Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Anrnt9dbueFgzZzgMJy_DQmyqKs.roa
File: Anrnt9dbueFgzZzgMJy_DQmyqKs.roa (raw, json)
Hash identifier: bu+1OAEKXiGTxAA18oCFjPJHXnoh1UInq3kD3OjEPbs=
Subject key identifier: 02:7A:E7:B7:D7:5B:B9:E1:60:CD:9C:E0:30:9C:BF:0D:09:B2:A8:AB
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01903852E546373E1187F28FB33CC063FBD1
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Anrnt9dbueFgzZzgMJy_DQmyqKs.roa
Signing time: Fri 21 Jun 2024 01:04:34 +0000
ROA not before: Fri 21 Jun 2024 01:04:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:190:3852:b339/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 21 Jun 2024 01:12:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:38:52:e5:46:37:3e:11:87:f2:8f:b3:3c:c0:63:fb:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 21 01:04:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=027ae7b7d75bb9e160cd9ce0309cbf0d09b2a8ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e2:22:33:11:73:78:a4:71:cb:09:6b:68:0e:
9b:ae:db:82:6f:08:96:f2:2b:23:c1:72:f9:75:20:
b0:f5:79:5f:67:a1:1b:f2:80:c2:cb:49:3d:ea:14:
e3:b9:ed:c1:90:d1:13:10:f8:cc:31:72:50:4c:e5:
39:32:31:21:84:a0:e6:83:eb:bc:6a:b9:e0:5d:66:
d7:5b:be:56:18:ad:77:c2:d9:45:0e:09:65:a0:e9:
65:68:a0:0e:41:4c:cb:fd:ec:fd:05:63:4a:bb:46:
ba:4d:cb:a9:f1:ea:2e:ef:58:bb:8a:ca:1a:7a:44:
62:81:e4:63:23:eb:f0:ba:c9:e0:2c:fd:6b:8a:c4:
b8:89:f7:5f:ee:3d:74:20:a3:2e:ab:ac:78:23:24:
eb:2f:9a:c8:37:78:c0:18:e8:17:da:ef:4f:2e:05:
0a:bc:8a:05:62:d3:d2:98:a6:4a:a0:f7:2d:36:3e:
8e:08:ea:52:b8:82:6a:26:a4:ba:ff:89:0c:5d:00:
cb:86:37:c1:d7:85:72:fb:ec:9d:19:15:3e:8f:de:
0d:c1:5b:0b:1f:8c:2f:73:ef:c2:82:a7:d4:b2:19:
5c:14:94:4a:ea:bb:d2:c9:bc:82:17:f7:99:07:e5:
3b:29:2e:73:7e:01:12:df:b4:42:3d:69:ea:bc:4b:
44:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:7A:E7:B7:D7:5B:B9:E1:60:CD:9C:E0:30:9C:BF:0D:09:B2:A8:AB
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Anrnt9dbueFgzZzgMJy_DQmyqKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
45:c8:4b:b9:e1:ae:80:89:89:d6:d5:72:fc:03:4a:1b:99:4e:
7f:17:75:47:b8:5b:99:a0:ca:4e:1d:3f:2e:ca:3a:9b:1c:71:
85:fc:62:fa:ce:9c:90:88:24:bb:7a:44:e6:93:72:d3:50:da:
43:80:9a:ec:a5:c5:d0:d2:c9:14:a1:24:03:74:50:eb:05:5d:
c5:fb:c1:4a:b7:07:9c:91:bd:74:50:dd:ae:0e:97:24:34:63:
11:11:f3:2a:56:9b:65:88:4c:b8:e6:36:a6:18:e3:16:2e:1d:
6e:34:9b:24:66:bc:ed:ec:fc:74:58:81:bc:87:c2:5b:20:69:
df:dc:02:78:97:2d:94:92:71:c7:d2:8d:40:c1:2e:0b:5d:06:
6b:43:c9:91:0d:5a:2e:7a:80:15:25:64:f5:dd:0b:55:29:b1:
63:a4:ea:59:7e:9c:b2:40:a8:68:60:20:fa:43:20:d9:55:cb:
a2:8c:5f:1c:c0:4b:f6:33:df:6e:8e:4c:33:4a:94:95:4e:4d:
fc:7f:82:08:4c:8a:67:ed:b5:df:b8:48:7d:0d:a8:a3:d8:98:
55:65:dd:5a:4e:51:0d:58:9f:9b:1e:38:66:b8:bf:a2:1d:98:
e3:b2:17:cd:56:f7:c9:a7:6b:92:c5:44:ee:d9:4d:45:f8:50:
e9:f1:d4:d1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZA4UuVGNz4Rh/KPszzAY/vRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjIxMDEwNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjdhZTdiN2Q3NWJiOWUxNjBjZDljZTAzMDljYmYwZDA5YjJhOGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzeIiMxFzeKRxywlraA6brtuCbwiW
8isjwXL5dSCw9XlfZ6Eb8oDCy0k96hTjue3BkNETEPjMMXJQTOU5MjEhhKDmg+u8
arngXWbXW75WGK13wtlFDglloOllaKAOQUzL/ez9BWNKu0a6Tcup8eou71i7isoa
ekRigeRjI+vwusngLP1risS4ifdf7j10IKMuq6x4IyTrL5rIN3jAGOgX2u9PLgUK
vIoFYtPSmKZKoPctNj6OCOpSuIJqJqS6/4kMXQDLhjfB14Vy++ydGRU+j94NwVsL
H4wvc+/CgqfUshlcFJRK6rvSybyCF/eZB+U7KS5zfgES37RCPWnqvEtERQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAJ657fXW7nhYM2c4DCcvw0JsqirMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvQW5ybnQ5ZGJ1ZUZnelp6Z01KeV9EUW15cUtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEXIS7nhroCJidbVcvwD
ShuZTn8XdUe4W5mgyk4dPy7KOpsccYX8YvrOnJCIJLt6ROaTctNQ2kOAmuylxdDS
yRShJAN0UOsFXcX7wUq3B5yRvXRQ3a4OlyQ0YxER8ypWm2WITLjmNqYY4xYuHW40
myRmvO3s/HRYgbyHwlsgad/cAniXLZSSccfSjUDBLgtdBmtDyZENWi56gBUlZPXd
C1UpsWOk6ll+nLJAqGhgIPpDINlVy6KMXxzAS/Yz326OTDNKlJVOTfx/gghMimft
td+4SH0NqKPYmFVl3VpOUQ1Yn5seOGa4v6IdmOOyF81W98mna5LFRO7ZTUX4UOnx
1NE=
-----END CERTIFICATE-----
Generated at Fri Jun 21 08:43:17 2024 by rpki-client on console.sobornost.net