Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1hF0exGJ8KvMiYnUHykHbliJ6Z8.roa
File: 1hF0exGJ8KvMiYnUHykHbliJ6Z8.roa (raw, json)
Hash identifier: QxcUSdhAMa1lfdrQE1l7QsOto8eSPY5kImmu9LxOb2k=
Subject key identifier: D6:11:74:7B:11:89:F0:AB:CC:89:89:D4:1F:29:07:6E:58:89:E9:9F
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EC0D7CEB00B128CE82CCCC5089B632BA0
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1hF0exGJ8KvMiYnUHykHbliJ6Z8.roa
Signing time: Tue 09 Apr 2024 03:12:32 +0000
ROA not before: Tue 09 Apr 2024 03:12:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 09 Apr 2024 04:04:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c0:d7:ce:b0:0b:12:8c:e8:2c:cc:c5:08:9b:63:2b:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 9 03:12:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d611747b1189f0abcc8989d41f29076e5889e99f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:24:db:6e:6c:a2:7a:a7:2f:c9:5e:5b:cb:fe:
b8:f5:c6:d5:9b:a7:fc:1a:18:99:30:9c:a1:d6:16:
eb:cc:8f:da:18:7a:8c:90:a5:4b:d1:60:c9:11:0e:
3d:d0:d9:69:c0:70:ab:b0:bc:c2:b7:1a:85:d5:13:
d4:1c:f1:da:0e:7c:00:3d:a4:43:36:54:91:9d:a4:
e3:fa:1d:ec:64:13:16:0b:88:10:86:14:5e:eb:7a:
13:f5:64:fb:82:3a:bb:38:72:3e:a2:ca:74:ac:ff:
d2:f4:e6:80:1d:af:9b:b8:f3:1c:e9:6e:7f:b3:b3:
42:2d:df:da:af:a4:b5:6d:68:3d:fb:9f:02:34:fe:
59:4e:51:86:32:a1:5b:6f:89:f4:4c:cb:7e:a5:2a:
17:5a:bf:42:8d:f0:cf:de:0a:06:42:41:fc:e5:89:
3d:e3:38:45:1a:bc:46:69:ed:d7:b7:85:7f:c7:ec:
5b:13:10:60:0b:d4:91:d0:c8:ce:4d:03:02:d4:81:
6c:fa:e1:dd:f5:59:99:65:66:35:fa:fb:a1:7e:4b:
36:f9:c6:77:80:83:9d:ff:34:ec:5d:42:97:27:2a:
b3:01:25:64:69:6c:49:08:4a:c6:6f:df:f7:d3:4b:
09:ed:5a:2b:2e:f4:9d:7f:bc:b3:66:d7:b8:c9:34:
4a:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:11:74:7B:11:89:F0:AB:CC:89:89:D4:1F:29:07:6E:58:89:E9:9F
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1hF0exGJ8KvMiYnUHykHbliJ6Z8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
84:5c:c3:9a:ef:c7:97:49:92:bf:55:5b:b2:69:fa:a7:a3:24:
b5:08:b1:13:ab:95:b2:67:aa:74:db:c4:5a:27:f8:a2:2c:c3:
32:37:ac:95:82:fd:51:43:48:b3:54:ea:b5:fc:14:61:1f:ad:
cf:39:fe:5b:72:03:6a:99:77:eb:bb:ad:84:fd:9c:07:0f:54:
49:eb:0f:ba:9a:c3:b6:e2:e0:5e:e6:45:99:85:6d:cd:5b:3f:
63:47:5d:e2:52:29:c9:de:02:a9:24:fa:6f:32:48:9e:ee:d6:
11:51:0a:57:43:3d:9b:59:8b:de:33:c9:cc:0a:fc:03:b7:96:
19:e2:cf:91:98:15:9d:fe:a0:8a:db:9f:d0:31:b6:d6:6b:61:
b1:47:af:a3:6f:07:e9:e7:ac:d2:2f:21:8c:1b:4c:8f:84:11:
9d:bb:f4:4a:a8:4b:23:ff:d3:ca:9c:e7:af:4e:d4:6f:89:b3:
9f:1f:0b:49:7a:2e:ab:78:66:5e:19:2e:79:f5:99:3a:19:68:
ed:d8:ef:37:f7:76:a6:71:0c:fc:3f:08:8e:da:18:08:88:a1:
a6:f3:bb:e2:4d:36:30:13:a4:86:23:0f:2d:d9:64:4c:d8:d7:
ae:fb:ed:5a:11:39:18:df:f1:a5:bb:60:41:1b:bf:f4:ca:47:
c3:db:cf:b2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7A186wCxKM6CzMxQibYyugMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA5MDMxMjMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjExNzQ3YjExODlmMGFiY2M4OTg5ZDQxZjI5MDc2ZTU4ODllOTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSTbbmyieqcvyV5by/649cbVm6f8
GhiZMJyh1hbrzI/aGHqMkKVL0WDJEQ490NlpwHCrsLzCtxqF1RPUHPHaDnwAPaRD
NlSRnaTj+h3sZBMWC4gQhhRe63oT9WT7gjq7OHI+osp0rP/S9OaAHa+buPMc6W5/
s7NCLd/ar6S1bWg9+58CNP5ZTlGGMqFbb4n0TMt+pSoXWr9CjfDP3goGQkH85Yk9
4zhFGrxGae3Xt4V/x+xbExBgC9SR0MjOTQMC1IFs+uHd9VmZZWY1+vuhfks2+cZ3
gIOd/zTsXUKXJyqzASVkaWxJCErGb9/300sJ7VorLvSdf7yzZte4yTRKVQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNYRdHsRifCrzImJ1B8pB25YiemfMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMWhGMGV4R0o4S3ZNaVluVUh5a0hibGlKNlo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIRcw5rvx5dJkr9VW7Jp
+qejJLUIsROrlbJnqnTbxFon+KIswzI3rJWC/VFDSLNU6rX8FGEfrc85/ltyA2qZ
d+u7rYT9nAcPVEnrD7qaw7bi4F7mRZmFbc1bP2NHXeJSKcneAqkk+m8ySJ7u1hFR
CldDPZtZi94zycwK/AO3lhniz5GYFZ3+oIrbn9AxttZrYbFHr6NvB+nnrNIvIYwb
TI+EEZ279EqoSyP/08qc569O1G+Js58fC0l6Lqt4Zl4ZLnn1mToZaO3Y7zf3dqZx
DPw/CI7aGAiIoabzu+JNNjATpIYjDy3ZZEzY16777VoRORjf8aW7YEEbv/TKR8Pb
z7I=
-----END CERTIFICATE-----
Generated at Tue Apr 9 10:07:51 2024 by rpki-client on console.sobornost.net