Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-ZwHTJurvKNC8J6XPLh2FodQ27k.roa
File: 1-ZwHTJurvKNC8J6XPLh2FodQ27k.roa (raw, json)
Hash identifier: drppCpE4zBVPrRBT0aME2VeYI7eL+N42M1wo1my0o5g=
Subject key identifier: F9:9C:07:4C:9B:AB:BC:A3:42:F0:9E:97:3C:B8:76:16:87:50:DB:B9
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EBC4F3FB60CA77D352F98F5A711235E8A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-ZwHTJurvKNC8J6XPLh2FodQ27k.roa
Signing time: Mon 08 Apr 2024 06:04:54 +0000
ROA not before: Mon 08 Apr 2024 06:04:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18e:bc4e:b87f/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 08 Apr 2024 06:12:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:bc:4f:3f:b6:0c:a7:7d:35:2f:98:f5:a7:11:23:5e:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 8 06:04:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f99c074c9babbca342f09e973cb876168750dbb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f2:49:bc:9e:5b:07:ec:31:1f:a6:4b:2a:bd:
9d:b0:ef:e7:1a:80:98:e3:a2:63:e1:3c:b7:36:20:
f9:ee:3a:11:59:bd:c1:06:7f:e8:90:ed:3f:10:79:
49:cf:73:d4:4d:3c:b3:1d:8f:6b:5a:d7:44:b0:77:
57:01:0d:d3:b1:fa:92:9b:be:72:d7:1d:2d:77:de:
fe:ee:f4:06:78:1e:ba:24:c2:b6:c0:ad:51:85:c0:
d2:6b:72:38:ad:43:0b:c7:72:c9:e2:79:2e:56:0b:
35:ff:10:ec:89:47:e8:b3:70:c2:a2:91:66:41:3e:
0f:2b:4f:fe:da:d9:77:38:5b:eb:58:c7:d8:94:ef:
2d:17:06:cf:c3:a2:09:4e:74:02:ce:32:a5:e2:98:
93:b1:7d:1e:f8:51:21:cb:34:aa:94:ff:b4:ed:f1:
37:a4:52:5b:0e:8e:7d:20:11:51:67:9e:77:38:28:
15:90:d9:3a:23:a1:4e:22:51:21:fc:66:e6:34:d5:
9b:e9:bc:ec:05:68:da:d3:00:eb:5f:06:6c:a1:cd:
db:4a:f8:8d:1b:74:f4:7b:63:2f:c8:10:98:9b:aa:
87:81:91:68:9a:16:49:44:43:4a:2a:3a:db:00:c7:
2e:2e:c6:a9:71:2c:ea:86:a6:17:4b:f1:a4:09:27:
a8:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:9C:07:4C:9B:AB:BC:A3:42:F0:9E:97:3C:B8:76:16:87:50:DB:B9
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-ZwHTJurvKNC8J6XPLh2FodQ27k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
06:4d:26:ae:f6:15:59:41:6c:6f:51:64:28:55:15:69:c9:8a:
e8:5d:3c:80:8c:bc:bd:d3:e9:81:bd:6d:67:ac:e5:4a:80:ce:
f6:94:1c:54:d8:60:1d:d3:ad:a6:ee:62:bb:c6:37:5a:73:97:
7d:be:40:dd:ab:be:a7:35:2e:d1:5d:6a:63:2d:c0:c1:fe:45:
fd:ec:63:49:5a:d5:1d:96:87:41:2a:59:75:7c:ca:a0:8f:c4:
47:fb:9d:f2:9d:7d:ef:69:05:0a:fe:20:9a:f6:51:e7:52:ff:
35:84:fd:11:23:ed:86:ef:64:85:e8:26:39:2e:2f:b3:7f:d3:
a1:07:e7:4b:6a:fe:ee:3a:48:ab:6d:b0:29:8e:b1:0f:ab:3e:
76:92:21:fe:9f:01:ce:eb:e2:77:c5:75:10:c9:4e:8d:d2:eb:
4c:92:b8:c4:85:49:73:87:69:a1:6f:5d:9c:98:49:70:56:65:
6e:8b:a2:fe:ed:d0:50:b7:7d:29:cd:77:2c:43:1d:38:72:59:
8b:70:8b:b0:b2:89:45:8c:39:38:ad:90:f3:51:09:1e:c1:3d:
b0:08:a6:ed:7f:40:9b:e5:a5:31:ea:24:56:14:57:e7:a6:4b:
1b:dc:68:55:3d:24:23:89:ee:93:a4:f8:27:e8:2a:38:96:38:
f7:5a:db:19
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY68Tz+2DKd9NS+Y9acRI16KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA4MDYwNDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTljMDc0YzliYWJiY2EzNDJmMDllOTczY2I4NzYxNjg3NTBkYmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvJJvJ5bB+wxH6ZLKr2dsO/nGoCY
46Jj4Ty3NiD57joRWb3BBn/okO0/EHlJz3PUTTyzHY9rWtdEsHdXAQ3TsfqSm75y
1x0td97+7vQGeB66JMK2wK1RhcDSa3I4rUMLx3LJ4nkuVgs1/xDsiUfos3DCopFm
QT4PK0/+2tl3OFvrWMfYlO8tFwbPw6IJTnQCzjKl4piTsX0e+FEhyzSqlP+07fE3
pFJbDo59IBFRZ553OCgVkNk6I6FOIlEh/GbmNNWb6bzsBWja0wDrXwZsoc3bSviN
G3T0e2MvyBCYm6qHgZFomhZJRENKKjrbAMcuLsapcSzqhqYXS/GkCSeojwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPmcB0ybq7yjQvCelzy4dhaHUNu5MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMS1ad0hUSnVydktOQzhKNlhQTGgyRm9kUTI3ay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGIvZTA1MjBkLTliYTYtNDFhMy04Zjg3LWM1Mzk3OWQ2NmNh
NS8xLzA3UGFQc3VLZlVNOTQ0TTRabnMxNW8zM1A0dy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQAGTSau9hVZQWxvUWQo
VRVpyYroXTyAjLy90+mBvW1nrOVKgM72lBxU2GAd062m7mK7xjdac5d9vkDdq76n
NS7RXWpjLcDB/kX97GNJWtUdlodBKll1fMqgj8RH+53ynX3vaQUK/iCa9lHnUv81
hP0RI+2G72SF6CY5Li+zf9OhB+dLav7uOkirbbApjrEPqz52kiH+nwHO6+J3xXUQ
yU6N0utMkrjEhUlzh2mhb12cmElwVmVui6L+7dBQt30pzXcsQx04clmLcIuwsolF
jDk4rZDzUQkewT2wCKbtf0Cb5aUx6iRWFFfnpksb3GhVPSQjie6TpPgn6Co4ljj3
WtsZ
-----END CERTIFICATE-----
Generated at Mon Apr 8 12:58:59 2024 by rpki-client on console.sobornost.net