IAOPvYro6ZzKAESMUmtDqGLdlD4jQZBaj6fNBm
x8d+BhcePXw6r5vbD3rL+z2qAAGSNeFjMjsvO2RUOlBMUCKIT6nN20Y6u4Ot4+wI
WaNE3v0RLg4Z/Nq3y7AxXP6Osy7l4RMqpLzCaKkGfT/tKZ56MgbldNZ6AQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPAN5jrLqkKw7viZoOnpXxzH6ZtrMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvOEEzbU9zdXFRckR1LUptZzZlbGZITWZwbTJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMe67eJqSSzALNx2t90o
vTXXYqtPJsePu1xVWv7zzrmyTjshIHzJ9/pWCitcRlIiaY5A/74AAJSZTbeCXNMn
m6bZuxDmxJLf4f5vlL8A2Kps0cmkwTNAW9kDNE9O8B5LoacJNLg08E1BNtTSkGcD
98ywQE2L5zDzRSEeUsZBhoROExhN0x/fsSHlmmReQMlXEG1gSmSa3gqaACEFuq7h
l74o/RjrctvHVKfMNHf7cvZpo+GWIlocvORAXOK/goik+9oRi1CxhW7xQHx6oE7I
b1Hgo8jm1ZRYagE4HnZ8GmdQu3FZEWy040BPjYgsZuZBKj47s9k8CAaPornq8iRj
wzk=
-----END CERTIFICATE-----
Generated at Wed May 1 07:48:07 2024 by rpki-client on console.sobornost.net