Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/aSq_glEDhatnIL-uFjSYOClqTH8.roa
File: aSq_glEDhatnIL-uFjSYOClqTH8.roa (raw, json)
Hash identifier: qkRW1FNPsRmISHhkz1kD/fqi0Pa/PUEl6im4iFYJgk8=
Subject key identifier: 69:2A:BF:82:51:03:85:AB:67:20:BF:AE:16:34:98:38:29:6A:4C:7F
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F3064E23D93CBE87E2DF3410CC8D8BE3D
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/aSq_glEDhatnIL-uFjSYOClqTH8.roa
Signing time: Tue 30 Apr 2024 19:04:28 +0000
ROA not before: Tue 30 Apr 2024 19:04:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
2001:67c:64:ffff:0:18f:3064:ae87/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 30 Apr 2024 19:13:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:30:64:e2:3d:93:cb:e8:7e:2d:f3:41:0c:c8:d8:be:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 30 19:04:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=692abf82510385ab6720bfae16349838296a4c7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:36:2f:52:d1:ed:c1:79:06:b3:d4:69:92:be:
2f:94:46:00:6c:77:c2:ba:e8:c0:f3:ef:e4:ba:dd:
30:df:e1:56:79:4b:ce:20:27:c7:ad:9a:98:20:d2:
80:e9:f4:16:e7:20:a3:d4:92:2e:4c:a0:9f:e1:c5:
86:8b:7c:5f:7b:87:66:53:a3:a4:d0:29:55:d0:c9:
92:8c:e0:2b:9f:c9:86:77:87:5d:bb:b2:62:f7:a4:
75:1c:51:50:d9:b2:80:04:c8:f0:25:3f:b2:9e:4f:
fa:8f:f0:70:20:4e:4e:9a:e7:63:5f:99:c9:b9:fb:
57:89:a3:5c:6d:7c:77:d4:60:05:f1:1f:77:8f:b9:
49:38:80:3e:cc:82:7a:69:fe:58:c3:f2:2f:99:f5:
f4:22:d7:8b:97:ae:0a:43:6c:61:fc:1b:5b:1e:85:
0a:f2:d5:f3:12:3c:dc:b6:e6:f8:55:23:f5:1f:e7:
80:f9:c1:8c:0f:6a:aa:83:06:89:1d:65:fd:c8:b5:
89:21:6c:f5:dd:d1:20:f3:47:90:54:17:64:56:9d:
a6:ee:00:a1:2a:3e:f5:ef:ea:4a:68:23:98:ad:24:
73:40:64:e0:84:f9:70:70:66:a5:a2:76:f7:b9:9b:
0b:57:7a:45:2b:19:e3:d7:39:d6:89:c4:a9:c7:e0:
51:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:2A:BF:82:51:03:85:AB:67:20:BF:AE:16:34:98:38:29:6A:4C:7F
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/aSq_glEDhatnIL-uFjSYOClqTH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0a:73:a9:9f:8e:f8:db:62:56:9e:26:6f:e1:96:7b:f7:2b:e5:
67:31:c3:ac:93:8b:4c:d0:73:6e:83:c1:2e:95:86:4f:98:d0:
c5:3f:e5:dc:ce:16:4d:6e:97:a8:2a:11:b8:4a:f0:b8:e8:98:
7b:8a:c5:42:63:3f:d9:9c:89:fd:78:a8:83:0e:ed:cb:2e:dc:
c7:7a:69:f4:d4:32:24:3e:d0:c2:d0:e6:c6:e6:e0:40:87:38:
8f:de:5b:e9:83:0f:aa:1f:bd:18:1e:3b:42:da:da:95:c4:47:
14:3c:87:59:68:4f:b2:33:5f:9c:07:c1:30:d8:70:b8:62:77:
2a:ae:e4:9a:80:3e:06:29:ae:ad:25:df:f9:b6:43:9f:d8:46:
b9:4c:1c:c4:42:ec:eb:95:bd:fc:0f:d4:9d:4f:11:00:0e:6b:
4a:7b:67:0c:1a:59:16:95:25:47:2e:70:93:d5:15:dc:d8:4b:
6b:6f:36:d3:f9:e8:8f:fb:e8:e5:07:36:34:a5:20:cf:04:94:
18:84:d5:ed:d8:f2:e8:d4:9d:5d:d4:0c:70:ad:e6:d7:ba:25:
c0:54:a2:4d:47:66:a2:83:f7:ef:6c:b6:0b:dc:d7:95:c8:9b:
f5:8b:54:e2:6d:01:6d:92:30:e2:8e:22:65:89:a3:ab:1c:08:
5f:b0:bc:b8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY8wZOI9k8vofi3zQQzI2L49MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDMwMTkwNDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTJhYmY4MjUxMDM4NWFiNjcyMGJmYWUxNjM0OTgzODI5NmE0YzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTYvUtHtwXkGs9Rpkr4vlEYAbHfC
uujA8+/kut0w3+FWeUvOICfHrZqYINKA6fQW5yCj1JIuTKCf4cWGi3xfe4dmU6Ok
0ClV0MmSjOArn8mGd4ddu7Ji96R1HFFQ2bKABMjwJT+ynk/6j/BwIE5OmudjX5nJ
uftXiaNcbXx31GAF8R93j7lJOIA+zIJ6af5Yw/IvmfX0IteLl64KQ2xh/BtbHoUK
8tXzEjzctub4VSP1H+eA+cGMD2qqgwaJHWX9yLWJIWz13dEg80eQVBdkVp2m7gCh
Kj717+pKaCOYrSRzQGTghPlwcGalonb3uZsLV3pFKxnj1znWicSpx+BRUwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGkqv4JRA4WrZyC/rhY0mDgpakx/MB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvYVNxX2dsRURoYXRuSUwtdUZqU1lPQ2xxVEg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAApzqZ+O+NtiVp4mb+GW
e/cr5Wcxw6yTi0zQc26DwS6Vhk+Y0MU/5dzOFk1ul6gqEbhK8LjomHuKxUJjP9mc
if14qIMO7csu3Md6afTUMiQ+0MLQ5sbm4ECHOI/eW+mDD6ofvRgeO0La2pXERxQ8
h1loT7IzX5wHwTDYcLhidyqu5JqAPgYprq0l3/m2Q5/YRrlMHMRC7OuVvfwP1J1P
EQAOa0p7ZwwaWRaVJUcucJPVFdzYS2tvNtP56I/76OUHNjSlIM8ElBiE1e3Y8ujU
nV3UDHCt5te6JcBUok1HZqKD9+9stgvc15XIm/WLVOJtAW2SMOKOImWJo6scCF+w
vLg=
-----END CERTIFICATE-----
Generated at Wed May 1 00:37:57 2024 by rpki-client on console.sobornost.net