Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/OFaDuW8FSINiZN57STbFHVciMY4.roa
File: OFaDuW8FSINiZN57STbFHVciMY4.roa (raw, json)
Hash identifier: wv6eTfOKom+SOn0CNnKeYCbv9d1OZohipPNjZPfVa/8=
Subject key identifier: 38:56:83:B9:6F:05:48:83:62:64:DE:7B:49:36:C5:1D:57:22:31:8E
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F5FD79B7EA890BEBDFB2A882F1DB0DAA3
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/OFaDuW8FSINiZN57STbFHVciMY4.roa
Signing time: Fri 10 May 2024 00:11:56 +0000
ROA not before: Fri 10 May 2024 00:11:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 10 May 2024 01:04:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5f:d7:9b:7e:a8:90:be:bd:fb:2a:88:2f:1d:b0:da:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 10 00:11:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=385683b96f0548836264de7b4936c51d5722318e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:7b:6c:07:cc:f6:74:3a:13:ee:32:ea:44:0b:
29:33:9a:1b:c4:e1:d4:30:3b:5b:c0:52:55:ae:37:
40:6f:7c:fb:f0:a9:30:30:f4:ba:e9:66:2d:f1:d8:
23:b2:db:b4:7d:ed:61:88:af:fd:de:ac:d5:59:35:
19:98:a7:b6:9a:95:79:dd:1e:af:1d:d1:fb:2d:67:
77:d5:56:3f:3f:e8:6c:9a:37:c4:11:38:cf:bc:d6:
80:f5:10:b4:75:1a:d4:76:ad:20:57:ec:e0:3b:7a:
8b:fb:d4:55:18:ac:7a:80:5f:6a:df:1f:de:3b:a9:
1a:5a:1d:83:1f:1e:36:23:67:ae:b8:8e:5d:8d:64:
3a:01:29:34:36:a2:ca:ca:ef:cf:fa:b8:12:95:67:
a7:fb:46:5f:99:71:cb:8f:e6:19:56:91:54:48:7f:
10:50:c0:66:1e:4d:16:8e:25:47:fc:05:36:e6:c5:
9e:ad:7d:3d:31:19:24:ea:90:2b:7a:2f:43:07:74:
fe:8c:7c:70:70:1c:db:98:12:8d:a2:56:74:69:2c:
b5:a8:84:c1:1f:dd:77:54:60:38:7a:6e:ec:e4:ae:
1e:f0:e6:df:42:a7:72:f2:a3:ba:da:92:ea:26:6a:
fc:b4:f6:43:c4:7f:1a:a1:40:b3:34:d1:6c:34:6d:
73:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:56:83:B9:6F:05:48:83:62:64:DE:7B:49:36:C5:1D:57:22:31:8E
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/OFaDuW8FSINiZN57STbFHVciMY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3b:78:48:ba:3c:2c:0a:91:64:10:02:f5:e9:74:65:38:a2:67:
e8:2f:c6:d1:62:9c:54:24:9e:57:19:64:67:eb:82:79:cc:4f:
e6:e9:ce:4f:12:86:23:d1:22:d1:bf:6b:90:67:7c:a1:3a:48:
07:b3:31:bc:b1:f0:b5:41:e7:d6:ea:e0:d5:c1:10:6b:e7:b9:
f7:dc:40:a4:ef:9d:79:8a:6b:0d:10:1d:9f:8a:aa:4f:c7:ee:
2e:b1:8a:52:cf:2b:a8:f8:f1:f4:52:1f:7c:0d:cf:d3:bf:fc:
0e:65:c7:75:43:c1:7f:ea:2e:e9:ad:f7:36:d5:2e:5e:40:c0:
66:04:6f:c3:df:7c:d4:55:f8:a9:e3:0c:c8:30:f5:13:ff:a8:
2d:07:96:63:b7:d8:52:ef:74:11:68:8d:c4:73:f5:bd:f3:7f:
ca:2d:72:91:4d:6a:dc:1c:84:98:78:9a:20:cd:c7:cf:97:f0:
5d:c5:a3:54:6c:9f:6b:c9:56:45:7a:cc:cb:04:32:32:2f:83:
0f:26:38:75:39:2e:ac:6a:7d:e5:df:66:76:21:e8:23:a5:a0:
f3:34:29:89:13:82:4e:d6:13:c0:78:aa:e2:68:fc:40:3a:60:
ad:b0:9c:60:96:b1:4c:7b:dd:4e:e7:8a:86:e8:5b:b0:a0:24:
42:9a:76:5b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9f15t+qJC+vfsqiC8dsNqjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTEwMDAxMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODU2ODNiOTZmMDU0ODgzNjI2NGRlN2I0OTM2YzUxZDU3MjIzMThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXtsB8z2dDoT7jLqRAspM5obxOHU
MDtbwFJVrjdAb3z78KkwMPS66WYt8dgjstu0fe1hiK/93qzVWTUZmKe2mpV53R6v
HdH7LWd31VY/P+hsmjfEETjPvNaA9RC0dRrUdq0gV+zgO3qL+9RVGKx6gF9q3x/e
O6kaWh2DHx42I2euuI5djWQ6ASk0NqLKyu/P+rgSlWen+0ZfmXHLj+YZVpFUSH8Q
UMBmHk0WjiVH/AU25sWerX09MRkk6pArei9DB3T+jHxwcBzbmBKNolZ0aSy1qITB
H913VGA4em7s5K4e8ObfQqdy8qO62pLqJmr8tPZDxH8aoUCzNNFsNG1zuwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDhWg7lvBUiDYmTee0k2xR1XIjGOMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvT0ZhRHVXOEZTSU5pWk41N1NUYkZIVmNpTVk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADt4SLo8LAqRZBAC9el0
ZTiiZ+gvxtFinFQknlcZZGfrgnnMT+bpzk8ShiPRItG/a5BnfKE6SAezMbyx8LVB
59bq4NXBEGvnuffcQKTvnXmKaw0QHZ+Kqk/H7i6xilLPK6j48fRSH3wNz9O//A5l
x3VDwX/qLumt9zbVLl5AwGYEb8PffNRV+KnjDMgw9RP/qC0HlmO32FLvdBFojcRz
9b3zf8otcpFNatwchJh4miDNx8+X8F3Fo1Rsn2vJVkV6zMsEMjIvgw8mOHU5Lqxq
feXfZnYh6COloPM0KYkTgk7WE8B4quJo/EA6YK2wnGCWsUx73U7nioboW7CgJEKa
dls=
-----END CERTIFICATE-----
Generated at Fri May 10 09:46:57 2024 by rpki-client on console.sobornost.net