Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/8KUbYuR6IZCWSQMsWV3iIZcqqUc.roa
File: 8KUbYuR6IZCWSQMsWV3iIZcqqUc.roa (raw, json)
Hash identifier: aH76QmWdEnXdCxUZkbS/gf1hWWkJhQ8ifU8v5sB/Wbo=
Subject key identifier: F0:A5:1B:62:E4:7A:21:90:96:49:03:2C:59:5D:E2:21:97:2A:A9:47
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F2B45C0B35FFD45903C32969C3395E58A
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/8KUbYuR6IZCWSQMsWV3iIZcqqUc.roa
Signing time: Mon 29 Apr 2024 19:12:22 +0000
ROA not before: Mon 29 Apr 2024 19:12:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 29 Apr 2024 20:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2b:45:c0:b3:5f:fd:45:90:3c:32:96:9c:33:95:e5:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 29 19:12:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0a51b62e47a21909649032c595de221972aa947
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:4a:06:91:56:e3:17:60:15:1c:4e:d1:43:93:
01:65:52:a2:b6:54:34:87:e4:ef:18:95:05:56:00:
6c:05:ef:dc:f7:24:70:9b:65:28:72:b9:33:70:66:
5e:86:c6:a6:46:da:13:bd:31:61:f4:29:b0:67:05:
74:d6:c8:a4:dc:ea:0b:08:d4:9f:8a:b0:63:70:3a:
6f:73:35:cb:9d:9f:47:67:78:56:43:e4:c8:6b:95:
9b:5b:e4:37:b6:5e:fd:e2:56:b6:44:1e:5d:db:1b:
c9:59:83:db:43:cb:4b:9b:b9:39:8b:ed:80:8a:f7:
60:ac:db:1c:ed:a7:0c:d2:28:94:7b:94:87:c3:fa:
3c:9c:8a:dc:77:de:c3:6f:f2:00:bc:61:bd:12:06:
b8:1a:d3:fc:24:de:a3:70:83:b6:f8:28:bb:9e:92:
8f:85:76:1e:f1:f1:35:25:ab:85:7f:ea:51:fb:e4:
2b:19:29:ef:a1:65:7c:a0:a0:a5:2b:b1:7e:43:17:
81:44:ba:fc:cb:c8:bb:c8:fe:cd:45:5d:6d:af:ef:
f5:6d:66:58:7f:06:d9:ff:e9:88:ae:b1:9d:27:fd:
06:03:e8:81:c6:0c:89:0a:08:d4:0c:2b:a1:a5:84:
a4:5d:4e:f8:a3:38:3f:78:ea:25:c9:66:e3:ab:d9:
7b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:A5:1B:62:E4:7A:21:90:96:49:03:2C:59:5D:E2:21:97:2A:A9:47
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/8KUbYuR6IZCWSQMsWV3iIZcqqUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
76:a9:be:eb:89:11:cf:cf:98:c0:68:f2:e5:33:d1:cb:73:f0:
89:6a:45:8d:9a:fd:30:a6:c5:77:de:ac:89:ec:f9:18:69:da:
16:a3:1e:83:e1:78:7a:0b:be:3d:1f:20:1c:e4:1a:cd:8d:6f:
1d:84:4a:99:f2:79:a5:3f:3b:77:79:e3:d2:f4:02:23:f3:39:
42:cc:6f:cd:49:44:5e:46:c1:c6:12:75:06:50:d2:e8:e2:1f:
d1:dd:d7:98:27:2d:df:82:b4:d6:1c:eb:ca:47:9c:6f:1f:38:
2a:52:6e:e5:1c:6a:5b:ad:da:61:83:55:77:9a:24:7d:09:1c:
90:98:48:8e:8e:e0:a8:09:85:c2:a8:96:f8:2b:42:95:7a:ae:
72:a1:92:6d:8f:89:db:90:0d:a8:4f:46:eb:22:d9:6c:6b:78:
2f:90:12:ff:22:44:ee:de:d7:4b:ae:87:c8:49:22:22:19:b5:
97:1a:d3:58:12:5c:71:00:d0:86:f5:de:cc:b5:14:17:4e:13:
4f:b7:b0:8e:be:a5:0a:8e:d8:01:78:0b:bb:47:16:52:d2:15:
d2:30:a9:cd:17:eb:3e:73:49:14:14:58:60:00:50:70:16:7d:
91:35:b2:a6:f4:39:5a:1d:35:f5:0d:55:af:b7:2a:8e:96:1a:
6c:48:85:a7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY8rRcCzX/1FkDwylpwzleWKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDI5MTkxMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGE1MWI2MmU0N2EyMTkwOTY0OTAzMmM1OTVkZTIyMTk3MmFhOTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0oGkVbjF2AVHE7RQ5MBZVKitlQ0
h+TvGJUFVgBsBe/c9yRwm2UocrkzcGZehsamRtoTvTFh9CmwZwV01sik3OoLCNSf
irBjcDpvczXLnZ9HZ3hWQ+TIa5WbW+Q3tl794la2RB5d2xvJWYPbQ8tLm7k5i+2A
ivdgrNsc7acM0iiUe5SHw/o8nIrcd97Db/IAvGG9Ega4GtP8JN6jcIO2+Ci7npKP
hXYe8fE1JauFf+pR++QrGSnvoWV8oKClK7F+QxeBRLr8y8i7yP7NRV1tr+/1bWZY
fwbZ/+mIrrGdJ/0GA+iBxgyJCgjUDCuhpYSkXU74ozg/eOolyWbjq9l7kwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPClG2LkeiGQlkkDLFld4iGXKqlHMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvOEtVYll1UjZJWkNXU1FNc1dWM2lJWmNxcVVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHapvuuJEc/PmMBo8uUz
0ctz8IlqRY2a/TCmxXferIns+Rhp2hajHoPheHoLvj0fIBzkGs2Nbx2ESpnyeaU/
O3d549L0AiPzOULMb81JRF5GwcYSdQZQ0ujiH9Hd15gnLd+CtNYc68pHnG8fOCpS
buUcalut2mGDVXeaJH0JHJCYSI6O4KgJhcKolvgrQpV6rnKhkm2PiduQDahPRusi
2WxreC+QEv8iRO7e10uuh8hJIiIZtZca01gSXHEA0Ib13sy1FBdOE0+3sI6+pQqO
2AF4C7tHFlLSFdIwqc0X6z5zSRQUWGAAUHAWfZE1sqb0OVodNfUNVa+3Ko6WGmxI
hac=
-----END CERTIFICATE-----
Generated at Tue Apr 30 01:07:21 2024 by rpki-client on console.sobornost.net