Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/jFHuOp489Bfc6jWR6KsJe9lilIA.roa
File: jFHuOp489Bfc6jWR6KsJe9lilIA.roa (raw, json)
Hash identifier: QNyqkNaIlMa7pf2Z48JqrAvp8a9F3KR2kA0u72hsPwY=
Subject key identifier: 8C:51:EE:3A:9E:3C:F4:17:DC:EA:35:91:E8:AB:09:7B:D9:62:94:80
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F1071408DEEB62929FCBF2898582E4D7D
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/jFHuOp489Bfc6jWR6KsJe9lilIA.roa
Signing time: Wed 24 Apr 2024 14:10:08 +0000
ROA not before: Wed 24 Apr 2024 14:10:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 24 Apr 2024 15:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:10:71:40:8d:ee:b6:29:29:fc:bf:28:98:58:2e:4d:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 24 14:10:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c51ee3a9e3cf417dcea3591e8ab097bd9629480
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:29:5a:9d:e5:61:75:17:72:01:80:c2:a9:02:
ec:a4:3d:74:92:ed:3d:92:b8:48:e3:92:8d:09:b5:
02:11:9e:2a:a0:49:0f:b2:70:07:93:cf:fe:61:38:
19:fc:b5:79:b5:c0:f2:ad:f5:e8:c3:b7:16:66:51:
f9:f9:4e:03:53:d6:19:fb:d7:f4:32:6c:c2:af:f0:
19:b1:64:54:12:aa:21:f2:34:66:0b:69:57:f8:1d:
01:e1:3d:d8:a3:d4:33:b6:96:b7:fa:86:a8:44:38:
9d:80:d0:9a:03:a3:bb:f3:2e:f8:91:a4:5f:f1:fa:
60:d3:36:04:e3:3f:db:2a:98:1d:a7:37:db:6c:53:
c7:b0:87:cb:7a:d0:17:c7:50:24:32:cd:c8:9b:83:
3c:fe:08:81:af:d9:d5:33:e2:0f:65:5c:08:3c:0d:
06:51:86:2e:bf:c8:e7:e7:52:4a:6b:27:93:d5:32:
71:14:3b:f9:76:ae:e6:55:dd:54:72:79:d5:dd:77:
db:d2:25:1f:d8:63:32:27:90:da:1b:7c:d3:9f:49:
0d:c1:8b:59:b8:f7:f5:20:42:34:8f:c1:9c:4a:41:
3d:2d:c2:6a:44:f2:d7:fb:75:d6:60:d6:28:8b:19:
1c:9c:45:55:cb:cf:62:99:66:9d:69:2f:ea:82:64:
c0:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:51:EE:3A:9E:3C:F4:17:DC:EA:35:91:E8:AB:09:7B:D9:62:94:80
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/jFHuOp489Bfc6jWR6KsJe9lilIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64:ffff:0:18f:543:9e41/128
Signature Algorithm: sha256WithRSAEncryption
60:e9:fa:72:89:a6:15:85:46:58:70:08:45:93:a3:3e:e2:b2:
39:17:7a:a3:3d:58:ac:27:33:f2:af:83:7d:4d:72:79:83:f7:
42:5f:73:f7:49:d6:f6:7a:1d:8e:13:c2:b1:88:47:f9:1e:f8:
4e:33:6b:a6:1c:c7:2b:a9:c0:d7:e5:a5:56:21:26:63:28:64:
8c:18:e7:fe:f9:c6:f6:7f:99:84:94:28:2a:26:c8:bb:21:5b:
16:74:f7:a2:3a:5c:3f:7e:52:d9:d3:08:df:09:36:b2:1a:b6:
8f:e6:c1:99:59:07:d0:88:1f:c9:ab:ef:c9:86:70:9c:ad:7f:
db:9e:74:29:c6:1e:36:94:39:02:09:90:7e:ae:29:e1:99:f6:
ca:e7:a5:0e:66:c7:28:eb:80:a1:71:f7:ff:84:ed:41:e6:a7:
6c:38:5d:2c:39:b5:15:a1:f6:5f:c4:f2:3c:44:7d:f4:fa:f3:
52:85:cc:3b:14:64:4b:06:96:b2:52:75:33:93:47:26:d1:1a:
35:e8:fc:16:9f:bf:ca:f8:e8:30:14:fb:e8:86:c3:dd:ef:26:
0f:0b:1f:d8:38:29:2a:07:5a:3f:8d:94:09:04:4a:32:cd:ab:
39:55:ee:82:13:08:7a:1d:07:62:24:a6:6e:24:19:cf:4f:3d:
cc:d8:1c:35
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY8QcUCN7rYpKfy/KJhYLk19MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDI0MTQxMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzUxZWUzYTllM2NmNDE3ZGNlYTM1OTFlOGFiMDk3YmQ5NjI5NDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlylaneVhdRdyAYDCqQLspD10ku09
krhI45KNCbUCEZ4qoEkPsnAHk8/+YTgZ/LV5tcDyrfXow7cWZlH5+U4DU9YZ+9f0
MmzCr/AZsWRUEqoh8jRmC2lX+B0B4T3Yo9Qztpa3+oaoRDidgNCaA6O78y74kaRf
8fpg0zYE4z/bKpgdpzfbbFPHsIfLetAXx1AkMs3Im4M8/giBr9nVM+IPZVwIPA0G
UYYuv8jn51JKayeT1TJxFDv5dq7mVd1UcnnV3Xfb0iUf2GMyJ5DaG3zTn0kNwYtZ
uPf1IEI0j8GcSkE9LcJqRPLX+3XWYNYoixkcnEVVy89imWadaS/qgmTAxwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIxR7jqePPQX3Oo1keirCXvZYpSAMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvakZIdU9wNDg5QmZjNmpXUjZLc0plOWxpbElBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAMBAIAATAGAwQDwQAYMBkE
AgACMBMDEQAgAQZ8AGT//wAAAY8FQ55BMA0GCSqGSIb3DQEBCwUAA4IBAQBg6fpy
iaYVhUZYcAhFk6M+4rI5F3qjPVisJzPyr4N9TXJ5g/dCX3P3Sdb2eh2OE8KxiEf5
HvhOM2umHMcrqcDX5aVWISZjKGSMGOf++cb2f5mElCgqJsi7IVsWdPeiOlw/flLZ
0wjfCTayGraP5sGZWQfQiB/Jq+/JhnCcrX/bnnQpxh42lDkCCZB+rinhmfbK56UO
Zsco64Chcff/hO1B5qdsOF0sObUVofZfxPI8RH30+vNShcw7FGRLBpayUnUzk0cm
0Ro16PwWn7/K+OgwFPvohsPd7yYPCx/YOCkqB1o/jZQJBEoyzas5Ve6CEwh6HQdi
JKZuJBnPTz3M2Bw1
-----END CERTIFICATE-----
Generated at Wed Apr 24 21:49:59 2024 by rpki-client on console.sobornost.net