Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/yafCGsolf2ptx3F9qayK510xD9Y.roa
File: yafCGsolf2ptx3F9qayK510xD9Y.roa (raw, json)
Hash identifier: 4jMiuL6DcWzDe1MOFsR7Xkr0WjtxlsEbSq+ceB+61q4=
Subject key identifier: C9:A7:C2:1A:CA:25:7F:6A:6D:C7:71:7D:A9:AC:8A:E7:5D:31:0F:D6
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F9C5C483B4F2C170874EADFFF3E377542
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/yafCGsolf2ptx3F9qayK510xD9Y.roa
Signing time: Tue 21 May 2024 18:14:04 +0000
ROA not before: Tue 21 May 2024 18:14:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:9689:3f54/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 21 May 2024 19:06:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9c:5c:48:3b:4f:2c:17:08:74:ea:df:ff:3e:37:75:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 21 18:14:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9a7c21aca257f6a6dc7717da9ac8ae75d310fd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:67:15:40:53:f6:c6:06:52:71:c5:9e:0d:b5:
f2:03:fd:5c:93:79:6e:90:a9:09:5f:c1:51:f9:96:
a5:33:23:61:d8:aa:ff:a8:1f:d8:e2:ea:16:c2:b8:
02:f3:22:b9:b9:6a:fe:59:63:11:0c:2d:47:a3:14:
91:b1:c0:45:4c:f6:3e:8c:7b:e7:c4:34:49:20:38:
44:9d:39:89:90:aa:16:b2:23:1c:f8:02:bd:c9:8e:
c4:99:ae:26:1c:46:0c:11:35:b2:b2:de:37:a1:6e:
9b:8d:22:c2:97:da:77:a7:73:2f:8d:73:4c:93:ef:
0a:c1:f1:25:79:bb:4e:3e:51:92:e1:59:d1:ed:62:
b9:4e:c5:78:a1:46:2c:75:3d:b2:51:8a:56:48:1f:
44:02:f2:80:85:be:ba:1c:06:6f:db:c1:0e:8c:f3:
e0:2a:d1:f0:27:ca:29:1a:37:35:fc:36:c1:79:f9:
63:1a:ec:5d:c4:b0:15:a6:4d:bb:af:a1:c0:aa:80:
b8:9a:01:e8:93:b7:15:e8:fd:c6:79:25:51:ec:f2:
bd:41:a5:f0:47:83:8c:c3:4c:91:2a:60:55:7d:23:
38:8b:29:74:41:f6:28:52:91:ca:58:c0:cd:74:ee:
3e:90:4e:c0:f0:b5:a2:8e:df:e6:4d:17:03:2d:2f:
66:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:A7:C2:1A:CA:25:7F:6A:6D:C7:71:7D:A9:AC:8A:E7:5D:31:0F:D6
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/yafCGsolf2ptx3F9qayK510xD9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a0:64:7a:44:3a:5b:46:af:d1:b7:6f:65:62:a7:a9:fb:dd:89:
54:1c:65:5d:eb:0b:2e:01:8d:bd:35:1e:04:3f:c8:c9:2a:34:
8b:2f:86:6f:20:45:e7:6b:95:49:63:49:27:6c:e7:a8:33:43:
50:a9:63:ca:82:2f:02:bc:9b:a1:2e:78:c2:f1:2d:0d:e9:ab:
3c:12:53:f5:ac:0d:61:63:96:d8:90:5c:fa:87:0f:ef:11:65:
f6:38:21:c5:4f:8c:24:eb:cc:21:37:85:83:dd:32:95:e7:3b:
59:86:9d:77:58:24:e6:ab:4b:11:f9:ad:58:c0:33:3c:2e:f1:
4f:38:c3:71:60:fe:ab:54:5a:c1:bc:2c:01:0a:61:20:48:e5:
11:bf:98:e6:7f:0a:b9:57:e9:b8:06:fb:99:0e:a4:6f:ab:44:
32:b5:c3:d9:e0:a7:01:69:20:55:f9:3c:33:b6:0d:11:87:cf:
3f:c2:8c:05:6a:89:5e:8c:54:5b:2c:69:76:04:39:60:d0:95:
81:ac:48:d9:7d:4d:6c:66:b9:95:2d:58:aa:17:bb:07:b7:d9:
02:6a:98:63:2b:9c:d8:08:85:d2:e2:cb:98:fb:b2:a5:ba:78:
85:10:30:6b:9f:96:9c:23:ca:4a:9c:0d:92:9b:10:35:99:06:
c9:b4:a2:74
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+cXEg7TywXCHTq3/8+N3VCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTIxMTgxNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWE3YzIxYWNhMjU3ZjZhNmRjNzcxN2RhOWFjOGFlNzVkMzEwZmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGcVQFP2xgZSccWeDbXyA/1ck3lu
kKkJX8FR+ZalMyNh2Kr/qB/Y4uoWwrgC8yK5uWr+WWMRDC1HoxSRscBFTPY+jHvn
xDRJIDhEnTmJkKoWsiMc+AK9yY7Ema4mHEYMETWyst43oW6bjSLCl9p3p3MvjXNM
k+8KwfElebtOPlGS4VnR7WK5TsV4oUYsdT2yUYpWSB9EAvKAhb66HAZv28EOjPPg
KtHwJ8opGjc1/DbBefljGuxdxLAVpk27r6HAqoC4mgHok7cV6P3GeSVR7PK9QaXw
R4OMw0yRKmBVfSM4iyl0QfYoUpHKWMDNdO4+kE7A8LWijt/mTRcDLS9mKwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMmnwhrKJX9qbcdxfamsiuddMQ/WMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEveWFmQ0dzb2xmMnB0eDNGOXFheUs1MTB4RDlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKBkekQ6W0av0bdvZWKn
qfvdiVQcZV3rCy4Bjb01HgQ/yMkqNIsvhm8gRedrlUljSSds56gzQ1CpY8qCLwK8
m6EueMLxLQ3pqzwSU/WsDWFjltiQXPqHD+8RZfY4IcVPjCTrzCE3hYPdMpXnO1mG
nXdYJOarSxH5rVjAMzwu8U84w3Fg/qtUWsG8LAEKYSBI5RG/mOZ/CrlX6bgG+5kO
pG+rRDK1w9ngpwFpIFX5PDO2DRGHzz/CjAVqiV6MVFssaXYEOWDQlYGsSNl9TWxm
uZUtWKoXuwe32QJqmGMrnNgIhdLiy5j7sqW6eIUQMGuflpwjykqcDZKbEDWZBsm0
onQ=
-----END CERTIFICATE-----
Generated at Wed May 22 00:53:46 2024 by rpki-client on console.sobornost.net