Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0ieCvjAsSNVyDtGbo9GQtLqL95Y.roa
File: 0ieCvjAsSNVyDtGbo9GQtLqL95Y.roa (raw, json)
Hash identifier: PitrgxZVZRu0XArHe1l2pol02i44YjWZRr48SLJN/IA=
Subject key identifier: D2:27:82:BE:30:2C:48:D5:72:0E:D1:9B:A3:D1:90:B4:BA:8B:F7:96
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CEE21CA0A9921180F7FB15A1C778920A8
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0ieCvjAsSNVyDtGbo9GQtLqL95Y.roa
Signing time: Tue 09 Jan 2024 12:10:40 +0000
ROA not before: Tue 09 Jan 2024 12:10:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 09 Jan 2024 13:04:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ee:21:ca:0a:99:21:18:0f:7f:b1:5a:1c:77:89:20:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 9 12:10:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d22782be302c48d5720ed19ba3d190b4ba8bf796
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:00:51:15:32:84:e2:c8:02:d9:e2:e1:8d:74:
ac:c5:2e:ea:9d:24:9a:7b:88:fe:28:b9:cf:5a:c2:
0f:22:12:8e:ff:c5:09:4d:12:4e:97:d8:1b:76:09:
30:c2:b2:ae:bf:a1:ad:af:0a:1f:8f:3f:af:a0:b0:
cf:6b:f8:7d:e1:1f:71:bd:4f:63:c0:24:c5:13:28:
17:48:0b:0d:f3:b2:7f:e7:64:d6:61:00:4a:1d:8e:
b3:25:aa:01:01:8f:a1:d3:e1:f6:c9:84:64:9f:62:
85:91:c4:4e:ad:d7:e9:5f:cc:3d:3d:fb:28:27:4d:
9e:2c:b5:5e:5a:4f:da:69:7c:35:3c:31:68:04:34:
87:b2:17:47:33:a8:e1:a5:f0:04:2b:8d:27:9c:1c:
40:28:44:56:a8:be:e5:39:58:c1:72:9e:ff:08:a6:
d8:be:0d:a1:48:c7:22:81:2e:a7:26:70:ed:df:bb:
bb:80:44:a4:12:4a:cb:1a:6c:0b:52:44:83:e7:60:
5c:7b:8d:da:d7:23:6c:40:1f:d8:03:63:70:9f:1d:
3a:b2:c2:9b:34:f5:72:01:57:dd:f7:fc:a2:fe:6a:
8c:76:09:68:55:94:87:b4:1c:62:7c:58:2e:fc:50:
77:0b:fc:a7:9c:0e:95:42:8d:55:4a:a0:73:37:49:
28:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:27:82:BE:30:2C:48:D5:72:0E:D1:9B:A3:D1:90:B4:BA:8B:F7:96
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0ieCvjAsSNVyDtGbo9GQtLqL95Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
74:b9:74:46:71:c1:3b:e5:a5:16:de:de:4f:55:f6:2a:7a:47:
47:1c:12:8e:07:27:63:0e:1a:71:8f:a1:65:7a:b2:84:6e:95:
e9:28:05:68:c8:7b:48:6e:05:e9:eb:fe:68:b6:ab:74:44:bb:
a7:34:be:e6:83:a8:01:f1:ca:31:f4:49:46:76:84:56:8b:98:
31:98:96:6c:be:8f:4d:cd:b3:7a:ca:12:77:35:2b:10:20:25:
8c:5b:f2:e4:82:11:f1:8f:71:12:4f:6d:30:e6:83:a6:4a:f2:
f3:03:1b:6c:8c:95:84:e4:38:25:a5:74:14:82:b9:9a:6e:94:
19:ce:3f:60:5f:d8:fd:b4:b9:32:07:8b:83:36:4a:3a:6f:bd:
1c:d3:d1:1d:06:36:78:25:63:ec:70:21:ae:64:83:ac:ea:16:
5b:ef:e7:59:48:7e:ce:d4:32:62:cb:67:f4:f8:f0:85:4c:8b:
df:8a:5e:e4:db:d3:b2:06:23:a0:2f:ef:a0:0e:7b:58:52:ac:
d8:79:7c:c9:b0:ed:f7:53:bc:61:18:44:67:9c:9d:e8:42:ed:
cd:30:ee:7f:b7:12:0e:7c:c3:5c:2c:15:03:43:2b:97:3e:1b:
b2:85:1e:6a:67:eb:89:91:2a:e5:d5:0a:f0:fa:56:86:ca:b2:
c3:f1:29:28
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzuIcoKmSEYD3+xWhx3iSCoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA5MTIxMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjI3ODJiZTMwMmM0OGQ1NzIwZWQxOWJhM2QxOTBiNGJhOGJmNzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgBRFTKE4sgC2eLhjXSsxS7qnSSa
e4j+KLnPWsIPIhKO/8UJTRJOl9gbdgkwwrKuv6Gtrwofjz+voLDPa/h94R9xvU9j
wCTFEygXSAsN87J/52TWYQBKHY6zJaoBAY+h0+H2yYRkn2KFkcROrdfpX8w9Pfso
J02eLLVeWk/aaXw1PDFoBDSHshdHM6jhpfAEK40nnBxAKERWqL7lOVjBcp7/CKbY
vg2hSMcigS6nJnDt37u7gESkEkrLGmwLUkSD52Bce43a1yNsQB/YA2Nwnx06ssKb
NPVyAVfd9/yi/mqMdgloVZSHtBxifFgu/FB3C/ynnA6VQo1VSqBzN0koBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNIngr4wLEjVcg7Rm6PRkLS6i/eWMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMGllQ3ZqQXNTTlZ5RHRHYm85R1F0THFMOTVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHS5dEZxwTvlpRbe3k9V
9ip6R0ccEo4HJ2MOGnGPoWV6soRulekoBWjIe0huBenr/mi2q3REu6c0vuaDqAHx
yjH0SUZ2hFaLmDGYlmy+j03Ns3rKEnc1KxAgJYxb8uSCEfGPcRJPbTDmg6ZK8vMD
G2yMlYTkOCWldBSCuZpulBnOP2Bf2P20uTIHi4M2SjpvvRzT0R0GNnglY+xwIa5k
g6zqFlvv51lIfs7UMmLLZ/T48IVMi9+KXuTb07IGI6Av76AOe1hSrNh5fMmw7fdT
vGEYRGecnehC7c0w7n+3Eg58w1wsFQNDK5c+G7KFHmpn64mRKuXVCvD6VobKssPx
KSg=
-----END CERTIFICATE-----
Generated at Tue Jan 9 16:46:44 2024 by rpki-client on console.sobornost.net