Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-3YEbrHARP4Eba7O-_53qpmgW60.roa
File: 1-3YEbrHARP4Eba7O-_53qpmgW60.roa (raw, json)
Hash identifier: agAZF06OKWvUyM6G+M8MGhxcKWfZcStGBf4cU91t430=
Subject key identifier: FB:76:04:6E:B1:C0:44:FE:04:6D:AE:CE:FB:FE:77:AA:99:A0:5B:AD
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E5068BCA84A4C4EA52DFD11DA3F676850
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-3YEbrHARP4Eba7O-_53qpmgW60.roa
Signing time: Mon 18 Mar 2024 07:13:45 +0000
ROA not before: Mon 18 Mar 2024 07:13:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 18 Mar 2024 08:04:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:50:68:bc:a8:4a:4c:4e:a5:2d:fd:11:da:3f:67:68:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 18 07:13:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb76046eb1c044fe046daecefbfe77aa99a05bad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:13:17:96:6d:c3:47:e4:d7:c4:b9:33:6c:6c:
55:7e:fc:b3:dc:f3:9f:7f:88:ad:60:ff:37:82:a7:
99:08:81:80:d3:8e:56:81:52:ef:da:ef:ad:4e:f8:
74:c5:74:db:3c:fc:3b:1c:6e:8a:91:b5:24:d8:b4:
fd:6b:b3:99:ce:ff:af:62:1b:3c:8a:83:92:8f:0f:
8f:34:2e:dd:d3:d3:67:86:3f:ce:80:ae:01:b9:a0:
47:d2:95:26:27:bf:90:ab:1a:2f:3a:50:6b:46:d2:
81:8c:e1:61:a8:64:05:a9:0f:ab:32:8b:23:db:75:
66:73:1c:ef:bd:39:4f:65:64:b4:cc:0f:38:c4:dc:
ae:b6:fa:6f:1e:5d:ab:a4:2b:d0:1d:3c:a3:6c:8a:
a1:59:c4:c8:2c:5a:cd:75:d0:61:08:b6:56:79:8f:
58:02:be:be:66:33:00:a6:cc:17:52:84:2b:23:18:
dc:bf:9b:d6:2b:4a:40:12:b3:62:f2:06:ec:20:eb:
86:0b:a1:a9:5d:4b:73:7a:ca:bb:01:c5:2c:29:71:
5f:13:7f:26:d0:14:2d:4d:0e:3d:0b:f9:1b:5d:40:
b4:67:8b:c2:45:92:aa:7f:40:ff:06:bf:87:80:da:
e1:f9:4a:70:4b:dd:22:b7:d8:20:e9:a0:ad:87:32:
26:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:76:04:6E:B1:C0:44:FE:04:6D:AE:CE:FB:FE:77:AA:99:A0:5B:AD
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-3YEbrHARP4Eba7O-_53qpmgW60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8c:18:9b:c9:43:12:93:bb:42:a6:ef:9f:c3:7f:03:0d:24:e8:
93:0a:95:06:01:10:78:5e:f4:5e:d5:74:6c:18:27:4b:f0:c2:
e9:f6:3c:f8:46:f0:e9:fd:0e:20:d7:63:3c:74:1c:ff:39:04:
8d:78:a2:c9:bf:21:4a:db:bc:21:23:c1:38:2b:8d:c1:d7:a7:
50:98:fe:0e:8c:17:79:bb:10:1e:e5:51:74:1c:03:9c:31:95:
f8:33:8f:32:1f:ae:e1:f8:f8:a8:e9:3d:6f:e1:ae:76:c0:0c:
c8:59:16:65:71:d6:a8:79:e8:a1:98:ac:b2:58:35:9b:fd:97:
ac:c9:9e:23:46:7f:21:03:8e:96:ef:8b:3c:77:4f:46:ca:48:
38:75:a8:0c:f5:c2:e0:4e:19:de:7a:b2:e2:81:4c:ac:e5:6d:
95:ba:ba:44:e6:01:6a:5d:04:a4:a1:6a:25:94:02:ec:d1:e2:
81:05:4f:1c:85:5a:a2:d7:75:77:ec:e7:0a:38:69:5d:41:40:
70:4d:44:c7:d8:59:75:0d:7e:9c:ce:e7:35:55:dd:72:5a:6f:
08:68:a9:f1:a6:d8:45:fa:be:c0:56:e6:20:51:28:24:be:62:
95:84:8f:5d:4b:42:36:cd:71:90:6d:5b:3a:3a:17:79:79:85:
14:7f:7d:5d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY5QaLyoSkxOpS39Edo/Z2hQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE4MDcxMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjc2MDQ2ZWIxYzA0NGZlMDQ2ZGFlY2VmYmZlNzdhYTk5YTA1YmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRMXlm3DR+TXxLkzbGxVfvyz3POf
f4itYP83gqeZCIGA045WgVLv2u+tTvh0xXTbPPw7HG6KkbUk2LT9a7OZzv+vYhs8
ioOSjw+PNC7d09Nnhj/OgK4BuaBH0pUmJ7+QqxovOlBrRtKBjOFhqGQFqQ+rMosj
23VmcxzvvTlPZWS0zA84xNyutvpvHl2rpCvQHTyjbIqhWcTILFrNddBhCLZWeY9Y
Ar6+ZjMApswXUoQrIxjcv5vWK0pAErNi8gbsIOuGC6GpXUtzesq7AcUsKXFfE38m
0BQtTQ49C/kbXUC0Z4vCRZKqf0D/Br+HgNrh+UpwS90it9gg6aCthzIm7QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPt2BG6xwET+BG2uzvv+d6qZoFutMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMS0zWUVickhBUlA0RWJhN08tXzUzcXBtZ1c2MC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGIvZTA1MjBkLTliYTYtNDFhMy04Zjg3LWM1Mzk3OWQ2NmNh
NS8xLzA3UGFQc3VLZlVNOTQ0TTRabnMxNW8zM1A0dy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQCMGJvJQxKTu0Km75/D
fwMNJOiTCpUGARB4XvRe1XRsGCdL8MLp9jz4RvDp/Q4g12M8dBz/OQSNeKLJvyFK
27whI8E4K43B16dQmP4OjBd5uxAe5VF0HAOcMZX4M48yH67h+Pio6T1v4a52wAzI
WRZlcdaoeeihmKyyWDWb/ZesyZ4jRn8hA46W74s8d09Gykg4dagM9cLgThneerLi
gUys5W2VurpE5gFqXQSkoWollALs0eKBBU8chVqi13V37OcKOGldQUBwTUTH2Fl1
DX6czuc1Vd1yWm8IaKnxpthF+r7AVuYgUSgkvmKVhI9dS0I2zXGQbVs6Ohd5eYUU
f31d
-----END CERTIFICATE-----
Generated at Mon Mar 18 13:53:10 2024 by rpki-client on console.sobornost.net