Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/p4wZO7R2SbehlEDFJ1PiaP2uPJc.roa
File: p4wZO7R2SbehlEDFJ1PiaP2uPJc.roa (raw, json)
Hash identifier: 5wY1AB4D/mo+OP+Hs9P1nAIVW2t/a4h3fJBPkjhoFK8=
Subject key identifier: A7:8C:19:3B:B4:76:49:B7:A1:94:40:C5:27:53:E2:68:FD:AE:3C:97
Certificate issuer: /CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Certificate serial: 018EF0AA24ADEF82AD62F92F6D0DA7B4AF4A
Authority key identifier: 40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/p4wZO7R2SbehlEDFJ1PiaP2uPJc.roa
Signing time: Thu 18 Apr 2024 10:04:26 +0000
ROA not before: Thu 18 Apr 2024 10:04:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18e:f0aa:1979/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 18 Apr 2024 10:11:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f0:aa:24:ad:ef:82:ad:62:f9:2f:6d:0d:a7:b4:af:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Validity
Not Before: Apr 18 10:04:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a78c193bb47649b7a19440c52753e268fdae3c97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:75:10:94:43:70:14:50:46:3a:39:84:37:13:
37:34:19:e9:93:95:4f:a3:41:c7:f2:9b:70:05:26:
04:29:cf:d9:24:cd:83:3d:64:55:27:25:2e:2c:63:
b6:e4:5b:2b:17:98:90:96:44:30:90:7a:c3:b0:ee:
d9:4e:ec:d6:59:08:bc:af:67:3b:52:4c:dc:4d:5f:
92:6b:07:e0:18:7e:77:be:5b:dd:80:49:d5:fb:f8:
af:20:f2:56:bc:c5:1e:21:3d:95:cc:0b:b2:51:82:
9d:c6:46:fe:c5:7a:3a:14:38:31:8b:81:ab:ce:62:
5e:97:90:ef:b3:23:de:0a:6f:80:b6:3f:61:b6:33:
d9:89:80:5e:fc:b0:06:c5:e5:58:74:ba:95:1e:7d:
76:dc:2a:17:c1:f7:1a:6a:75:35:3c:6e:e4:03:69:
d0:a5:60:5e:d1:09:b8:55:57:01:f9:d7:f8:5b:ee:
6a:9c:3d:e9:ed:99:15:7b:12:50:cb:be:d4:ec:d5:
98:2f:8d:ad:83:e6:61:90:32:ba:46:9b:52:eb:0c:
ad:da:08:eb:25:e0:b4:bb:a6:7c:47:99:c1:ab:c7:
df:69:3f:2f:25:8d:bb:5e:db:2d:7e:75:a4:85:a1:
59:5f:cb:0b:f8:b0:97:7a:f7:7e:77:6b:ba:58:d1:
91:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:8C:19:3B:B4:76:49:B7:A1:94:40:C5:27:53:E2:68:FD:AE:3C:97
X509v3 Authority Key Identifier:
keyid:40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/p4wZO7R2SbehlEDFJ1PiaP2uPJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
96:c4:82:ab:5d:f3:ee:07:ac:b4:cd:3e:35:98:12:6d:4b:2e:
f8:03:c4:4a:e5:9d:30:2e:5b:bd:7c:e8:68:85:0c:81:6b:55:
1f:44:60:da:59:dc:b5:84:b0:b0:4e:4a:88:48:4c:e9:b9:0d:
d6:13:5f:33:6e:b5:11:22:93:80:5a:5a:23:9a:2e:3c:0f:7b:
9a:38:e9:3e:3e:82:9b:00:92:43:aa:a9:d9:2c:49:8c:ef:db:
23:86:62:06:53:31:15:28:98:35:59:ca:80:a7:9a:d3:f4:ae:
d3:4b:ef:9d:4a:d4:b9:4a:ba:69:37:3f:6c:3e:37:d4:6c:11:
26:d0:d1:c0:39:1b:c4:db:aa:94:3a:2b:47:ab:f6:cd:c6:aa:
a9:de:ca:1d:67:5a:af:cb:e9:53:e0:41:c9:35:35:c9:3f:3a:
e8:23:8f:31:b0:60:6f:fc:95:ea:6d:c4:94:d6:a4:ba:b9:3b:
59:34:ec:a9:76:d2:0b:86:72:26:2f:99:1e:0a:fc:5b:05:d6:
ef:44:74:22:27:c1:15:11:7f:50:22:17:34:7f:5d:04:aa:24:
82:3a:a7:cf:52:41:79:e9:ff:ec:39:9c:f0:f3:29:a4:82:0f:
33:ed:a5:d8:70:73:1c:26:3c:56:6c:c9:60:1a:45:3e:76:71:
26:c4:15:6b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7wqiSt74KtYvkvbQ2ntK9KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYjEzMmMxN2U1OThmMTFiNmExMGY0MmVmM2JjZTk2MWUx
OGU4ZWYwHhcNMjQwNDE4MTAwNDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzhjMTkzYmI0NzY0OWI3YTE5NDQwYzUyNzUzZTI2OGZkYWUzYzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3UQlENwFFBGOjmENxM3NBnpk5VP
o0HH8ptwBSYEKc/ZJM2DPWRVJyUuLGO25FsrF5iQlkQwkHrDsO7ZTuzWWQi8r2c7
UkzcTV+SawfgGH53vlvdgEnV+/ivIPJWvMUeIT2VzAuyUYKdxkb+xXo6FDgxi4Gr
zmJel5DvsyPeCm+Atj9htjPZiYBe/LAGxeVYdLqVHn123CoXwfcaanU1PG7kA2nQ
pWBe0Qm4VVcB+df4W+5qnD3p7ZkVexJQy77U7NWYL42tg+ZhkDK6RptS6wyt2gjr
JeC0u6Z8R5nBq8ffaT8vJY27XtstfnWkhaFZX8sL+LCXevd+d2u6WNGRRwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKeMGTu0dkm3oZRAxSdT4mj9rjyXMB8GA1UdIwQY
MBaAFECxMsF+WY8RtqEPQu87zpYeGOjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzIt
OGM4ZWJmNTg4OWRhLzEvcDR3Wk83UjJTYmVobEVERkoxUGlhUDJ1UEpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzItOGM4ZWJmNTg4OWRh
LzEvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJbEgqtd8+4HrLTNPjWY
Em1LLvgDxErlnTAuW7186GiFDIFrVR9EYNpZ3LWEsLBOSohITOm5DdYTXzNutREi
k4BaWiOaLjwPe5o46T4+gpsAkkOqqdksSYzv2yOGYgZTMRUomDVZyoCnmtP0rtNL
751K1LlKumk3P2w+N9RsESbQ0cA5G8TbqpQ6K0er9s3Gqqneyh1nWq/L6VPgQck1
Nck/OugjjzGwYG/8leptxJTWpLq5O1k07Kl20guGciYvmR4K/FsF1u9EdCInwRUR
f1AiFzR/XQSqJII6p89SQXnp/+w5nPDzKaSCDzPtpdhwcxwmPFZsyWAaRT52cSbE
FWs=
-----END CERTIFICATE-----
Generated at Thu Apr 18 18:13:39 2024 by rpki-client on console.sobornost.net