Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/aF-xCLRkYgsxmLbmFes-xs8ubhs.roa
File: aF-xCLRkYgsxmLbmFes-xs8ubhs.roa (raw, json)
Hash identifier: OPoxrn0LvbJyb4w/IxRrmOThP5OIDBaGawxCDs79zDg=
Subject key identifier: 68:5F:B1:08:B4:64:62:0B:31:98:B6:E6:15:EB:3E:C6:CF:2E:6E:1B
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FC85545881B2DF5018E30534B42D94077
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/aF-xCLRkYgsxmLbmFes-xs8ubhs.roa
Signing time: Thu 30 May 2024 07:09:42 +0000
ROA not before: Thu 30 May 2024 07:09:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 30 May 2024 08:05:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c8:55:45:88:1b:2d:f5:01:8e:30:53:4b:42:d9:40:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 30 07:09:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=685fb108b464620b3198b6e615eb3ec6cf2e6e1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:fd:87:74:99:c0:02:14:6d:d9:c2:75:6a:3d:
15:4a:ae:95:9b:4b:6b:b2:2c:b8:0c:e7:31:ce:a5:
f4:94:c5:99:8c:5a:a8:e7:f5:78:c1:d1:6c:a4:28:
82:b4:67:0c:ac:b8:17:51:3f:50:d7:cb:c2:ef:69:
fd:0a:42:f7:ff:37:cb:04:77:3d:6a:77:9d:8e:4a:
ef:17:31:40:2e:a0:fa:08:a7:5f:a9:b5:68:f8:f5:
b2:1f:3b:d3:bf:0b:e6:0a:0c:f3:31:4f:2e:57:5e:
d7:0f:7a:4d:46:ca:bd:3f:f9:8d:40:07:37:53:7f:
91:97:2b:61:88:c7:55:56:67:d8:3a:bd:0b:72:0c:
e9:1f:31:03:4d:2f:17:9a:c1:33:91:79:98:21:64:
57:f0:68:34:17:0a:3a:20:b0:6b:7b:9d:34:24:f8:
64:d2:40:7d:01:e5:46:9b:62:82:8c:66:63:6a:c1:
37:2e:ae:4e:bc:32:cb:60:a3:03:58:b8:f2:22:67:
fb:61:f7:2f:11:92:ca:ef:f5:21:19:0c:1e:d8:0f:
a6:b7:5b:f6:d2:8f:98:43:98:f2:d5:d4:85:c3:e5:
c8:28:b0:05:65:f1:f5:3f:4c:48:bc:65:35:97:47:
cc:27:5a:f1:46:e1:aa:af:22:0f:a1:7a:b0:fa:03:
13:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:5F:B1:08:B4:64:62:0B:31:98:B6:E6:15:EB:3E:C6:CF:2E:6E:1B
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/aF-xCLRkYgsxmLbmFes-xs8ubhs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
73:36:f1:6f:1a:1f:18:07:22:5d:a7:c3:34:46:3c:26:76:52:
76:3b:a5:61:5c:db:b9:40:7b:d9:6f:67:3e:7d:15:fd:19:32:
59:94:01:3a:27:80:f1:2d:ca:6d:5f:fa:5c:33:8e:be:84:dc:
d9:6d:67:71:9f:4c:93:d1:49:c2:47:80:5b:b9:f1:2c:e6:9e:
7b:48:07:1f:9c:62:bb:0a:d6:88:a4:11:2f:a8:ba:60:63:9d:
b8:13:11:8a:82:ee:2c:07:67:1f:4a:30:5e:68:21:49:09:b3:
0b:d7:5b:2a:f5:73:1c:23:23:67:65:c4:3f:0d:fe:46:8e:06:
be:b2:ed:69:01:ea:7f:c5:05:c8:ac:e6:b6:02:74:0f:9c:22:
8a:ab:cf:55:8a:e6:22:cb:f8:6d:62:3c:06:ed:5e:68:86:4c:
43:77:7b:7e:83:20:17:80:d7:08:04:41:2b:10:78:e6:a8:b5:
09:29:7a:45:42:8a:83:bb:a1:3c:a7:82:53:30:4b:77:4d:ad:
8a:76:32:c7:55:c4:dd:cf:62:1e:94:ca:8b:be:7f:27:a7:3c:
a6:80:77:41:1e:22:ba:87:e8:c9:8d:ec:5a:22:08:d8:bd:e5:
31:8d:3d:0b:27:42:9c:1f:29:d0:87:38:db:61:00:29:8c:7a:
97:0a:73:cf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/IVUWIGy31AY4wU0tC2UB3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTMwMDcwOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODVmYjEwOGI0NjQ2MjBiMzE5OGI2ZTYxNWViM2VjNmNmMmU2ZTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5f2HdJnAAhRt2cJ1aj0VSq6Vm0tr
siy4DOcxzqX0lMWZjFqo5/V4wdFspCiCtGcMrLgXUT9Q18vC72n9CkL3/zfLBHc9
anedjkrvFzFALqD6CKdfqbVo+PWyHzvTvwvmCgzzMU8uV17XD3pNRsq9P/mNQAc3
U3+RlythiMdVVmfYOr0LcgzpHzEDTS8XmsEzkXmYIWRX8Gg0Fwo6ILBre500JPhk
0kB9AeVGm2KCjGZjasE3Lq5OvDLLYKMDWLjyImf7YfcvEZLK7/UhGQwe2A+mt1v2
0o+YQ5jy1dSFw+XIKLAFZfH1P0xIvGU1l0fMJ1rxRuGqryIPoXqw+gMTsQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGhfsQi0ZGILMZi25hXrPsbPLm4bMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvYUYteENMUmtZZ3N4bUxibUZlcy14czh1YmhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHM28W8aHxgHIl2nwzRG
PCZ2UnY7pWFc27lAe9lvZz59Ff0ZMlmUATongPEtym1f+lwzjr6E3NltZ3GfTJPR
ScJHgFu58SzmnntIBx+cYrsK1oikES+oumBjnbgTEYqC7iwHZx9KMF5oIUkJswvX
Wyr1cxwjI2dlxD8N/kaOBr6y7WkB6n/FBcis5rYCdA+cIoqrz1WK5iLL+G1iPAbt
XmiGTEN3e36DIBeA1wgEQSsQeOaotQkpekVCioO7oTynglMwS3dNrYp2MsdVxN3P
Yh6Uyou+fyenPKaAd0EeIrqH6MmN7FoiCNi95TGNPQsnQpwfKdCHONthACmMepcK
c88=
-----END CERTIFICATE-----
Generated at Thu May 30 16:03:53 2024 by rpki-client on console.sobornost.net