Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0wSUdCVlStlVJchKYGf-OSk_Z0E.roa
File: 0wSUdCVlStlVJchKYGf-OSk_Z0E.roa (raw, json)
Hash identifier: zzIkAwvCWcnPuZgq5923JcbzAQCqKC03NhYQFecozSM=
Subject key identifier: D3:04:94:74:25:65:4A:D9:55:25:C8:4A:60:67:FE:39:29:3F:67:41
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E65365D7D68FBA5F0F5060DE09E079BA1
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0wSUdCVlStlVJchKYGf-OSk_Z0E.roa
Signing time: Fri 22 Mar 2024 08:10:45 +0000
ROA not before: Fri 22 Mar 2024 08:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 22 Mar 2024 09:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:65:36:5d:7d:68:fb:a5:f0:f5:06:0d:e0:9e:07:9b:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 22 08:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d304947425654ad95525c84a6067fe39293f6741
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:17:79:14:9f:6e:cb:c2:58:ab:d6:83:1c:0f:
04:97:87:48:3b:21:f3:99:9a:bc:b5:ae:0e:93:5f:
5f:d1:f9:db:b6:a1:a5:95:6d:20:0f:fe:40:cb:9f:
c9:c6:be:7e:9f:8e:06:b1:07:13:f4:bd:4d:47:aa:
5e:85:bd:18:0a:dd:4f:45:24:91:f4:39:a5:d9:af:
7b:dc:44:16:58:42:3c:51:b7:d9:e1:8c:54:48:c7:
c3:78:24:b8:2f:b8:43:6c:19:52:6b:a7:6d:b1:62:
57:6f:b3:e4:4a:ef:04:f1:1a:81:ea:38:80:50:8d:
04:b2:81:bd:ae:bd:02:46:2f:9f:19:19:2b:0a:c5:
9b:d2:c4:c3:84:35:c2:b9:ac:ca:7a:d1:61:e8:dd:
74:98:f9:4f:5c:7c:2c:84:5d:39:95:e6:42:99:6e:
40:44:8d:b5:fa:bf:ef:a8:2d:c8:61:72:6a:6c:f0:
b3:67:73:e4:fb:28:c8:77:37:60:dc:be:0e:19:77:
aa:3b:36:5d:5f:7c:f8:a6:b3:76:c1:01:47:28:2c:
45:22:36:fe:6c:09:6d:7b:af:40:86:1e:e5:90:51:
c9:aa:4a:61:cd:e2:c9:bb:30:b2:a7:eb:0a:31:27:
25:81:e3:87:3d:07:92:45:ae:7e:93:24:98:85:8f:
65:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:04:94:74:25:65:4A:D9:55:25:C8:4A:60:67:FE:39:29:3F:67:41
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0wSUdCVlStlVJchKYGf-OSk_Z0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
90:6e:e0:a8:cd:d9:15:c7:97:12:eb:fc:3b:a7:5d:2d:f4:ca:
b7:0d:b6:5d:b5:e1:df:a9:90:ab:3f:bb:91:d9:6e:6b:3d:81:
52:f4:d0:18:a3:b0:c1:5f:d5:90:57:a7:06:26:95:da:25:0e:
77:05:a5:3a:38:4c:80:a5:48:1f:60:a6:11:fa:9e:e0:1c:31:
af:3b:fc:c1:c3:a7:d8:1d:84:86:10:ca:8f:a7:95:36:a8:7e:
33:46:d0:fd:a7:c5:16:79:65:3d:a9:4f:30:68:49:0b:f5:c9:
8f:14:19:71:3b:30:f6:09:10:e5:1d:76:1d:09:f8:fc:f3:38:
48:8e:ed:80:39:a0:dd:ad:64:fa:93:77:9b:65:c3:6d:9e:b1:
40:ae:5a:61:d7:8b:74:b5:32:92:7b:24:d1:2e:0e:a4:99:bb:
c5:c3:96:db:11:3b:e3:08:ed:fd:d6:62:52:6f:89:84:3b:25:
f9:2a:0b:e9:94:6c:4c:13:62:64:37:bb:b0:dd:c6:e1:7c:8a:
fe:83:a6:1a:84:c4:c1:20:82:ed:05:50:37:e4:fa:c6:e8:f8:
be:74:77:27:f4:83:a7:14:77:1b:7f:6e:07:99:38:bc:e0:56:
76:91:d3:0b:1c:1f:7c:a7:9d:ee:e0:a4:5a:04:ff:f2:9f:19:
76:91:84:c0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5lNl19aPul8PUGDeCeB5uhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzIyMDgxMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzA0OTQ3NDI1NjU0YWQ5NTUyNWM4NGE2MDY3ZmUzOTI5M2Y2NzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRd5FJ9uy8JYq9aDHA8El4dIOyHz
mZq8ta4Ok19f0fnbtqGllW0gD/5Ay5/Jxr5+n44GsQcT9L1NR6pehb0YCt1PRSSR
9Dml2a973EQWWEI8UbfZ4YxUSMfDeCS4L7hDbBlSa6dtsWJXb7PkSu8E8RqB6jiA
UI0EsoG9rr0CRi+fGRkrCsWb0sTDhDXCuazKetFh6N10mPlPXHwshF05leZCmW5A
RI21+r/vqC3IYXJqbPCzZ3Pk+yjIdzdg3L4OGXeqOzZdX3z4prN2wQFHKCxFIjb+
bAlte69Ahh7lkFHJqkphzeLJuzCyp+sKMSclgeOHPQeSRa5+kySYhY9lwwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNMElHQlZUrZVSXISmBn/jkpP2dBMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMHdTVWRDVmxTdGxWSmNoS1lHZi1PU2tfWjBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJBu4KjN2RXHlxLr/Dun
XS30yrcNtl214d+pkKs/u5HZbms9gVL00BijsMFf1ZBXpwYmldolDncFpTo4TICl
SB9gphH6nuAcMa87/MHDp9gdhIYQyo+nlTaofjNG0P2nxRZ5ZT2pTzBoSQv1yY8U
GXE7MPYJEOUddh0J+PzzOEiO7YA5oN2tZPqTd5tlw22esUCuWmHXi3S1MpJ7JNEu
DqSZu8XDltsRO+MI7f3WYlJviYQ7JfkqC+mUbEwTYmQ3u7DdxuF8iv6DphqExMEg
gu0FUDfk+sbo+L50dyf0g6cUdxt/bgeZOLzgVnaR0wscH3ynne7gpFoE//KfGXaR
hMA=
-----END CERTIFICATE-----
Generated at Fri Mar 22 14:53:08 2024 by rpki-client on console.sobornost.net