Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/oa2WElu-LhT_QYoIYbyY8uCUROE.roa
File: oa2WElu-LhT_QYoIYbyY8uCUROE.roa (raw, json)
Hash identifier: +y3s0M3plWTryT63b/qYK5gx/slZyr8QEOONGS6AlFM=
Subject key identifier: A1:AD:96:12:5B:BE:2E:14:FF:41:8A:08:61:BC:98:F2:E0:94:44:E1
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018FA6A99536BC7A2A32126AE18ECA74FFED
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/oa2WElu-LhT_QYoIYbyY8uCUROE.roa
Signing time: Thu 23 May 2024 18:14:42 +0000
ROA not before: Thu 23 May 2024 18:14:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:9689:3f54/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 23 May 2024 19:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a6:a9:95:36:bc:7a:2a:32:12:6a:e1:8e:ca:74:ff:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 23 18:14:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1ad96125bbe2e14ff418a0861bc98f2e09444e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:4e:19:e1:68:a5:28:1a:89:e9:3e:48:c8:8c:
8d:ab:ac:d2:60:65:a6:5d:7b:a3:e9:de:af:58:48:
0e:0d:21:c7:f7:90:dc:ea:09:b4:ff:5d:54:23:4a:
c5:a1:e3:1a:a9:71:25:69:05:9d:26:a7:05:b7:82:
28:0b:ee:8c:6d:06:24:5b:29:76:e2:64:c6:c6:19:
3b:27:41:1c:0d:11:42:e1:f3:3f:23:59:67:b6:27:
03:2a:82:25:83:78:2d:8b:d3:65:a6:51:cd:f4:11:
39:ae:03:e3:db:80:44:ec:c7:f2:98:8d:52:85:27:
89:8b:c7:a8:83:5c:d1:5a:d7:4a:a6:08:9e:73:cf:
e7:52:a3:0d:40:62:d4:67:b8:a7:23:a8:f2:cc:a2:
f3:a2:32:f8:12:7d:19:bb:ca:23:b8:75:05:10:08:
d8:f1:3a:78:b2:99:e9:f6:0a:f4:b5:70:35:c8:26:
80:95:27:eb:1a:10:e5:c8:71:47:39:5f:e9:9b:7a:
6f:a5:1d:bf:c3:69:83:a1:7f:bd:09:fe:27:d2:32:
20:a3:b2:ee:63:6b:70:02:42:45:a3:5e:8d:fe:0f:
cf:3d:3b:09:21:1a:04:b5:bd:96:ae:49:5e:b3:eb:
0a:e1:a8:78:4c:a7:bb:35:72:2e:a2:8e:2d:e5:4f:
4a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:AD:96:12:5B:BE:2E:14:FF:41:8A:08:61:BC:98:F2:E0:94:44:E1
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/oa2WElu-LhT_QYoIYbyY8uCUROE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
11:60:68:ed:25:ba:8d:d4:71:15:43:aa:b8:ab:2a:52:a7:8a:
1f:6e:03:a4:04:ac:47:0f:06:e1:9c:17:f5:51:26:ca:f8:7d:
73:cf:7e:10:ef:07:86:0e:b5:44:f7:25:93:af:39:05:0f:84:
bc:b4:c2:21:21:95:bc:4b:91:d0:cf:cc:37:15:1f:7b:90:b1:
e1:2c:05:67:45:f6:c0:2b:e5:a9:c7:bc:e9:18:b7:06:2c:af:
86:10:3a:c3:25:4a:2d:18:4e:e4:51:dd:ee:98:6b:3a:a7:09:
4a:05:c7:de:16:a4:8f:ce:43:fe:71:3a:95:e0:f6:c3:d8:23:
10:cb:61:07:86:99:6a:3f:e6:46:89:1e:e4:d5:18:61:74:c7:
29:55:1e:b7:5f:b8:50:6c:0f:69:dc:ac:93:78:49:a4:45:7c:
b0:76:27:15:5c:a3:23:df:f0:8b:60:9d:64:3a:c7:1f:b5:82:
79:b8:16:a4:31:c8:b3:98:48:53:56:34:6c:31:0d:74:b0:fe:
27:7a:5a:14:0e:68:00:85:aa:10:54:55:fc:65:e6:8c:b2:59:
88:a4:d4:15:87:e0:1b:8f:1e:e0:c5:71:87:27:ba:5a:0e:9c:
2e:90:fd:ad:12:59:90:22:3b:f2:41:c6:92:92:64:5d:bc:43:
d6:4a:4c:75
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+mqZU2vHoqMhJq4Y7KdP/tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTIzMTgxNDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWFkOTYxMjViYmUyZTE0ZmY0MThhMDg2MWJjOThmMmUwOTQ0NGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoU4Z4WilKBqJ6T5IyIyNq6zSYGWm
XXuj6d6vWEgODSHH95Dc6gm0/11UI0rFoeMaqXElaQWdJqcFt4IoC+6MbQYkWyl2
4mTGxhk7J0EcDRFC4fM/I1lnticDKoIlg3gti9NlplHN9BE5rgPj24BE7MfymI1S
hSeJi8eog1zRWtdKpgiec8/nUqMNQGLUZ7inI6jyzKLzojL4En0Zu8ojuHUFEAjY
8Tp4spnp9gr0tXA1yCaAlSfrGhDlyHFHOV/pm3pvpR2/w2mDoX+9Cf4n0jIgo7Lu
Y2twAkJFo16N/g/PPTsJIRoEtb2Wrkles+sK4ah4TKe7NXIuoo4t5U9KPQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKGtlhJbvi4U/0GKCGG8mPLglEThMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvb2EyV0VsdS1MaFRfUVlvSVlieVk4dUNVUk9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABFgaO0luo3UcRVDqrir
KlKnih9uA6QErEcPBuGcF/VRJsr4fXPPfhDvB4YOtUT3JZOvOQUPhLy0wiEhlbxL
kdDPzDcVH3uQseEsBWdF9sAr5anHvOkYtwYsr4YQOsMlSi0YTuRR3e6YazqnCUoF
x94WpI/OQ/5xOpXg9sPYIxDLYQeGmWo/5kaJHuTVGGF0xylVHrdfuFBsD2ncrJN4
SaRFfLB2JxVcoyPf8ItgnWQ6xx+1gnm4FqQxyLOYSFNWNGwxDXSw/id6WhQOaACF
qhBUVfxl5oyyWYik1BWH4BuPHuDFcYcnuloOnC6Q/a0SWZAiO/JBxpKSZF28Q9ZK
THU=
-----END CERTIFICATE-----
Generated at Fri May 24 04:19:12 2024 by rpki-client on console.sobornost.net