Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1SjVw0Q7VnqpWPAVSomVb6rsLSY.roa
File: 1SjVw0Q7VnqpWPAVSomVb6rsLSY.roa (raw, json)
Hash identifier: O+iXc6yYsjbgL3od79+NqZvjpC4VM4mE5RJq7vWP4xw=
Subject key identifier: D5:28:D5:C3:44:3B:56:7A:A9:58:F0:15:4A:89:95:6F:AA:EC:2D:26
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E2EB03BA58FAF3EC3AD2D0D6CA378897B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1SjVw0Q7VnqpWPAVSomVb6rsLSY.roa
Signing time: Mon 11 Mar 2024 18:04:45 +0000
ROA not before: Mon 11 Mar 2024 18:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:2eaf:e56e/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 11 Mar 2024 18:11:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2e:b0:3b:a5:8f:af:3e:c3:ad:2d:0d:6c:a3:78:89:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 11 18:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d528d5c3443b567aa958f0154a89956faaec2d26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:9f:3a:24:2a:44:b0:a4:70:a8:c5:30:f1:6c:
6f:8a:d8:48:fa:f4:d0:ba:7d:92:87:46:e5:90:75:
13:d2:72:3f:dd:27:e6:18:44:d7:f0:86:47:e9:99:
98:81:73:1b:08:a6:74:9b:a0:24:be:f9:ef:dd:6f:
a5:bd:64:3c:ab:fa:46:07:a3:34:19:93:89:b4:04:
47:e2:60:58:0f:24:df:29:46:b6:76:83:85:41:02:
46:37:23:ae:d3:26:15:d8:35:d4:3f:f2:a3:88:ec:
84:cc:bf:d3:dc:55:23:a1:2f:1b:ca:93:74:5b:31:
b9:79:c3:be:9c:d9:15:d0:8b:31:f7:5e:85:48:0d:
6c:30:92:bf:06:e6:2e:ea:c5:b7:fe:4f:31:5a:3e:
d7:44:dd:a2:0d:ed:7b:25:80:19:02:22:84:1e:f3:
32:6f:52:b0:24:c7:fa:1c:18:08:09:ed:5e:ae:40:
c1:e8:7b:cb:80:fc:7f:8f:e8:52:f4:a7:3a:75:de:
0d:e2:4b:78:be:c7:65:bf:e9:3d:45:47:fd:fe:4d:
3e:5d:75:c7:f1:b7:1b:b0:bf:4e:d6:f0:1b:87:8c:
af:48:b5:a8:de:fe:ae:d9:4d:71:44:95:ab:07:c3:
16:54:7f:a4:28:c4:70:cf:61:a0:f6:ba:39:9f:02:
53:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:28:D5:C3:44:3B:56:7A:A9:58:F0:15:4A:89:95:6F:AA:EC:2D:26
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1SjVw0Q7VnqpWPAVSomVb6rsLSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5f:7b:d6:be:f1:f7:72:50:b7:ee:9d:84:66:cb:65:51:ac:33:
b9:da:3c:5a:b1:42:c0:28:f4:81:02:ca:6e:ff:96:3b:a4:22:
55:c4:08:d2:93:31:8d:18:77:9f:b0:d2:2e:24:c8:bf:6e:6c:
ef:d2:f5:10:2a:e5:11:43:3a:b9:37:82:61:68:d9:02:5b:74:
6f:79:de:e6:b5:a5:f1:6a:52:be:04:c1:19:be:96:56:bd:ae:
8d:9f:09:c4:65:89:1d:9a:fc:f0:6d:96:73:c8:70:d2:93:27:
48:4f:2b:f6:3b:39:a6:97:04:c9:58:77:f2:58:06:c5:f7:e6:
2a:b0:7c:b8:89:ec:16:85:62:05:5e:58:6c:95:15:30:64:72:
6a:2d:75:e0:63:d4:9c:76:9d:fc:a3:72:57:f9:31:f8:99:6f:
01:d7:4f:5f:eb:db:82:75:83:dd:09:70:54:15:3c:66:fd:06:
64:e8:6b:96:a6:f3:6f:9f:a1:88:b7:d2:97:7c:71:1d:c9:42:
62:35:9c:c1:05:75:d6:38:75:14:ea:7a:ff:a8:4e:10:14:3d:
19:38:5e:85:16:94:ee:4d:86:7d:c4:59:d4:d3:f0:0c:13:b3:
d8:b7:db:ec:cb:f3:32:bc:9b:f6:ce:8c:3a:12:0e:f7:99:37:
32:08:2a:0d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4usDulj68+w60tDWyjeIl7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzExMTgwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTI4ZDVjMzQ0M2I1NjdhYTk1OGYwMTU0YTg5OTU2ZmFhZWMyZDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn586JCpEsKRwqMUw8WxvithI+vTQ
un2Sh0blkHUT0nI/3SfmGETX8IZH6ZmYgXMbCKZ0m6Akvvnv3W+lvWQ8q/pGB6M0
GZOJtARH4mBYDyTfKUa2doOFQQJGNyOu0yYV2DXUP/KjiOyEzL/T3FUjoS8bypN0
WzG5ecO+nNkV0Isx916FSA1sMJK/BuYu6sW3/k8xWj7XRN2iDe17JYAZAiKEHvMy
b1KwJMf6HBgICe1erkDB6HvLgPx/j+hS9Kc6dd4N4kt4vsdlv+k9RUf9/k0+XXXH
8bcbsL9O1vAbh4yvSLWo3v6u2U1xRJWrB8MWVH+kKMRwz2Gg9ro5nwJTewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNUo1cNEO1Z6qVjwFUqJlW+q7C0mMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMVNqVncwUTdWbnFwV1BBVlNvbVZiNnJzTFNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF971r7x93JQt+6dhGbL
ZVGsM7naPFqxQsAo9IECym7/ljukIlXECNKTMY0Yd5+w0i4kyL9ubO/S9RAq5RFD
Ork3gmFo2QJbdG953ua1pfFqUr4EwRm+lla9ro2fCcRliR2a/PBtlnPIcNKTJ0hP
K/Y7OaaXBMlYd/JYBsX35iqwfLiJ7BaFYgVeWGyVFTBkcmotdeBj1Jx2nfyjclf5
MfiZbwHXT1/r24J1g90JcFQVPGb9BmToa5am82+foYi30pd8cR3JQmI1nMEFddY4
dRTqev+oThAUPRk4XoUWlO5Nhn3EWdTT8AwTs9i32+zL8zK8m/bOjDoSDveZNzII
Kg0=
-----END CERTIFICATE-----
Generated at Tue Mar 12 01:36:52 2024 by rpki-client on console.sobornost.net