Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/084lCBATy3TGDP_0p8M3CIfrZ10.roa
File: 084lCBATy3TGDP_0p8M3CIfrZ10.roa (raw, json)
Hash identifier: FB+qyXcy0kHVcS7U1yjOlXoz4tQAq0SpuTamxUgTtec=
Subject key identifier: D3:CE:25:08:10:13:CB:74:C6:0C:FF:F4:A7:C3:37:08:87:EB:67:5D
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E9B4AF7170C630652D33BF881DC7D3AEF
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/084lCBATy3TGDP_0p8M3CIfrZ10.roa
Signing time: Mon 01 Apr 2024 20:12:45 +0000
ROA not before: Mon 01 Apr 2024 20:12:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 01 Apr 2024 21:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9b:4a:f7:17:0c:63:06:52:d3:3b:f8:81:dc:7d:3a:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 1 20:12:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d3ce25081013cb74c60cfff4a7c3370887eb675d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:1c:4f:5c:0d:d9:99:df:2f:82:66:fc:c8:b6:
19:02:3e:99:81:e6:80:01:31:16:94:3f:58:57:84:
c7:49:3a:bf:5f:26:d0:65:7d:5a:b9:9d:a9:65:ba:
5c:69:4c:4d:2d:e6:c2:23:7e:f5:cf:80:95:30:9d:
e5:88:a1:8e:cd:c3:f3:90:c5:9b:45:c3:aa:f4:ff:
e1:96:90:79:aa:b4:f5:11:24:21:11:1a:e7:6d:90:
2a:ac:92:93:bd:89:61:79:55:7e:e5:f0:25:dd:b5:
c2:26:1e:15:46:fc:e5:90:4d:8f:20:1a:33:ad:a6:
36:98:e3:72:f5:c0:51:ac:23:5c:64:e0:41:03:22:
ef:c1:fa:48:62:5d:59:f0:13:ec:ef:ba:4a:76:2f:
8b:b5:a2:a1:fc:d9:c6:38:af:4a:35:b7:e3:33:8f:
ca:4e:93:9a:1d:be:01:0f:ae:1a:bb:42:96:44:1e:
02:72:8b:de:95:10:f1:d0:ef:19:43:2d:cc:0a:ff:
4b:a5:78:89:d6:34:08:6a:bc:59:ec:98:8c:da:d3:
99:7e:ce:4a:b5:88:9e:c5:b6:ef:72:14:a3:f8:0a:
b8:48:d2:99:d1:02:8a:bb:4f:80:4b:1a:b6:98:10:
d7:0c:e8:6d:37:84:e5:eb:5b:c5:b7:a6:b1:a1:3c:
e7:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:CE:25:08:10:13:CB:74:C6:0C:FF:F4:A7:C3:37:08:87:EB:67:5D
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/084lCBATy3TGDP_0p8M3CIfrZ10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
93:40:cd:3c:ba:d2:34:a4:14:c1:37:a8:1b:7e:af:4b:db:65:
26:71:41:56:6d:59:e2:9c:ed:22:de:52:57:c1:69:f5:a2:33:
06:f0:33:bb:3c:12:77:a0:da:81:3c:c3:92:f9:41:65:c6:aa:
1f:85:ef:64:5b:52:dd:6f:6a:b4:ad:e2:3a:f7:09:50:6b:86:
c2:3d:bc:86:00:f2:a5:78:c8:72:c5:2e:b4:51:43:1c:93:f5:
0c:c6:fa:ca:1d:c9:9e:8b:71:5c:6b:1d:65:5f:0b:9a:aa:ec:
b1:69:a7:e9:87:ec:8e:4d:db:65:72:70:5a:ee:ec:1c:62:1e:
b2:33:31:49:d0:4e:93:eb:76:8b:06:58:d9:be:e8:51:8f:52:
66:a2:e6:66:c1:e2:a1:34:e6:d8:0b:0d:06:1c:c4:13:64:b1:
8d:02:72:cd:75:51:3b:a8:cb:89:54:61:c9:a5:d8:d5:e4:8d:
c2:e9:e7:03:bf:99:e6:4c:ec:b3:db:8c:ad:5d:64:0c:44:9d:
38:94:bb:46:39:b7:1f:46:6d:eb:7b:c0:a4:6b:e1:78:69:8d:
65:8a:90:38:77:17:72:5d:f2:90:3e:40:7d:fe:ec:c7:a1:18:
e8:03:8f:6e:25:e3:af:cd:a1:dc:a2:7b:11:8c:b8:11:42:40:
9a:87:f7:0e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6bSvcXDGMGUtM7+IHcfTrvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDAxMjAxMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2NlMjUwODEwMTNjYjc0YzYwY2ZmZjRhN2MzMzcwODg3ZWI2NzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBxPXA3Zmd8vgmb8yLYZAj6ZgeaA
ATEWlD9YV4THSTq/XybQZX1auZ2pZbpcaUxNLebCI371z4CVMJ3liKGOzcPzkMWb
RcOq9P/hlpB5qrT1ESQhERrnbZAqrJKTvYlheVV+5fAl3bXCJh4VRvzlkE2PIBoz
raY2mONy9cBRrCNcZOBBAyLvwfpIYl1Z8BPs77pKdi+LtaKh/NnGOK9KNbfjM4/K
TpOaHb4BD64au0KWRB4CcovelRDx0O8ZQy3MCv9LpXiJ1jQIarxZ7JiM2tOZfs5K
tYiexbbvchSj+Aq4SNKZ0QKKu0+ASxq2mBDXDOhtN4Tl61vFt6axoTznrwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNPOJQgQE8t0xgz/9KfDNwiH62ddMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMDg0bENCQVR5M1RHRFBfMHA4TTNDSWZyWjEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJNAzTy60jSkFME3qBt+
r0vbZSZxQVZtWeKc7SLeUlfBafWiMwbwM7s8Eneg2oE8w5L5QWXGqh+F72RbUt1v
arSt4jr3CVBrhsI9vIYA8qV4yHLFLrRRQxyT9QzG+sodyZ6LcVxrHWVfC5qq7LFp
p+mH7I5N22VycFru7BxiHrIzMUnQTpPrdosGWNm+6FGPUmai5mbB4qE05tgLDQYc
xBNksY0Ccs11UTuoy4lUYcml2NXkjcLp5wO/meZM7LPbjK1dZAxEnTiUu0Y5tx9G
bet7wKRr4XhpjWWKkDh3F3Jd8pA+QH3+7MehGOgDj24l46/NodyiexGMuBFCQJqH
9w4=
-----END CERTIFICATE-----
Generated at Tue Apr 2 02:40:48 2024 by rpki-client on console.sobornost.net