Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/cIvXgN7YIKS6meuZXlTeTsvVjFM.roa
File: cIvXgN7YIKS6meuZXlTeTsvVjFM.roa (raw, json)
Hash identifier: uKkRDHv4p512+aIdbcnb8Bv308C4uoOQ1y5GFylocqQ=
Subject key identifier: 70:8B:D7:80:DE:D8:20:A4:BA:99:EB:99:5E:54:DE:4E:CB:D5:8C:53
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F25B273DDB50FF71F75B2D701C35D0F31
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/cIvXgN7YIKS6meuZXlTeTsvVjFM.roa
Signing time: Sun 28 Apr 2024 17:13:23 +0000
ROA not before: Sun 28 Apr 2024 17:13:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 28 Apr 2024 18:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:25:b2:73:dd:b5:0f:f7:1f:75:b2:d7:01:c3:5d:0f:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 28 17:13:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=708bd780ded820a4ba99eb995e54de4ecbd58c53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:af:3c:08:5c:47:11:fd:a1:a2:fd:cc:8c:0d:
11:1d:60:e9:20:93:a1:d7:2f:f7:db:92:02:42:3c:
0d:ce:e7:f4:f4:ca:ee:92:22:d6:3d:9e:8d:40:5e:
b6:21:a6:fb:91:43:92:b2:a7:75:57:ec:1a:3c:5d:
fa:39:7e:33:7d:84:54:f1:1e:ac:f3:8a:54:d3:7f:
4e:a1:42:59:ac:83:c1:8e:d6:b0:a3:8f:42:dc:b5:
70:93:0d:de:66:8e:be:de:f3:b0:a1:60:bd:ea:c5:
f2:56:46:36:db:b8:43:b0:a1:10:c8:dd:6d:b4:96:
a7:31:8b:be:0c:27:74:c3:47:c3:ce:b7:13:8e:09:
12:f9:ca:52:25:58:f8:fc:a1:5f:ca:0c:01:bd:69:
c8:d2:3a:84:a3:cb:ec:91:49:bf:8c:02:f0:3c:30:
bd:dd:59:13:30:35:d8:85:0b:85:9c:79:84:ac:ea:
1d:fe:78:90:62:af:69:0f:e1:64:ae:71:5a:02:7a:
bc:9f:39:17:72:1b:66:c8:19:85:04:db:6a:ff:94:
f9:7d:d9:ab:19:11:23:78:b0:47:0c:62:0d:00:df:
84:42:2c:17:b6:b8:e8:39:c4:f6:3d:bc:4a:72:c7:
55:cc:86:a6:51:a1:cb:44:85:27:2a:48:03:30:d8:
51:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:8B:D7:80:DE:D8:20:A4:BA:99:EB:99:5E:54:DE:4E:CB:D5:8C:53
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/cIvXgN7YIKS6meuZXlTeTsvVjFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64:ffff:0:18f:543:9e41/128
Signature Algorithm: sha256WithRSAEncryption
7f:2e:16:55:d1:b9:a1:b9:34:8a:36:1f:20:48:2a:07:29:87:
73:2f:ae:93:00:8c:12:5c:e1:6a:3e:e4:1d:0c:42:95:42:6c:
6a:4b:1f:8c:58:f0:f8:56:dc:c4:e7:5f:14:a8:d9:94:98:b8:
bd:ce:91:3d:0d:cc:ee:dd:e9:a0:5d:50:81:c6:13:70:89:30:
b1:8c:2b:ed:63:08:63:b5:77:45:a3:dc:0a:9a:c8:37:eb:e8:
c7:aa:d6:4c:2a:58:e8:dc:2a:78:2f:d8:f0:86:f9:2f:a6:bf:
38:e3:d6:b9:24:bb:2f:22:8d:bd:ab:79:01:01:46:8a:b3:b9:
88:ec:40:05:94:8c:99:8e:15:8e:cf:d9:86:91:7e:58:6d:cf:
17:c4:4c:51:26:c8:47:16:34:52:44:aa:24:07:77:63:d1:b8:
f2:d3:bb:35:33:6b:31:de:2f:b0:ce:41:aa:2f:3f:07:e7:25:
9b:80:cb:6c:8d:8b:e7:60:d8:b6:c0:19:07:c9:93:d4:98:dc:
d0:c3:26:31:94:94:41:25:31:29:b3:b0:cd:f0:ef:f5:2b:e0:
52:14:a3:fd:0c:8c:c4:0f:2a:06:52:07:08:86:73:fa:77:1b:
84:43:0a:2c:e0:77:72:7b:c4:ac:c0:d1:83:86:9f:24:cd:4e:
5f:b9:ac:e2
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY8lsnPdtQ/3H3Wy1wHDXQ8xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDI4MTcxMzIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDhiZDc4MGRlZDgyMGE0YmE5OWViOTk1ZTU0ZGU0ZWNiZDU4YzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv688CFxHEf2hov3MjA0RHWDpIJOh
1y/325ICQjwNzuf09MrukiLWPZ6NQF62Iab7kUOSsqd1V+waPF36OX4zfYRU8R6s
84pU039OoUJZrIPBjtawo49C3LVwkw3eZo6+3vOwoWC96sXyVkY227hDsKEQyN1t
tJanMYu+DCd0w0fDzrcTjgkS+cpSJVj4/KFfygwBvWnI0jqEo8vskUm/jALwPDC9
3VkTMDXYhQuFnHmErOod/niQYq9pD+FkrnFaAnq8nzkXchtmyBmFBNtq/5T5fdmr
GREjeLBHDGINAN+EQiwXtrjoOcT2PbxKcsdVzIamUaHLRIUnKkgDMNhRKwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHCL14De2CCkupnrmV5U3k7L1YxTMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvY0l2WGdON1lJS1M2bWV1WlhsVGVUc3ZWakZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAMBAIAATAGAwQDwQAYMBkE
AgACMBMDEQAgAQZ8AGT//wAAAY8FQ55BMA0GCSqGSIb3DQEBCwUAA4IBAQB/LhZV
0bmhuTSKNh8gSCoHKYdzL66TAIwSXOFqPuQdDEKVQmxqSx+MWPD4VtzE518UqNmU
mLi9zpE9Dczu3emgXVCBxhNwiTCxjCvtYwhjtXdFo9wKmsg36+jHqtZMKljo3Cp4
L9jwhvkvpr8449a5JLsvIo29q3kBAUaKs7mI7EAFlIyZjhWOz9mGkX5Ybc8XxExR
JshHFjRSRKokB3dj0bjy07s1M2sx3i+wzkGqLz8H5yWbgMtsjYvnYNi2wBkHyZPU
mNzQwyYxlJRBJTEps7DN8O/1K+BSFKP9DIzEDyoGUgcIhnP6dxuEQwos4Hdye8Ss
wNGDhp8kzU5fuazi
-----END CERTIFICATE-----
Generated at Mon Apr 29 00:39:48 2024 by rpki-client on console.sobornost.net