Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/1Ibu7NFgjT9HznYf_21wqMj8hmc.roa
File: 1Ibu7NFgjT9HznYf_21wqMj8hmc.roa (raw, json)
Hash identifier: hycKr2YJHJgW55TF9g2pgdON0sU75KxDa51G6oTOlXw=
Subject key identifier: D4:86:EE:EC:D1:60:8D:3F:47:CE:76:1F:FF:6D:70:A8:C8:FC:86:67
Certificate issuer: /CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Certificate serial: 018EEC9DC42A61E392EE3E4F7818DF1FC3D4
Authority key identifier: 40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/1Ibu7NFgjT9HznYf_21wqMj8hmc.roa
Signing time: Wed 17 Apr 2024 15:12:26 +0000
ROA not before: Wed 17 Apr 2024 15:12:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 17 Apr 2024 16:04:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ec:9d:c4:2a:61:e3:92:ee:3e:4f:78:18:df:1f:c3:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Validity
Not Before: Apr 17 15:12:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d486eeecd1608d3f47ce761fff6d70a8c8fc8667
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:ce:8b:ae:5b:59:c0:68:33:b9:77:09:79:7e:
ac:7d:24:63:25:50:6f:d6:b9:03:6d:7a:e4:3c:c1:
ee:c3:5d:0a:14:eb:b0:7e:ca:af:13:c3:3a:1a:73:
39:ff:61:7d:e4:ed:e9:f1:4e:8e:e2:7d:99:55:40:
ac:72:dc:85:6c:bc:46:80:d3:0e:d4:51:5c:1e:48:
fc:2a:65:f5:b9:79:a3:fd:da:ef:df:17:79:7a:a2:
f3:3f:71:8c:0c:2f:be:2e:5a:3f:4d:14:a7:f7:c2:
36:8d:a2:bb:0c:78:c5:8e:52:96:3a:21:a3:15:24:
c0:83:dc:2d:86:8c:e4:08:21:73:a1:d8:f0:e6:8c:
f0:a5:2c:3d:ac:49:ff:56:d4:bc:d9:7a:97:11:73:
52:8e:3c:f9:17:b5:61:bb:7f:30:3f:e9:76:fe:de:
20:75:73:5b:94:cf:c8:a9:ff:dd:3f:3f:08:b2:b4:
13:15:17:d2:1d:fa:e0:8a:81:74:70:2a:01:b4:22:
99:1e:59:01:09:f1:3a:aa:41:8d:e3:f0:17:58:c6:
11:a5:11:af:7b:17:2c:52:2e:33:fa:d4:56:06:2a:
13:3f:02:d1:01:14:72:c3:2b:06:82:8e:90:9f:3c:
71:78:78:32:2e:d4:b5:03:37:32:a8:2c:30:95:8e:
dd:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:86:EE:EC:D1:60:8D:3F:47:CE:76:1F:FF:6D:70:A8:C8:FC:86:67
X509v3 Authority Key Identifier:
keyid:40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/1Ibu7NFgjT9HznYf_21wqMj8hmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8e:e0:b9:35:00:0f:f9:9f:ed:23:d0:7a:04:62:45:64:b2:df:
be:6c:e9:12:76:d0:f6:8a:cc:f0:08:3c:d0:39:05:b3:9f:84:
15:5c:02:7a:e9:52:61:d5:cd:e2:31:36:c2:0b:85:a1:78:0f:
bb:e1:41:cd:62:58:5b:87:e7:2e:09:25:71:a4:30:df:1c:30:
c5:42:01:bc:fe:a4:a9:62:d8:da:0d:66:32:fb:ed:f5:ee:c2:
4a:58:ed:40:cc:94:9e:1c:3c:48:03:6c:37:05:53:36:1b:94:
b5:6f:df:ad:6c:f4:dd:ba:b6:3a:ce:22:6e:18:f9:21:ce:0e:
f9:66:3b:8c:5e:83:23:da:07:3a:79:df:8b:08:6d:84:b3:9f:
95:92:ef:ff:70:26:6f:65:12:82:de:e8:bb:c5:7f:3f:eb:90:
bc:19:08:39:66:af:57:e1:ef:1a:61:79:3a:74:82:97:ab:b3:
a9:2e:ca:e5:d1:90:cc:3a:1d:73:32:d1:28:2d:e9:46:38:a7:
3e:ae:87:02:36:73:3b:b2:21:58:03:c9:8e:98:26:90:8d:64:
fc:65:cc:69:75:2e:13:7f:da:78:41:25:d2:9b:a0:8a:ad:e8:
ae:14:f7:ec:13:34:36:86:59:33:dc:f3:49:b6:6c:2b:7e:de:
c3:2a:7c:bf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7sncQqYeOS7j5PeBjfH8PUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYjEzMmMxN2U1OThmMTFiNmExMGY0MmVmM2JjZTk2MWUx
OGU4ZWYwHhcNMjQwNDE3MTUxMjI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDg2ZWVlY2QxNjA4ZDNmNDdjZTc2MWZmZjZkNzBhOGM4ZmM4NjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgM6LrltZwGgzuXcJeX6sfSRjJVBv
1rkDbXrkPMHuw10KFOuwfsqvE8M6GnM5/2F95O3p8U6O4n2ZVUCsctyFbLxGgNMO
1FFcHkj8KmX1uXmj/drv3xd5eqLzP3GMDC++Llo/TRSn98I2jaK7DHjFjlKWOiGj
FSTAg9wthozkCCFzodjw5ozwpSw9rEn/VtS82XqXEXNSjjz5F7Vhu38wP+l2/t4g
dXNblM/Iqf/dPz8IsrQTFRfSHfrgioF0cCoBtCKZHlkBCfE6qkGN4/AXWMYRpRGv
excsUi4z+tRWBioTPwLRARRywysGgo6QnzxxeHgyLtS1AzcyqCwwlY7dYwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNSG7uzRYI0/R852H/9tcKjI/IZnMB8GA1UdIwQY
MBaAFECxMsF+WY8RtqEPQu87zpYeGOjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzIt
OGM4ZWJmNTg4OWRhLzEvMUlidTdORmdqVDlIem5ZZl8yMXdxTWo4aG1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzItOGM4ZWJmNTg4OWRh
LzEvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI7guTUAD/mf7SPQegRi
RWSy375s6RJ20PaKzPAIPNA5BbOfhBVcAnrpUmHVzeIxNsILhaF4D7vhQc1iWFuH
5y4JJXGkMN8cMMVCAbz+pKli2NoNZjL77fXuwkpY7UDMlJ4cPEgDbDcFUzYblLVv
361s9N26tjrOIm4Y+SHODvlmO4xegyPaBzp534sIbYSzn5WS7/9wJm9lEoLe6LvF
fz/rkLwZCDlmr1fh7xpheTp0gpers6kuyuXRkMw6HXMy0Sgt6UY4pz6uhwI2czuy
IVgDyY6YJpCNZPxlzGl1LhN/2nhBJdKboIqt6K4U9+wTNDaGWTPc80m2bCt+3sMq
fL8=
-----END CERTIFICATE-----
Generated at Thu Apr 18 14:09:47 2024 by rpki-client on console.sobornost.net