Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0orZedur2PCsQK3p4zFNmJ6IYSM.roa
File: 0orZedur2PCsQK3p4zFNmJ6IYSM.roa (raw, json)
Hash identifier: 9fOJnzEQhDGB3Dk9gLWuvscm3Yw+hQHKnvaP+nymzwo=
Subject key identifier: D2:8A:D9:79:DB:AB:D8:F0:AC:40:AD:E9:E3:31:4D:98:9E:88:61:23
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E4B408BAA2D9FF290947C9A9537B58334
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0orZedur2PCsQK3p4zFNmJ6IYSM.roa
Signing time: Sun 17 Mar 2024 07:11:45 +0000
ROA not before: Sun 17 Mar 2024 07:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 17 Mar 2024 08:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:4b:40:8b:aa:2d:9f:f2:90:94:7c:9a:95:37:b5:83:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 17 07:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d28ad979dbabd8f0ac40ade9e3314d989e886123
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:d9:a9:b5:47:3c:6c:5b:01:aa:aa:a7:6d:42:
04:18:1b:0e:ec:b9:11:27:1d:16:96:fa:39:6e:1c:
bb:1e:f4:fc:30:5f:f4:e7:1c:73:88:46:33:e9:b7:
6c:28:bc:ec:a0:86:82:04:e5:2f:67:03:fb:d7:bd:
b2:a7:25:77:15:a2:a8:34:e5:1c:f8:17:ad:9c:63:
3b:88:e9:fa:ca:47:c5:fe:f0:e2:cc:0d:12:98:55:
be:c6:92:12:c8:b8:7b:26:62:bf:0e:94:2a:99:df:
ff:a2:c8:58:9c:cf:fa:e0:c3:78:5a:af:e5:d5:7e:
cc:b9:e7:2f:a5:10:ab:27:b0:f3:91:f9:d0:f3:cc:
cc:7c:8f:f6:a6:7b:79:27:a1:b9:61:91:a7:63:9a:
96:ff:4c:9a:28:77:2f:25:c4:08:a8:68:52:41:02:
59:56:ed:8c:6d:9e:55:d5:76:14:09:5f:a4:8f:0a:
93:a0:ac:ed:09:af:ac:57:06:79:25:78:f7:85:d3:
6d:94:0a:9a:2d:19:53:91:40:5f:33:64:cb:2f:f7:
87:0b:73:fd:69:db:83:63:3e:ee:99:5a:be:6a:54:
2d:08:44:f1:a8:00:13:07:0a:92:aa:15:61:90:0b:
69:27:49:a5:34:85:33:c9:04:28:c8:80:1d:a6:1f:
f9:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:8A:D9:79:DB:AB:D8:F0:AC:40:AD:E9:E3:31:4D:98:9E:88:61:23
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0orZedur2PCsQK3p4zFNmJ6IYSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
06:3a:56:7d:fa:ae:3b:20:ff:5e:1e:5b:c5:ce:49:a1:e3:0c:
a3:78:f4:72:1a:40:88:a9:b3:bd:af:6b:59:d4:14:5b:d7:40:
65:3a:f0:66:aa:af:7f:7a:b5:4e:a4:97:be:41:37:c0:f4:86:
23:2c:29:3e:2a:79:fd:c4:11:a9:f9:c5:c8:e2:1d:0d:b2:91:
56:62:b8:65:24:8e:bf:b4:a0:e7:4b:7c:44:e4:ed:20:b6:cb:
07:85:7e:ba:77:fa:61:22:60:29:bf:91:a0:24:11:1d:53:92:
2e:f9:34:d2:67:6a:62:b3:69:52:d4:b1:ef:ad:b8:d5:04:5c:
fd:12:8b:60:40:78:6d:79:cb:66:bc:bf:ac:60:5f:54:d6:9b:
54:70:e0:4a:d6:46:77:19:4b:8f:7f:6a:b9:0a:a3:6d:f8:cd:
7b:70:b8:bf:89:3e:86:a3:d5:31:c2:08:71:86:e1:0f:7e:32:
54:d6:e0:23:49:8e:16:ed:78:32:07:c2:ab:af:5a:d1:b8:a8:
39:0f:d7:b6:c9:da:ac:16:14:ed:0d:da:af:d5:bb:c0:d9:1d:
ad:d4:92:e7:40:32:a7:88:4e:9d:d6:9f:46:fd:52:a5:3e:c3:
80:78:bc:3e:ab:a8:e3:13:9a:11:5f:fe:b7:d8:3e:a3:c5:83:
86:ed:a3:b4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5LQIuqLZ/ykJR8mpU3tYM0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE3MDcxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjhhZDk3OWRiYWJkOGYwYWM0MGFkZTllMzMxNGQ5ODllODg2MTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9mptUc8bFsBqqqnbUIEGBsO7LkR
Jx0Wlvo5bhy7HvT8MF/05xxziEYz6bdsKLzsoIaCBOUvZwP7172ypyV3FaKoNOUc
+BetnGM7iOn6ykfF/vDizA0SmFW+xpISyLh7JmK/DpQqmd//oshYnM/64MN4Wq/l
1X7MuecvpRCrJ7DzkfnQ88zMfI/2pnt5J6G5YZGnY5qW/0yaKHcvJcQIqGhSQQJZ
Vu2MbZ5V1XYUCV+kjwqToKztCa+sVwZ5JXj3hdNtlAqaLRlTkUBfM2TLL/eHC3P9
aduDYz7umVq+alQtCETxqAATBwqSqhVhkAtpJ0mlNIUzyQQoyIAdph/5XwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNKK2Xnbq9jwrECt6eMxTZieiGEjMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMG9yWmVkdXIyUENzUUszcDR6Rk5tSjZJWVNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAY6Vn36rjsg/14eW8XO
SaHjDKN49HIaQIips72va1nUFFvXQGU68Gaqr396tU6kl75BN8D0hiMsKT4qef3E
Ean5xcjiHQ2ykVZiuGUkjr+0oOdLfETk7SC2yweFfrp3+mEiYCm/kaAkER1Tki75
NNJnamKzaVLUse+tuNUEXP0Si2BAeG15y2a8v6xgX1TWm1Rw4ErWRncZS49/arkK
o234zXtwuL+JPoaj1THCCHGG4Q9+MlTW4CNJjhbteDIHwquvWtG4qDkP17bJ2qwW
FO0N2q/Vu8DZHa3UkudAMqeITp3Wn0b9UqU+w4B4vD6rqOMTmhFf/rfYPqPFg4bt
o7Q=
-----END CERTIFICATE-----
Generated at Sun Mar 17 12:14:32 2024 by rpki-client on console.sobornost.net