Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/AfQXCYjwxRY2FFdcOYtCTQRqUoI.roa
File: AfQXCYjwxRY2FFdcOYtCTQRqUoI.roa (raw, json)
Hash identifier: CZMYJJ2TCDza1ZbL5Ep5JUdI4bftEtXZCg8Xd+LHyXk=
Subject key identifier: 01:F4:17:09:88:F0:C5:16:36:14:57:5C:39:8B:42:4D:04:6A:52:82
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F2D6852D4E8F7F01F7CA1143EE0FAB8AD
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/AfQXCYjwxRY2FFdcOYtCTQRqUoI.roa
Signing time: Tue 30 Apr 2024 05:09:22 +0000
ROA not before: Tue 30 Apr 2024 05:09:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 30 Apr 2024 06:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2d:68:52:d4:e8:f7:f0:1f:7c:a1:14:3e:e0:fa:b8:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 30 05:09:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01f4170988f0c5163614575c398b424d046a5282
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:43:eb:b1:24:8d:b2:57:db:00:c2:30:33:33:
7d:a0:7b:24:ec:a5:26:21:58:70:df:7c:30:67:9e:
34:5f:bf:5c:28:9d:e1:c0:9b:30:23:95:30:ab:02:
55:de:68:f0:16:86:70:cd:79:b4:b3:22:c4:dc:9e:
cc:a0:6b:1b:e3:af:b1:47:ab:36:90:1e:14:ca:23:
00:99:3f:5e:0e:7e:e8:53:24:6c:64:ba:c8:f4:61:
62:65:de:77:e2:15:c7:1f:3a:b1:a5:11:5b:ca:98:
69:cc:fd:ff:bf:28:03:86:40:d6:b1:54:e2:db:fc:
9c:95:cc:4d:3a:9f:1f:34:c2:57:55:47:98:0b:37:
3c:a4:ac:79:3d:18:31:46:7f:72:ce:d3:53:83:c4:
f1:63:04:fc:a4:e4:5f:ff:99:58:b1:23:a1:8a:cc:
fc:44:0b:d6:7e:f5:c9:14:1b:77:bb:db:be:4c:a9:
72:dd:23:68:8a:a9:f8:02:97:74:6a:b1:3e:33:05:
05:bc:70:51:00:fd:72:7e:f7:e3:4d:e4:b4:57:1e:
dd:f0:6d:a2:92:ad:80:df:65:14:a1:1b:7f:68:c9:
39:36:18:aa:0b:aa:09:b0:06:30:d2:a6:54:81:c6:
eb:d4:a0:72:1d:65:7e:8e:e6:e2:a0:f1:a7:97:33:
d0:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:F4:17:09:88:F0:C5:16:36:14:57:5C:39:8B:42:4D:04:6A:52:82
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/AfQXCYjwxRY2FFdcOYtCTQRqUoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b5:b2:23:ca:00:f7:8b:85:fe:24:71:ff:91:ab:ba:1d:27:07:
b4:e1:31:28:aa:2e:33:4a:f3:15:ed:f3:b2:01:25:21:b3:1e:
0a:a1:3f:24:4a:19:b7:3f:8f:06:1a:c0:06:71:82:80:80:66:
c7:00:a5:b5:51:43:53:77:f4:08:66:f4:54:d2:01:0c:5a:c1:
24:05:cb:e2:70:cb:0b:29:53:00:dd:b7:6f:02:0c:20:e3:64:
e7:6a:d0:4d:0e:cd:45:e9:35:9b:fc:93:8c:56:8e:96:08:35:
a2:c3:fc:e9:90:13:a0:99:65:e2:af:bb:8e:8c:96:58:e5:49:
01:26:d6:a9:28:38:67:57:d1:b2:f2:71:6c:1d:95:2e:a1:33:
eb:3d:4c:9a:db:27:f8:cf:ae:7d:b7:87:e0:f1:4f:7d:7f:81:
87:44:85:52:4e:26:8e:ec:93:62:5b:87:d4:fe:87:fc:f0:a9:
08:55:be:8c:d2:09:d9:73:d4:b0:af:dd:c6:73:b7:dd:2d:7e:
42:4a:a5:cb:81:4b:dd:ff:70:1c:9e:9e:50:4b:d2:5c:5c:d3:
cc:3a:44:05:e1:15:81:af:5b:34:b6:ce:3f:87:1c:20:1d:ff:
ab:bd:32:dd:85:41:20:8d:a1:9b:c2:a8:5e:9a:6f:28:27:45:
cd:f6:b4:ab
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY8taFLU6PfwH3yhFD7g+ritMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDMwMDUwOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWY0MTcwOTg4ZjBjNTE2MzYxNDU3NWMzOThiNDI0ZDA0NmE1MjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzEPrsSSNslfbAMIwMzN9oHsk7KUm
IVhw33wwZ540X79cKJ3hwJswI5UwqwJV3mjwFoZwzXm0syLE3J7MoGsb46+xR6s2
kB4UyiMAmT9eDn7oUyRsZLrI9GFiZd534hXHHzqxpRFbyphpzP3/vygDhkDWsVTi
2/yclcxNOp8fNMJXVUeYCzc8pKx5PRgxRn9yztNTg8TxYwT8pORf/5lYsSOhisz8
RAvWfvXJFBt3u9u+TKly3SNoiqn4Apd0arE+MwUFvHBRAP1yfvfjTeS0Vx7d8G2i
kq2A32UUoRt/aMk5NhiqC6oJsAYw0qZUgcbr1KByHWV+jubioPGnlzPQ/wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAH0FwmI8MUWNhRXXDmLQk0EalKCMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvQWZRWENZand4UlkyRkZkY09ZdENUUVJxVW9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALWyI8oA94uF/iRx/5Gr
uh0nB7ThMSiqLjNK8xXt87IBJSGzHgqhPyRKGbc/jwYawAZxgoCAZscApbVRQ1N3
9Ahm9FTSAQxawSQFy+JwywspUwDdt28CDCDjZOdq0E0OzUXpNZv8k4xWjpYINaLD
/OmQE6CZZeKvu46MlljlSQEm1qkoOGdX0bLycWwdlS6hM+s9TJrbJ/jPrn23h+Dx
T31/gYdEhVJOJo7sk2Jbh9T+h/zwqQhVvozSCdlz1LCv3cZzt90tfkJKpcuBS93/
cByenlBL0lxc08w6RAXhFYGvWzS2zj+HHCAd/6u9Mt2FQSCNoZvCqF6abygnRc32
tKs=
-----END CERTIFICATE-----
Generated at Tue Apr 30 22:25:26 2024 by rpki-client on console.sobornost.net