Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/wk96rGdavZ6NZJIqGATcaLeizrA.roa
File: wk96rGdavZ6NZJIqGATcaLeizrA.roa (raw, json)
Hash identifier: ZavCSovwY0gIsLjOkFDJYcUGYYlf+T+wcTDuaovr3DM=
Subject key identifier: C2:4F:7A:AC:67:5A:BD:9E:8D:64:92:2A:18:04:DC:68:B7:A2:CE:B0
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F0EF0BAEF58F9759604F42A97532A697C
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/wk96rGdavZ6NZJIqGATcaLeizrA.roa
Signing time: Wed 24 Apr 2024 07:10:08 +0000
ROA not before: Wed 24 Apr 2024 07:10:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 24 Apr 2024 08:05:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0e:f0:ba:ef:58:f9:75:96:04:f4:2a:97:53:2a:69:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 24 07:10:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c24f7aac675abd9e8d64922a1804dc68b7a2ceb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:3c:a4:9d:e1:5c:5d:74:89:76:fc:a9:53:44:
ae:2d:7a:d6:83:54:c0:86:7b:37:f0:ef:20:3a:7f:
fd:30:d5:77:26:88:df:fa:3d:25:61:5d:ba:61:d0:
a5:8c:2e:54:40:1d:68:b2:f7:95:f7:07:d0:4f:f9:
c4:2f:28:80:ff:d8:88:4c:8b:71:18:65:56:32:a6:
2d:d7:95:96:d1:d0:74:c3:00:04:2f:4f:5b:84:3d:
80:ae:85:7d:e2:18:fe:0e:e9:7b:9d:f1:5a:57:89:
bd:20:1c:58:96:c0:79:df:4b:5f:65:bf:c1:96:1e:
3e:ca:9a:8f:6a:28:2a:fb:23:82:9c:1f:5e:61:87:
df:8b:ab:60:1b:70:06:27:ac:65:4f:56:d4:63:83:
db:9f:c7:50:89:31:49:9b:f0:dd:7d:e9:4f:8d:a1:
f6:2a:45:32:4c:fc:69:a1:7b:ac:61:f2:b8:a1:ae:
a5:9a:cf:b4:6f:96:56:8d:66:7f:42:e4:f8:f0:2f:
ab:3b:0e:4e:44:02:57:58:68:08:24:48:91:98:2d:
e0:ae:4c:f0:9b:dc:75:2a:4c:f7:66:9a:14:0e:5a:
02:9a:a6:d9:97:0e:fe:d0:ff:7f:23:07:b4:22:70:
c7:4d:f1:e1:6e:28:c6:fe:47:a2:2f:5c:4e:be:65:
50:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:4F:7A:AC:67:5A:BD:9E:8D:64:92:2A:18:04:DC:68:B7:A2:CE:B0
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/wk96rGdavZ6NZJIqGATcaLeizrA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64:ffff:0:18f:543:9e41/128
Signature Algorithm: sha256WithRSAEncryption
be:d9:ae:50:9f:22:35:ab:0e:1f:d2:2b:b0:92:c0:fc:51:59:
49:e7:40:9a:fc:7c:b2:33:2b:7a:94:ee:52:c1:ba:4e:53:4e:
2c:e2:9a:1d:ad:35:77:a9:c6:10:a0:45:4f:82:98:0d:19:e9:
13:98:2a:c6:96:b2:c6:f7:cd:cb:91:41:00:0a:a9:79:01:0b:
a7:b0:d8:19:5e:14:8c:00:0e:9b:f3:89:85:64:e6:14:c6:43:
f1:f6:04:d7:24:76:cf:a7:f6:71:21:70:df:f7:c2:81:b2:f9:
07:8a:91:aa:94:f7:75:e8:44:a0:85:04:74:80:cf:d2:bf:3d:
17:55:27:40:55:b2:5f:b8:f1:3f:ce:68:da:3c:ee:ba:0a:3a:
95:53:2c:b8:08:50:76:64:ca:07:ca:cc:7e:7f:70:48:d6:01:
68:17:00:14:78:3e:ea:9e:fb:25:98:a2:c5:ed:91:0b:06:7e:
8e:3b:9f:49:af:07:93:2a:63:92:fb:c8:f1:cc:78:45:07:5d:
51:21:ea:10:47:f2:6a:aa:75:e5:2e:a1:a3:09:2e:5f:7e:6a:
be:bd:8b:e5:a2:73:b0:f2:73:d8:95:f8:6d:ac:8b:8b:9a:31:
c9:fd:00:bb:5e:d6:b6:81:93:1b:e7:ec:24:22:62:b7:d3:d5:
ef:f8:89:5c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY8O8LrvWPl1lgT0KpdTKml8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDI0MDcxMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjRmN2FhYzY3NWFiZDllOGQ2NDkyMmExODA0ZGM2OGI3YTJjZWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5TykneFcXXSJdvypU0SuLXrWg1TA
hns38O8gOn/9MNV3Jojf+j0lYV26YdCljC5UQB1osveV9wfQT/nELyiA/9iITItx
GGVWMqYt15WW0dB0wwAEL09bhD2AroV94hj+Dul7nfFaV4m9IBxYlsB530tfZb/B
lh4+ypqPaigq+yOCnB9eYYffi6tgG3AGJ6xlT1bUY4Pbn8dQiTFJm/DdfelPjaH2
KkUyTPxpoXusYfK4oa6lms+0b5ZWjWZ/QuT48C+rOw5ORAJXWGgIJEiRmC3grkzw
m9x1Kkz3ZpoUDloCmqbZlw7+0P9/Iwe0InDHTfHhbijG/keiL1xOvmVQ3QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMJPeqxnWr2ejWSSKhgE3Gi3os6wMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvd2s5NnJHZGF2WjZOWkpJcUdBVGNhTGVpenJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAMBAIAATAGAwQDwQAYMBkE
AgACMBMDEQAgAQZ8AGT//wAAAY8FQ55BMA0GCSqGSIb3DQEBCwUAA4IBAQC+2a5Q
nyI1qw4f0iuwksD8UVlJ50Ca/HyyMyt6lO5SwbpOU04s4podrTV3qcYQoEVPgpgN
GekTmCrGlrLG983LkUEACql5AQunsNgZXhSMAA6b84mFZOYUxkPx9gTXJHbPp/Zx
IXDf98KBsvkHipGqlPd16ESghQR0gM/Svz0XVSdAVbJfuPE/zmjaPO66CjqVUyy4
CFB2ZMoHysx+f3BI1gFoFwAUeD7qnvslmKLF7ZELBn6OO59JrweTKmOS+8jxzHhF
B11RIeoQR/JqqnXlLqGjCS5ffmq+vYvlonOw8nPYlfhtrIuLmjHJ/QC7Xta2gZMb
5+wkImK309Xv+Ilc
-----END CERTIFICATE-----
Generated at Wed Apr 24 14:19:11 2024 by rpki-client on console.sobornost.net