Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/y4QkOri_-z3wGMSM5nNl8Gs4Ap0.roa
File: y4QkOri_-z3wGMSM5nNl8Gs4Ap0.roa (raw, json)
Hash identifier: hKzz1clb0fjr6+62UAXuOxlnt7ttAPjEJaDU4ADL2/U=
Subject key identifier: CB:84:24:3A:B8:BF:FB:3D:F0:18:C4:8C:E6:73:65:F0:6B:38:02:9D
Certificate issuer: /CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Certificate serial: 018EE8883BD83CDB5C82C793108C603C1028
Authority key identifier: 40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/y4QkOri_-z3wGMSM5nNl8Gs4Ap0.roa
Signing time: Tue 16 Apr 2024 20:10:26 +0000
ROA not before: Tue 16 Apr 2024 20:10:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 16 Apr 2024 21:04:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e8:88:3b:d8:3c:db:5c:82:c7:93:10:8c:60:3c:10:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Validity
Not Before: Apr 16 20:10:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb84243ab8bffb3df018c48ce67365f06b38029d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b2:19:c6:f3:ca:c9:a6:a0:c1:da:a3:36:24:
7a:09:aa:6a:e4:4a:16:10:00:84:71:53:06:d3:d6:
01:82:20:fb:69:4e:48:14:25:ff:c9:cc:0d:89:5e:
fa:a0:fe:c5:bc:e5:f6:38:00:bf:18:6e:a0:56:30:
e3:6a:0b:75:01:a2:e5:0a:3f:e9:0d:a0:c7:6d:c5:
25:86:b4:f3:f2:cc:1e:5b:21:8b:04:05:be:e5:ed:
29:95:00:4d:53:0e:a3:70:aa:9b:70:72:6f:a8:7b:
09:20:fd:57:ea:eb:f6:7c:a0:a0:04:44:ea:2e:78:
8e:fc:10:01:b6:40:b3:61:69:1c:22:d4:f2:f7:36:
db:ce:0e:2b:fe:a9:a7:65:e3:77:ed:15:76:be:16:
a0:48:43:4c:d5:ab:d2:d4:e3:92:73:90:1d:02:2c:
69:d9:8d:e6:fb:4f:99:d1:4b:bf:b4:d6:b1:5e:d6:
b6:5e:dd:a3:e3:1d:ec:aa:72:47:78:9b:6d:ea:a4:
a2:da:4f:bf:bc:5f:26:af:82:56:99:17:08:87:af:
28:1d:53:9e:46:11:8b:86:8f:33:68:ca:81:f2:c2:
c3:37:56:69:0c:a1:65:45:bf:61:51:3f:d2:7d:b5:
29:e0:e2:c2:b0:0d:70:04:41:ea:b5:49:2c:22:6a:
d2:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:84:24:3A:B8:BF:FB:3D:F0:18:C4:8C:E6:73:65:F0:6B:38:02:9D
X509v3 Authority Key Identifier:
keyid:40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/y4QkOri_-z3wGMSM5nNl8Gs4Ap0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
36:1c:e9:2f:d7:9e:5f:d4:09:f8:c4:fa:70:ef:f2:03:0d:5f:
da:0e:d7:38:85:92:71:77:5e:d0:50:e8:3b:71:29:76:22:4b:
12:9c:49:93:2a:9b:8b:4f:33:39:62:48:ad:c2:37:66:c5:a4:
82:c3:84:40:00:02:5a:53:68:30:fc:f0:ae:61:04:9c:b3:19:
c1:25:4f:67:41:2d:ae:01:d3:0c:b6:cd:29:a7:8a:4a:ec:79:
52:3a:be:08:61:66:16:5c:fd:3c:89:c8:94:91:f7:4d:05:be:
2c:47:3a:ae:4a:a0:ed:bc:fa:5d:fb:93:df:6a:2e:c2:c9:bc:
df:a5:19:c0:cf:ca:e0:15:74:69:64:be:e0:1e:62:20:40:a5:
61:dc:d8:63:b4:2a:3f:90:db:60:5f:04:a3:3c:fa:1f:78:dc:
1c:a4:75:b4:80:83:7e:e0:1f:b4:47:53:a8:a8:ee:58:ff:29:
05:64:b5:0b:02:c9:b4:77:6f:16:25:a6:31:ce:9d:16:e3:23:
35:63:13:91:a3:da:f5:3c:2c:5c:ae:be:85:fc:b6:33:a7:d8:
99:47:69:eb:89:fb:03:72:f9:fb:63:48:e4:2c:39:5c:ac:1e:
50:c7:cb:2f:df:05:74:a6:97:d2:bd:5b:83:a6:92:44:d0:e6:
2d:b7:9e:80
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7oiDvYPNtcgseTEIxgPBAoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYjEzMmMxN2U1OThmMTFiNmExMGY0MmVmM2JjZTk2MWUx
OGU4ZWYwHhcNMjQwNDE2MjAxMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjg0MjQzYWI4YmZmYjNkZjAxOGM0OGNlNjczNjVmMDZiMzgwMjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbIZxvPKyaagwdqjNiR6Capq5EoW
EACEcVMG09YBgiD7aU5IFCX/ycwNiV76oP7FvOX2OAC/GG6gVjDjagt1AaLlCj/p
DaDHbcUlhrTz8sweWyGLBAW+5e0plQBNUw6jcKqbcHJvqHsJIP1X6uv2fKCgBETq
LniO/BABtkCzYWkcItTy9zbbzg4r/qmnZeN37RV2vhagSENM1avS1OOSc5AdAixp
2Y3m+0+Z0Uu/tNaxXta2Xt2j4x3sqnJHeJtt6qSi2k+/vF8mr4JWmRcIh68oHVOe
RhGLho8zaMqB8sLDN1ZpDKFlRb9hUT/SfbUp4OLCsA1wBEHqtUksImrSEwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMuEJDq4v/s98BjEjOZzZfBrOAKdMB8GA1UdIwQY
MBaAFECxMsF+WY8RtqEPQu87zpYeGOjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzIt
OGM4ZWJmNTg4OWRhLzEveTRRa09yaV8tejN3R01TTTVuTmw4R3M0QXAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzItOGM4ZWJmNTg4OWRh
LzEvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADYc6S/Xnl/UCfjE+nDv
8gMNX9oO1ziFknF3XtBQ6DtxKXYiSxKcSZMqm4tPMzliSK3CN2bFpILDhEAAAlpT
aDD88K5hBJyzGcElT2dBLa4B0wy2zSmnikrseVI6vghhZhZc/TyJyJSR900FvixH
Oq5KoO28+l37k99qLsLJvN+lGcDPyuAVdGlkvuAeYiBApWHc2GO0Kj+Q22BfBKM8
+h943BykdbSAg37gH7RHU6io7lj/KQVktQsCybR3bxYlpjHOnRbjIzVjE5Gj2vU8
LFyuvoX8tjOn2JlHaeuJ+wNy+ftjSOQsOVysHlDHyy/fBXSml9K9W4OmkkTQ5i23
noA=
-----END CERTIFICATE-----
Generated at Wed Apr 17 14:46:11 2024 by rpki-client on console.sobornost.net