Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/aMFgpqkSyP2C6UAf-aDcA4Z52lY.roa
File: aMFgpqkSyP2C6UAf-aDcA4Z52lY.roa (raw, json)
Hash identifier: 34fQ2/ZIpas6IgGWL3k7kvx2OFlHxSEhYdrNiaUv068=
Subject key identifier: 68:C1:60:A6:A9:12:C8:FD:82:E9:40:1F:F9:A0:DC:03:86:79:DA:56
Certificate issuer: /CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Certificate serial: 018EF26801E2AD348C9E46ABCB49F5520C4D
Authority key identifier: 40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/aMFgpqkSyP2C6UAf-aDcA4Z52lY.roa
Signing time: Thu 18 Apr 2024 18:11:26 +0000
ROA not before: Thu 18 Apr 2024 18:11:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18e:f1f3:8b1f/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 18 Apr 2024 19:04:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f2:68:01:e2:ad:34:8c:9e:46:ab:cb:49:f5:52:0c:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Validity
Not Before: Apr 18 18:11:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68c160a6a912c8fd82e9401ff9a0dc038679da56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:6e:d3:9c:29:37:88:a4:92:5f:be:43:5c:ff:
79:5c:11:7f:36:f9:d0:e3:05:e0:21:95:61:fa:93:
26:af:c1:ef:67:cc:59:8e:52:60:ef:91:45:97:06:
49:16:92:7b:de:cf:4e:d0:f2:02:58:c1:96:17:42:
d9:5d:8b:99:ca:9e:19:aa:9c:1c:7b:00:ca:f3:21:
10:5b:05:72:b5:0c:df:d9:e6:b2:06:fd:49:1b:01:
ab:c3:ab:65:f3:2d:7e:67:ca:95:a9:7b:84:00:00:
c1:b6:cd:76:11:0f:58:bc:72:59:f2:fc:6c:f7:35:
73:f9:47:27:64:e6:f1:10:29:c8:1c:da:a5:f1:c6:
d7:1a:34:09:72:7e:90:74:7d:1c:97:5b:3c:af:ea:
ad:cf:56:6c:ae:e1:e6:57:f5:d3:ea:f9:02:78:ed:
df:83:18:94:8a:d2:20:0a:8e:af:7a:86:59:da:1f:
cb:28:3c:3e:5d:83:b4:70:13:a8:42:7b:39:cc:71:
c3:cc:71:d9:83:16:03:76:2b:b1:82:9c:4e:2e:f3:
73:a4:ba:29:53:1f:c7:be:2d:e7:41:24:9e:5a:44:
29:8d:89:a1:c5:60:30:8a:87:47:6d:27:dd:5d:0f:
38:d8:88:5e:4e:fa:79:ad:f8:05:a3:92:83:81:43:
fc:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:C1:60:A6:A9:12:C8:FD:82:E9:40:1F:F9:A0:DC:03:86:79:DA:56
X509v3 Authority Key Identifier:
keyid:40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/aMFgpqkSyP2C6UAf-aDcA4Z52lY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1c:1c:37:39:1f:d1:af:ee:8f:4d:de:61:3d:e6:b9:05:04:02:
c8:f6:af:4d:ba:d1:61:6c:33:60:02:a2:70:43:1a:60:0a:55:
50:d6:d4:e0:93:39:29:33:7a:cd:a4:f7:f0:5e:44:de:17:95:
e4:39:14:0c:62:b7:c0:e5:44:18:ef:ac:18:f1:0b:cf:b4:04:
22:56:89:0a:f7:4d:8b:b6:56:3e:b8:ba:d7:9c:53:40:c8:ce:
00:8a:57:d2:91:0c:71:8b:57:ce:a6:06:92:cc:63:ab:45:93:
9d:0d:4a:7c:07:96:74:5b:68:ca:86:e2:d4:18:65:4a:5b:80:
fc:63:1f:bd:2d:f3:eb:e2:8e:a5:f4:94:1a:a2:3b:2c:17:fb:
6a:94:3e:d9:4c:9b:46:89:89:ec:66:51:bd:99:e6:08:11:6a:
9d:01:cb:73:5d:f4:10:39:34:bb:44:cc:e0:ea:68:a4:f2:ca:
51:4c:12:c4:e7:6f:08:83:71:d6:c4:6f:64:ca:53:f6:72:c1:
bd:f0:dc:80:f1:b9:a6:45:26:78:4c:f7:88:28:70:54:30:7b:
22:9a:59:ab:8e:1c:b6:46:06:f5:41:b4:ea:f2:c2:6d:2c:4a:
99:08:6f:5a:ba:ab:ae:50:5e:7f:95:74:3d:b9:59:da:9f:8e:
ea:5e:2d:6b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7yaAHirTSMnkary0n1UgxNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYjEzMmMxN2U1OThmMTFiNmExMGY0MmVmM2JjZTk2MWUx
OGU4ZWYwHhcNMjQwNDE4MTgxMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGMxNjBhNmE5MTJjOGZkODJlOTQwMWZmOWEwZGMwMzg2NzlkYTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsm7TnCk3iKSSX75DXP95XBF/NvnQ
4wXgIZVh+pMmr8HvZ8xZjlJg75FFlwZJFpJ73s9O0PICWMGWF0LZXYuZyp4Zqpwc
ewDK8yEQWwVytQzf2eayBv1JGwGrw6tl8y1+Z8qVqXuEAADBts12EQ9YvHJZ8vxs
9zVz+UcnZObxECnIHNql8cbXGjQJcn6QdH0cl1s8r+qtz1ZsruHmV/XT6vkCeO3f
gxiUitIgCo6veoZZ2h/LKDw+XYO0cBOoQns5zHHDzHHZgxYDdiuxgpxOLvNzpLop
Ux/Hvi3nQSSeWkQpjYmhxWAwiodHbSfdXQ842IheTvp5rfgFo5KDgUP84wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGjBYKapEsj9gulAH/mg3AOGedpWMB8GA1UdIwQY
MBaAFECxMsF+WY8RtqEPQu87zpYeGOjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzIt
OGM4ZWJmNTg4OWRhLzEvYU1GZ3Bxa1N5UDJDNlVBZi1hRGNBNFo1MmxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzItOGM4ZWJmNTg4OWRh
LzEvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABwcNzkf0a/uj03eYT3m
uQUEAsj2r0260WFsM2AConBDGmAKVVDW1OCTOSkzes2k9/BeRN4XleQ5FAxit8Dl
RBjvrBjxC8+0BCJWiQr3TYu2Vj64utecU0DIzgCKV9KRDHGLV86mBpLMY6tFk50N
SnwHlnRbaMqG4tQYZUpbgPxjH70t8+vijqX0lBqiOywX+2qUPtlMm0aJiexmUb2Z
5ggRap0By3Nd9BA5NLtEzODqaKTyylFMEsTnbwiDcdbEb2TKU/Zywb3w3IDxuaZF
JnhM94gocFQweyKaWauOHLZGBvVBtOrywm0sSpkIb1q6q65QXn+VdD25Wdqfjupe
LWs=
Generated at Fri Apr 19 03:42:57 2024 by rpki-client on console.sobornost.net