Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/MY9DRSYGvNZ5O4pOgbOgzulCY8I.roa
File: MY9DRSYGvNZ5O4pOgbOgzulCY8I.roa (raw, json)
Hash identifier: QrghJNsaYdcFVSNK4sBjKcGcYG7srpmEor0hnLO2+9A=
Subject key identifier: 31:8F:43:45:26:06:BC:D6:79:3B:8A:4E:81:B3:A0:CE:E9:42:63:C2
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F962343FC3A48268F3F2A04FD0D780BB8
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/MY9DRSYGvNZ5O4pOgbOgzulCY8I.roa
Signing time: Mon 20 May 2024 13:14:04 +0000
ROA not before: Mon 20 May 2024 13:14:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 20 May 2024 14:06:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:96:23:43:fc:3a:48:26:8f:3f:2a:04:fd:0d:78:0b:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 20 13:14:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=318f43452606bcd6793b8a4e81b3a0cee94263c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:07:31:e5:82:97:54:e9:be:f7:50:be:7e:b4:
67:b1:34:16:1f:1f:f9:6e:1c:15:c2:63:77:41:ca:
ba:96:e9:2a:7b:9d:d7:8c:07:dc:c9:6f:b6:86:49:
52:95:a3:d7:24:32:e9:ce:c2:dc:39:b3:75:1f:f6:
23:89:95:74:65:b9:2f:85:3a:1b:e1:f9:70:e0:b7:
0e:c2:d8:55:a4:06:bc:ad:91:e0:05:fa:c8:c2:2a:
84:c3:7f:9e:7f:55:5f:e6:41:b6:70:ab:d1:09:e5:
e0:e5:4c:00:8b:38:33:ae:2d:e0:5e:40:9e:1f:8f:
fb:80:f8:c5:ab:dc:48:53:0a:86:3f:8a:11:c6:aa:
c4:f6:cc:34:28:17:89:91:f6:d8:39:e5:6e:22:43:
7a:2d:eb:ec:74:8b:b6:d5:5a:99:c5:92:94:5d:da:
e6:62:36:75:0a:0f:fd:aa:e3:63:5b:41:c9:f6:a2:
95:d1:f0:92:3d:73:7e:97:57:b8:90:5e:36:32:59:
77:f6:ac:e0:3a:a6:39:7a:33:e5:7b:fb:2a:9c:ab:
49:1b:4a:05:7f:6a:f6:50:5d:11:ef:56:98:c5:27:
01:57:ce:bd:2f:21:47:50:84:b7:f4:fe:4a:b7:41:
a7:6e:7e:6b:87:a2:b6:80:3e:e2:4a:f3:06:40:e3:
86:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:8F:43:45:26:06:BC:D6:79:3B:8A:4E:81:B3:A0:CE:E9:42:63:C2
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/MY9DRSYGvNZ5O4pOgbOgzulCY8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
14:14:ed:79:75:17:3b:c3:05:fe:e8:b5:9f:8a:74:a1:bd:6a:
5a:e0:bb:0d:af:9f:86:1f:f8:5c:81:eb:75:87:9b:c4:ce:c7:
a9:e0:16:65:29:e5:b7:42:51:d0:eb:b9:36:77:32:62:2b:ae:
40:2d:91:73:fa:a2:f7:0e:f6:3f:c0:e5:aa:75:65:cf:58:6f:
a8:73:38:d3:c0:00:45:87:2d:37:77:32:85:98:e6:3d:2b:2d:
73:1c:9d:54:b4:5b:a1:cd:b1:56:44:49:f3:6a:3c:9b:c6:83:
bf:c4:25:2c:9d:30:80:ba:1c:3b:13:59:45:b1:03:7a:0a:a7:
d7:6a:6d:09:95:b7:4f:3d:85:1e:f8:98:ab:f0:b5:9a:6b:b9:
70:68:da:c8:75:a6:34:a6:f0:b4:2a:2f:97:a8:f4:e8:20:20:
0a:06:8d:65:a6:f8:5f:f4:ed:6d:47:c8:b5:8f:6f:0e:dc:4d:
e7:8c:db:12:a9:be:3b:11:3c:43:3b:7f:7b:c5:7d:eb:db:d5:
f4:36:d2:f9:da:0e:dc:8e:0c:3d:f3:97:68:0e:d0:18:69:9a:
dd:f1:4a:39:74:d5:6f:a7:67:fc:92:4b:9f:cb:68:0e:95:17:
fb:e6:6c:7c:9c:0d:f7:da:9a:1e:cd:e1:5f:19:b9:d1:7d:3e:
5d:32:8a:a6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+WI0P8Okgmjz8qBP0NeAu4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTIwMTMxNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMThmNDM0NTI2MDZiY2Q2NzkzYjhhNGU4MWIzYTBjZWU5NDI2M2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwcx5YKXVOm+91C+frRnsTQWHx/5
bhwVwmN3Qcq6lukqe53XjAfcyW+2hklSlaPXJDLpzsLcObN1H/YjiZV0ZbkvhTob
4flw4LcOwthVpAa8rZHgBfrIwiqEw3+ef1Vf5kG2cKvRCeXg5UwAizgzri3gXkCe
H4/7gPjFq9xIUwqGP4oRxqrE9sw0KBeJkfbYOeVuIkN6LevsdIu21VqZxZKUXdrm
YjZ1Cg/9quNjW0HJ9qKV0fCSPXN+l1e4kF42Mll39qzgOqY5ejPle/sqnKtJG0oF
f2r2UF0R71aYxScBV869LyFHUIS39P5Kt0Gnbn5rh6K2gD7iSvMGQOOGcwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDGPQ0UmBrzWeTuKToGzoM7pQmPCMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvTVk5RFJTWUd2Tlo1TzRwT2diT2d6dWxDWThJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABQU7Xl1FzvDBf7otZ+K
dKG9alrguw2vn4Yf+FyB63WHm8TOx6ngFmUp5bdCUdDruTZ3MmIrrkAtkXP6ovcO
9j/A5ap1Zc9Yb6hzONPAAEWHLTd3MoWY5j0rLXMcnVS0W6HNsVZESfNqPJvGg7/E
JSydMIC6HDsTWUWxA3oKp9dqbQmVt089hR74mKvwtZpruXBo2sh1pjSm8LQqL5eo
9OggIAoGjWWm+F/07W1HyLWPbw7cTeeM2xKpvjsRPEM7f3vFfevb1fQ20vnaDtyO
DD3zl2gO0Bhpmt3xSjl01W+nZ/ySS5/LaA6VF/vmbHycDffamh7N4V8ZudF9Pl0y
iqY=
-----END CERTIFICATE-----
Generated at Tue May 21 04:26:37 2024 by rpki-client on console.sobornost.net