Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/oENwciT3NyGtt1heU8Lk5xdbnAE.roa
File: oENwciT3NyGtt1heU8Lk5xdbnAE.roa (raw, json)
Hash identifier: ibO0pfXeluZaM1Ch7dd4o9gHGzriFT/u1ipd0AtDJJg=
Subject key identifier: A0:43:70:72:24:F7:37:21:AD:B7:58:5E:53:C2:E4:E7:17:5B:9C:01
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F0E199600662D8CD229168782CAD9FF0B
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/oENwciT3NyGtt1heU8Lk5xdbnAE.roa
Signing time: Wed 24 Apr 2024 03:15:08 +0000
ROA not before: Wed 24 Apr 2024 03:15:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 24 Apr 2024 04:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0e:19:96:00:66:2d:8c:d2:29:16:87:82:ca:d9:ff:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 24 03:15:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a043707224f73721adb7585e53c2e4e7175b9c01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:a1:9e:2b:c0:f8:ac:c8:6e:bb:20:c8:f7:ca:
03:28:a3:03:81:2a:e4:05:5d:09:fa:8f:cb:f6:24:
c6:26:d4:85:57:4b:e8:c9:9c:96:5d:3c:26:e0:96:
a0:0a:2f:09:8e:07:e2:b6:a6:76:df:b6:d2:c1:6c:
73:08:6f:9b:23:a0:73:e1:14:bc:6e:cd:f4:63:48:
94:6f:d5:e5:5a:4c:fe:80:34:11:1b:28:c7:3a:6f:
1f:51:00:41:d1:e7:44:ec:e0:62:a7:b7:91:20:03:
29:c9:48:61:f1:fd:77:d3:ca:e7:4f:92:d5:04:ec:
03:bf:2b:6b:38:82:5f:2b:3d:50:0e:9d:a4:f4:ed:
04:d7:b7:dc:60:91:22:5a:41:a3:54:4f:be:e0:1e:
64:5c:76:2f:2c:99:7a:45:10:ab:e9:64:5c:70:00:
90:63:20:7e:68:35:ce:c1:b2:74:35:2d:b9:0b:76:
1e:68:f6:7b:c0:79:4e:45:41:c4:11:bf:b3:28:c3:
50:0b:33:76:bd:f6:73:d7:1e:b8:1e:cc:a0:29:c7:
58:f8:77:7d:5d:6e:d5:76:7e:e0:37:91:f5:f9:26:
14:c1:e6:7b:b4:d7:73:c6:73:70:83:6f:95:64:91:
e7:f9:c7:6d:6c:c2:a8:97:46:a8:e0:78:e3:08:ef:
ce:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:43:70:72:24:F7:37:21:AD:B7:58:5E:53:C2:E4:E7:17:5B:9C:01
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/oENwciT3NyGtt1heU8Lk5xdbnAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64:ffff:0:18f:543:9e41/128
Signature Algorithm: sha256WithRSAEncryption
bd:25:c7:d6:b5:a1:69:8c:20:fb:cf:0d:0e:7d:41:2b:d8:b8:
58:fc:e2:a2:cb:ac:47:6a:74:7e:bc:7f:44:d3:c3:a5:24:94:
0a:f6:eb:41:e0:a6:c0:73:7e:3c:ea:79:74:47:8c:b9:ec:7f:
15:46:f9:5f:46:ac:dd:6d:a1:60:eb:1f:42:54:9e:ed:81:e2:
3e:06:96:ac:81:8d:8c:2b:be:42:fb:67:ee:e8:e9:36:a5:98:
fb:f2:a1:10:15:bb:09:1d:e0:55:85:9c:77:f1:ee:44:d6:18:
f1:79:c0:66:c4:3d:cb:ba:71:88:bf:5f:e2:74:72:dc:67:06:
d3:0e:dd:7f:c4:da:03:cf:02:61:2d:38:09:01:18:76:18:8a:
6e:6f:7f:ba:4f:c5:46:92:b8:ab:c6:13:c3:7b:61:f9:fe:64:
0f:c2:41:16:66:93:df:c1:15:56:65:8f:e9:49:17:e2:dd:4e:
d0:05:0b:14:f6:34:43:fc:c1:cd:06:5b:97:18:a1:2a:86:00:
f4:91:ab:2a:f9:4f:2c:7c:1b:ae:99:de:b9:81:e0:68:90:19:
b2:5a:54:24:f6:94:ec:01:e1:68:2b:8a:8e:02:15:16:a5:24:
0d:e8:6b:a2:93:04:a0:41:e2:6c:49:60:a1:d1:fe:70:8f:97:
81:10:68:14
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY8OGZYAZi2M0ikWh4LK2f8LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDI0MDMxNTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDQzNzA3MjI0ZjczNzIxYWRiNzU4NWU1M2MyZTRlNzE3NWI5YzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1aGeK8D4rMhuuyDI98oDKKMDgSrk
BV0J+o/L9iTGJtSFV0voyZyWXTwm4JagCi8JjgfitqZ237bSwWxzCG+bI6Bz4RS8
bs30Y0iUb9XlWkz+gDQRGyjHOm8fUQBB0edE7OBip7eRIAMpyUhh8f1308rnT5LV
BOwDvytrOIJfKz1QDp2k9O0E17fcYJEiWkGjVE++4B5kXHYvLJl6RRCr6WRccACQ
YyB+aDXOwbJ0NS25C3YeaPZ7wHlORUHEEb+zKMNQCzN2vfZz1x64HsygKcdY+Hd9
XW7Vdn7gN5H1+SYUweZ7tNdzxnNwg2+VZJHn+cdtbMKol0ao4HjjCO/OTwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKBDcHIk9zchrbdYXlPC5OcXW5wBMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvb0VOd2NpVDNOeUd0dDFoZVU4TGs1eGRibkFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAMBAIAATAGAwQDwQAYMBkE
AgACMBMDEQAgAQZ8AGT//wAAAY8FQ55BMA0GCSqGSIb3DQEBCwUAA4IBAQC9JcfW
taFpjCD7zw0OfUEr2LhY/OKiy6xHanR+vH9E08OlJJQK9utB4KbAc3486nl0R4y5
7H8VRvlfRqzdbaFg6x9CVJ7tgeI+BpasgY2MK75C+2fu6Ok2pZj78qEQFbsJHeBV
hZx38e5E1hjxecBmxD3LunGIv1/idHLcZwbTDt1/xNoDzwJhLTgJARh2GIpub3+6
T8VGkrirxhPDe2H5/mQPwkEWZpPfwRVWZY/pSRfi3U7QBQsU9jRD/MHNBluXGKEq
hgD0kasq+U8sfBuumd65geBokBmyWlQk9pTsAeFoK4qOAhUWpSQN6GuikwSgQeJs
SWCh0f5wj5eBEGgU
-----END CERTIFICATE-----
Generated at Wed Apr 24 10:47:56 2024 by rpki-client on console.sobornost.net