Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1yF75QJNmr1idpC3MYUgLImwzXY.roa
File: 1yF75QJNmr1idpC3MYUgLImwzXY.roa (raw, json)
Hash identifier: OxKtQ0aJXNRN7VHoYzDgJZlVA2AVSGMD5zZ4rrB90Ao=
Subject key identifier: D7:21:7B:E5:02:4D:9A:BD:62:76:90:B7:31:85:20:2C:89:B0:CD:76
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E92785BC34375A0BA12CAF352A20BD6E7
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1yF75QJNmr1idpC3MYUgLImwzXY.roa
Signing time: Sun 31 Mar 2024 03:05:45 +0000
ROA not before: Sun 31 Mar 2024 03:05:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
2001:67c:64:ffff:0:18e:9277:ef82/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 31 Mar 2024 03:11:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:92:78:5b:c3:43:75:a0:ba:12:ca:f3:52:a2:0b:d6:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 31 03:05:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7217be5024d9abd627690b73185202c89b0cd76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:07:98:58:56:75:37:d5:5e:eb:de:6d:54:3c:
ce:ef:03:28:91:7b:97:b8:5c:98:db:0e:98:55:33:
0f:39:6f:73:d9:2c:c9:4d:64:4b:88:43:13:50:50:
3e:9b:82:c5:99:c4:23:a3:4a:2d:64:3a:20:01:a7:
89:f1:98:7f:d2:6c:d0:bd:94:54:61:8c:8d:9e:18:
85:d4:dd:4d:98:f8:79:f8:33:c3:6a:ee:35:3b:91:
b8:df:8b:81:0d:65:99:61:ed:b2:18:81:52:57:a0:
e4:db:e8:56:1e:9b:84:8c:62:a2:a4:e7:0c:06:9c:
c0:d0:73:ca:57:4b:ba:18:ad:fc:0d:5e:3b:9a:4c:
43:a5:ba:41:b6:11:1b:fd:22:50:60:53:16:d6:3b:
26:2c:35:09:5c:7b:5c:81:76:8a:8b:49:03:38:ab:
40:8c:b4:20:33:60:f9:38:00:c1:30:05:d8:60:36:
72:e5:aa:df:2a:9a:7c:1a:10:70:c7:ba:2a:c9:60:
22:63:76:82:10:41:53:45:e7:8f:b9:ea:30:8e:bb:
a8:f1:a2:8c:56:7f:69:42:fb:ca:47:96:68:ea:db:
4c:8a:07:26:d4:00:70:cb:89:6b:12:86:ee:df:84:
34:8f:c5:7a:01:10:16:6e:b1:c3:a4:54:c2:4b:ac:
c6:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:21:7B:E5:02:4D:9A:BD:62:76:90:B7:31:85:20:2C:89:B0:CD:76
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1yF75QJNmr1idpC3MYUgLImwzXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0d:49:3e:ac:d4:17:10:71:76:a4:a0:3b:ba:b3:99:10:d9:80:
a5:e2:63:9f:df:d8:b1:6a:84:7b:d4:15:dd:df:2b:74:cd:cc:
62:28:26:f1:9e:35:6e:c3:3b:36:36:29:06:c6:95:c3:96:03:
2b:b3:12:0d:70:5a:d8:a9:19:24:e2:c9:b0:38:41:b7:a3:5c:
43:41:9d:56:02:ec:57:26:b0:54:61:74:ec:86:2e:e1:72:7d:
0d:e9:ce:67:c4:fb:83:d7:bb:41:cb:fe:31:63:65:d2:e4:a6:
91:11:e3:4f:8d:1f:9e:9c:0d:87:c5:6e:46:3b:89:3f:11:eb:
cc:a9:26:6f:5e:2f:51:80:ba:b6:c7:d7:20:99:56:93:3f:d3:
99:f0:50:38:16:ea:02:98:52:77:04:bc:8b:ec:de:b8:83:e5:
8c:06:6b:cc:d5:a8:ad:f8:6b:f7:fc:56:57:cb:8c:c0:bd:12:
e0:2d:b1:c7:9c:42:22:7f:fe:fb:78:af:04:79:51:f1:e0:9e:
eb:eb:b1:11:db:13:cd:6e:3c:16:ba:d2:7b:6a:00:b6:92:64:
8f:94:64:0b:bb:7f:1b:ee:2c:15:37:ac:70:ed:94:24:8b:05:
44:8e:d5:a0:9a:2d:f7:8d:f9:e2:8d:77:d8:0b:9a:9d:05:5b:
d2:96:52:cc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6SeFvDQ3WguhLK81KiC9bnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzMxMDMwNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzIxN2JlNTAyNGQ5YWJkNjI3NjkwYjczMTg1MjAyYzg5YjBjZDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAeYWFZ1N9Ve695tVDzO7wMokXuX
uFyY2w6YVTMPOW9z2SzJTWRLiEMTUFA+m4LFmcQjo0otZDogAaeJ8Zh/0mzQvZRU
YYyNnhiF1N1NmPh5+DPDau41O5G434uBDWWZYe2yGIFSV6Dk2+hWHpuEjGKipOcM
BpzA0HPKV0u6GK38DV47mkxDpbpBthEb/SJQYFMW1jsmLDUJXHtcgXaKi0kDOKtA
jLQgM2D5OADBMAXYYDZy5arfKpp8GhBwx7oqyWAiY3aCEEFTReePueowjruo8aKM
Vn9pQvvKR5Zo6ttMigcm1ABwy4lrEobu34Q0j8V6ARAWbrHDpFTCS6zGaQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNche+UCTZq9YnaQtzGFICyJsM12MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMXlGNzVRSk5tcjFpZHBDM01ZVWdMSW13elhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA1JPqzUFxBxdqSgO7qz
mRDZgKXiY5/f2LFqhHvUFd3fK3TNzGIoJvGeNW7DOzY2KQbGlcOWAyuzEg1wWtip
GSTiybA4QbejXENBnVYC7FcmsFRhdOyGLuFyfQ3pzmfE+4PXu0HL/jFjZdLkppER
40+NH56cDYfFbkY7iT8R68ypJm9eL1GAurbH1yCZVpM/05nwUDgW6gKYUncEvIvs
3riD5YwGa8zVqK34a/f8VlfLjMC9EuAtscecQiJ//vt4rwR5UfHgnuvrsRHbE81u
PBa60ntqALaSZI+UZAu7fxvuLBU3rHDtlCSLBUSO1aCaLfeN+eKNd9gLmp0FW9KW
Usw=
Generated at Sun Mar 31 09:52:11 2024 by rpki-client on console.sobornost.net