Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/laL44R0PLzpxYi34kvicxXHGdF8.roa
File: laL44R0PLzpxYi34kvicxXHGdF8.roa (raw, json)
Hash identifier: 0IMwRAbFNak+uerkiUGgcwSGeOYS7lsl2vVkW531dEU=
Subject key identifier: 95:A2:F8:E1:1D:0F:2F:3A:71:62:2D:F8:92:F8:9C:C5:71:C6:74:5F
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F5E8D1A574DC00546A238A3A5D7A2E061
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/laL44R0PLzpxYi34kvicxXHGdF8.roa
Signing time: Thu 09 May 2024 18:10:56 +0000
ROA not before: Thu 09 May 2024 18:10:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 09 May 2024 19:04:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5e:8d:1a:57:4d:c0:05:46:a2:38:a3:a5:d7:a2:e0:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 9 18:10:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95a2f8e11d0f2f3a71622df892f89cc571c6745f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e9:b8:89:f7:5e:c1:bc:4f:61:b4:bd:08:c0:
93:ec:86:98:54:a6:01:47:bd:f6:f8:52:18:f9:4e:
02:43:eb:09:42:3f:63:e7:23:87:14:87:b4:68:5c:
2b:4b:b5:f1:c8:0c:fa:3f:e5:f5:58:b3:d5:1b:3f:
86:4b:39:ab:a6:85:9a:4b:94:f0:e4:a0:b3:f8:85:
21:f7:e9:d4:2a:72:90:f1:23:ca:d5:c8:12:0d:a8:
ad:71:8f:40:54:8e:fc:a3:67:1f:ab:72:4e:2b:4b:
d6:a6:e4:62:52:e9:23:9d:78:5f:92:19:ed:7f:ee:
78:71:67:f0:d3:ac:1c:3d:11:cb:3e:ab:d6:25:ec:
67:1e:f8:8c:4a:97:7e:b1:fe:58:86:2e:d8:fa:ca:
8d:f7:13:8f:34:5f:ed:d0:6d:71:1b:12:9d:71:fa:
64:7e:38:2e:fc:b2:9f:61:c3:4a:4d:de:89:ac:0f:
46:f8:47:08:e6:3b:2a:31:5d:40:da:21:b7:26:ae:
53:0f:f6:63:a9:fc:9b:75:9b:60:e3:6c:07:8b:6d:
c8:90:1d:10:bd:5c:32:6c:c2:ec:21:0e:b1:f7:8d:
a0:27:0b:95:23:d3:c2:6a:f1:22:d9:5e:f7:fa:4f:
5d:63:cb:73:87:46:32:fe:1d:bc:4d:48:e6:12:0e:
fe:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:A2:F8:E1:1D:0F:2F:3A:71:62:2D:F8:92:F8:9C:C5:71:C6:74:5F
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/laL44R0PLzpxYi34kvicxXHGdF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
23:2e:b5:46:d5:b4:48:c3:cd:39:5e:59:3c:ab:75:8e:29:34:
49:df:33:49:de:9d:f9:38:b6:2d:ab:0e:19:94:0d:1e:6f:e3:
9e:fc:31:db:35:9f:98:bb:0e:46:89:bb:f2:94:3f:d2:fc:db:
3a:b0:4f:b3:97:4f:67:c0:a9:7c:51:d2:91:f9:74:67:84:c2:
d4:fc:b6:24:36:23:79:e3:68:5b:66:11:2e:8a:9c:18:99:12:
03:dc:fd:27:11:ff:c3:89:83:f0:9a:7c:e9:38:a0:d9:41:4f:
5a:ea:93:98:e4:c0:e7:cd:36:90:dd:94:aa:0e:8e:5c:ea:b4:
a8:60:2d:8e:28:e2:46:aa:56:e7:19:9d:58:53:bd:b8:65:33:
49:ac:ed:99:bc:da:01:25:8a:bb:bc:41:85:3b:31:bf:39:4c:
ac:e9:83:96:11:d0:90:f5:89:26:df:6c:f2:4a:ba:ac:e7:86:
a0:66:a5:67:1d:87:12:8e:18:73:b3:29:2d:88:8e:f1:c7:76:
e4:47:45:7a:60:77:b7:e3:43:6f:cc:d0:e1:29:cc:0c:a9:af:
ba:4b:30:1b:65:68:2d:60:93:01:a8:7d:70:b0:c0:f3:8e:a0:
37:c8:e6:6f:6e:ae:77:ae:3b:77:79:84:6a:9e:c4:16:dd:87:
13:21:ab:e5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9ejRpXTcAFRqI4o6XXouBhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA5MTgxMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWEyZjhlMTFkMGYyZjNhNzE2MjJkZjg5MmY4OWNjNTcxYzY3NDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxum4ifdewbxPYbS9CMCT7IaYVKYB
R732+FIY+U4CQ+sJQj9j5yOHFIe0aFwrS7XxyAz6P+X1WLPVGz+GSzmrpoWaS5Tw
5KCz+IUh9+nUKnKQ8SPK1cgSDaitcY9AVI78o2cfq3JOK0vWpuRiUukjnXhfkhnt
f+54cWfw06wcPRHLPqvWJexnHviMSpd+sf5Yhi7Y+sqN9xOPNF/t0G1xGxKdcfpk
fjgu/LKfYcNKTd6JrA9G+EcI5jsqMV1A2iG3Jq5TD/ZjqfybdZtg42wHi23IkB0Q
vVwybMLsIQ6x942gJwuVI9PCavEi2V73+k9dY8tzh0Yy/h28TUjmEg7+oQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJWi+OEdDy86cWIt+JL4nMVxxnRfMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvbGFMNDRSMFBMenB4WWkzNGt2aWN4WEhHZEY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACMutUbVtEjDzTleWTyr
dY4pNEnfM0nenfk4ti2rDhmUDR5v4578Mds1n5i7DkaJu/KUP9L82zqwT7OXT2fA
qXxR0pH5dGeEwtT8tiQ2I3njaFtmES6KnBiZEgPc/ScR/8OJg/CafOk4oNlBT1rq
k5jkwOfNNpDdlKoOjlzqtKhgLY4o4kaqVucZnVhTvbhlM0ms7Zm82gEliru8QYU7
Mb85TKzpg5YR0JD1iSbfbPJKuqznhqBmpWcdhxKOGHOzKS2IjvHHduRHRXpgd7fj
Q2/M0OEpzAypr7pLMBtlaC1gkwGofXCwwPOOoDfI5m9urneuO3d5hGqexBbdhxMh
q+U=
-----END CERTIFICATE-----
Generated at Fri May 10 00:19:26 2024 by rpki-client on console.sobornost.net