Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/UEn7xGFfuS0TrLE7NAJZPkmJxSg.roa
File: UEn7xGFfuS0TrLE7NAJZPkmJxSg.roa (raw, json)
Hash identifier: 7ZBGJoAsPn2szoiUhJ+5wvjU5xhTWtXFy0i4XsoOsq8=
Subject key identifier: 50:49:FB:C4:61:5F:B9:2D:13:AC:B1:3B:34:02:59:3E:49:89:C5:28
Certificate issuer: /CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Certificate serial: 018E12B0D021276F51F4629DCDC3F6A975CA
Authority key identifier: AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/UEn7xGFfuS0TrLE7NAJZPkmJxSg.roa
Signing time: Wed 06 Mar 2024 07:36:01 +0000
ROA not before: Wed 06 Mar 2024 07:36:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204137
IP address blocks: 134.19.128.0/21 maxlen: 21
2a05:7400:4000::/34 maxlen: 34
Validation: Failed, certificate revoked on Wed 06 Mar 2024 08:17:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:12:b0:d0:21:27:6f:51:f4:62:9d:cd:c3:f6:a9:75:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Validity
Not Before: Mar 6 07:36:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5049fbc4615fb92d13acb13b3402593e4989c528
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:57:89:21:19:5a:71:11:ab:f5:d9:63:32:75:
ae:4b:b5:51:e2:27:86:32:a4:f9:aa:a0:b7:d4:69:
00:24:45:d2:48:db:42:b6:c8:1b:44:e6:9a:19:d7:
b4:be:9f:60:9d:9a:3a:f0:85:30:83:ac:70:f2:ec:
93:95:2a:f5:5e:57:71:37:0f:09:48:c0:d0:43:65:
17:c0:e0:57:44:1c:50:de:26:0e:06:70:47:21:31:
e4:38:3a:e5:fd:a1:e7:fa:85:0c:3a:20:1a:b9:ab:
01:ba:13:99:ca:cc:d1:e8:d2:8b:83:eb:51:fb:30:
ef:01:b5:67:71:05:20:2c:0d:53:9b:4d:f4:e9:74:
50:7c:12:cb:41:15:5d:ef:aa:8d:07:25:a3:4f:cb:
b2:cf:06:78:2d:93:25:3f:e0:40:97:b5:44:f0:82:
40:2c:38:81:83:5e:8f:31:a5:9c:ce:01:83:fa:55:
e6:bd:43:54:8c:a2:12:d7:5f:97:75:f7:2f:75:23:
ef:9d:f6:df:dd:d8:91:5f:5d:e5:5b:7e:68:85:35:
7c:ee:16:1a:5d:fc:fe:3c:fe:3a:a6:23:70:b2:c0:
1a:8d:e0:5f:a8:fe:2e:e4:17:c6:52:2b:90:97:93:
05:9b:fd:3e:d9:85:39:2d:98:a6:ae:29:4a:06:f1:
10:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:49:FB:C4:61:5F:B9:2D:13:AC:B1:3B:34:02:59:3E:49:89:C5:28
X509v3 Authority Key Identifier:
keyid:AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/UEn7xGFfuS0TrLE7NAJZPkmJxSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.19.128.0/21
IPv6:
2a05:7400:4000::/34
Signature Algorithm: sha256WithRSAEncryption
a9:80:2a:1c:0e:e2:f6:73:a3:48:d3:ed:0f:ee:94:8a:11:b8:
d3:3d:42:c0:5d:71:30:d0:3b:c3:5c:58:2b:26:d7:f2:cd:0c:
28:6a:1f:fd:07:5f:84:63:ed:8a:1e:4e:07:41:38:71:4b:bc:
b1:2c:a6:7f:f3:00:cb:cf:f3:c2:68:d2:d0:08:ea:0b:a7:a8:
b3:1a:7e:a3:d2:ca:1f:06:91:e8:eb:44:31:df:00:60:ce:78:
26:09:a0:92:5a:4a:b7:ec:65:50:39:ad:6e:e6:c1:5e:f8:08:
bf:47:70:68:53:4d:54:34:68:82:4b:f0:28:3d:35:9e:41:b8:
b6:fd:26:92:51:ce:8f:c8:a0:af:18:d7:8a:53:4a:51:29:5d:
8d:c6:58:e4:88:87:e4:aa:39:57:63:0b:20:ec:a1:62:e4:9e:
46:7d:d9:ba:e5:64:50:53:dd:1a:05:1d:91:e7:9a:58:b6:df:
b7:fa:46:da:97:9f:88:23:ea:28:2b:cc:54:cc:64:35:c9:0a:
ca:87:59:a1:6e:be:ee:d7:ac:ec:fc:bb:05:d5:40:89:06:51:
14:70:41:c9:cf:ee:46:00:05:f4:b2:96:ae:a1:76:e3:db:e3:
a0:c8:5a:fa:0a:86:f2:8a:16:a2:22:9d:9e:1e:1f:02:75:9b:
3c:53:86:b8
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAY4SsNAhJ29R9GKdzcP2qXXKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlN2Y3NDdkZjVmMjQzNTMxNTRkYzRkNGJmNzBkMmRkY2I1
M2U5MDAwHhcNMjQwMzA2MDczNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDQ5ZmJjNDYxNWZiOTJkMTNhY2IxM2IzNDAyNTkzZTQ5ODljNTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFeJIRlacRGr9dljMnWuS7VR4ieG
MqT5qqC31GkAJEXSSNtCtsgbROaaGde0vp9gnZo68IUwg6xw8uyTlSr1XldxNw8J
SMDQQ2UXwOBXRBxQ3iYOBnBHITHkODrl/aHn+oUMOiAauasBuhOZyszR6NKLg+tR
+zDvAbVncQUgLA1Tm0306XRQfBLLQRVd76qNByWjT8uyzwZ4LZMlP+BAl7VE8IJA
LDiBg16PMaWczgGD+lXmvUNUjKIS11+XdfcvdSPvnfbf3diRX13lW35ohTV87hYa
Xfz+PP46piNwssAajeBfqP4u5BfGUiuQl5MFm/0+2YU5LZimrilKBvEQRQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFFBJ+8RhX7ktE6yxOzQCWT5JicUoMB8GA1UdIwQY
MBaAFK5/dH318kNTFU3E1L9w0t3LU+kAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2Et
YzZmMWU2YWM5YmE5LzEvVUVuN3hHRmZ1UzBUckxFN05BSlpQa21KeFNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2EtYzZmMWU2YWM5YmE5
LzEvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQDhhOAMA4E
AgACMAgDBgYqBXQAQDANBgkqhkiG9w0BAQsFAAOCAQEAqYAqHA7i9nOjSNPtD+6U
ihG40z1CwF1xMNA7w1xYKybX8s0MKGof/QdfhGPtih5OB0E4cUu8sSymf/MAy8/z
wmjS0AjqC6eosxp+o9LKHwaR6OtEMd8AYM54JgmgklpKt+xlUDmtbubBXvgIv0dw
aFNNVDRogkvwKD01nkG4tv0mklHOj8igrxjXilNKUSldjcZY5IiH5Ko5V2MLIOyh
YuSeRn3ZuuVkUFPdGgUdkeeaWLbft/pG2pefiCPqKCvMVMxkNckKyodZoW6+7tes
7Py7BdVAiQZRFHBByc/uRgAF9LKWrqF249vjoMha+gqG8ooWoiKdnh4fAnWbPFOG
uA==
-----END CERTIFICATE-----
Generated at Wed Mar 6 14:47:15 2024 by rpki-client on console.sobornost.net