Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2JbJFC5lEtI-PSrgRXI4iJ1USrE.roa
File: 2JbJFC5lEtI-PSrgRXI4iJ1USrE.roa (raw, json)
Hash identifier: hzjMKtkkvX20rwtjzdLEO9z5x4LV6V5rPfachh74q0w=
Subject key identifier: D8:96:C9:14:2E:65:12:D2:3E:3D:2A:E0:45:72:38:88:9D:54:4A:B1
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CE963CBDFC0B805294378D189A8B794D8
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2JbJFC5lEtI-PSrgRXI4iJ1USrE.roa
Signing time: Mon 08 Jan 2024 14:04:40 +0000
ROA not before: Mon 08 Jan 2024 14:04:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18c:e963:83c3/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 08 Jan 2024 14:13:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e9:63:cb:df:c0:b8:05:29:43:78:d1:89:a8:b7:94:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 8 14:04:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d896c9142e6512d23e3d2ae0457238889d544ab1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:bc:a1:61:f6:7d:c5:3f:ae:46:ea:ba:0f:8c:
54:a9:43:39:69:fe:0d:82:0c:42:5c:84:08:c0:0a:
c8:df:69:d7:a0:5d:f1:aa:a6:6b:d6:7d:89:41:e3:
69:c9:b8:72:6a:20:b1:73:f4:62:54:91:bd:ad:4d:
35:d9:54:44:9e:96:a0:8f:da:b7:e7:2c:a4:c4:f4:
06:d4:09:fa:ca:06:3c:36:83:d1:e7:1f:f4:f7:bb:
9d:5e:a5:e1:52:64:12:9c:e3:90:be:78:ce:db:f1:
05:43:f1:8a:e3:57:9a:c2:88:ca:c9:00:ee:48:43:
3f:30:a5:33:98:9e:c9:2f:93:af:a2:9b:59:b0:52:
5c:7d:c5:34:28:98:c0:28:a6:36:4b:37:a8:cd:90:
72:c3:f6:04:3c:de:c5:55:c5:ea:de:6c:2c:18:8f:
22:71:7f:35:3c:4f:77:cb:e0:92:b1:d2:32:25:b3:
76:27:97:e3:99:63:70:d8:0f:bf:3b:d5:fc:c9:84:
b9:d6:e0:42:e4:72:01:e4:9c:a0:60:37:e5:5e:9d:
82:ee:d9:bd:34:09:92:85:82:2e:98:ab:ea:d4:7c:
88:e3:e7:46:76:b6:79:fa:c5:35:d1:c6:20:fb:4c:
8d:d8:45:bf:79:72:ff:af:fc:c7:a3:50:22:3e:65:
b5:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:96:C9:14:2E:65:12:D2:3E:3D:2A:E0:45:72:38:88:9D:54:4A:B1
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2JbJFC5lEtI-PSrgRXI4iJ1USrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
41:7f:00:c5:f7:80:30:33:06:53:a9:37:83:44:96:41:33:78:
a3:46:bf:06:ae:f4:2f:47:f9:e9:13:4c:8e:57:4d:6a:d2:e9:
e9:58:46:26:45:db:11:34:97:fc:ed:2e:cf:8d:49:e7:c6:88:
aa:d0:c8:f8:2c:38:da:cc:b6:e4:a6:cf:44:02:5e:8a:16:48:
9d:84:62:17:d6:9f:ee:c4:a9:a4:08:98:86:17:4e:55:ae:a5:
91:e4:8d:34:48:80:b1:51:57:ed:65:5d:f9:aa:bf:6c:dd:18:
5f:55:ae:19:ef:a5:4e:9b:fb:36:3e:f2:a7:76:f4:dd:24:04:
d5:22:25:b1:79:69:41:e6:25:60:6c:98:1b:b6:78:48:39:59:
cc:8e:20:6a:ce:f3:86:4f:b7:4b:4f:ff:74:52:a9:77:70:96:
67:68:93:17:b2:42:fd:41:41:46:ed:14:d4:da:da:27:e7:b7:
19:d9:bf:d5:63:d0:0f:23:bc:b1:3a:43:d8:a1:b1:6e:61:6c:
b5:98:79:c9:59:7e:66:75:cb:6a:66:5e:2a:2c:38:ac:d5:de:
82:c2:de:c5:31:b7:12:45:b5:77:71:a0:2d:10:1a:0d:00:93:
db:01:24:bb:b0:e1:63:25:27:7e:3a:e2:89:d1:7f:1d:28:57:
91:de:15:d8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzpY8vfwLgFKUN40Ymot5TYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA4MTQwNDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODk2YzkxNDJlNjUxMmQyM2UzZDJhZTA0NTcyMzg4ODlkNTQ0YWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA17yhYfZ9xT+uRuq6D4xUqUM5af4N
ggxCXIQIwArI32nXoF3xqqZr1n2JQeNpybhyaiCxc/RiVJG9rU012VREnpagj9q3
5yykxPQG1An6ygY8NoPR5x/097udXqXhUmQSnOOQvnjO2/EFQ/GK41eawojKyQDu
SEM/MKUzmJ7JL5OvoptZsFJcfcU0KJjAKKY2SzeozZByw/YEPN7FVcXq3mwsGI8i
cX81PE93y+CSsdIyJbN2J5fjmWNw2A+/O9X8yYS51uBC5HIB5JygYDflXp2C7tm9
NAmShYIumKvq1HyI4+dGdrZ5+sU10cYg+0yN2EW/eXL/r/zHo1AiPmW1mQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNiWyRQuZRLSPj0q4EVyOIidVEqxMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMkpiSkZDNWxFdEktUFNyZ1JYSTRpSjFVU3JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEF/AMX3gDAzBlOpN4NE
lkEzeKNGvwau9C9H+ekTTI5XTWrS6elYRiZF2xE0l/ztLs+NSefGiKrQyPgsONrM
tuSmz0QCXooWSJ2EYhfWn+7EqaQImIYXTlWupZHkjTRIgLFRV+1lXfmqv2zdGF9V
rhnvpU6b+zY+8qd29N0kBNUiJbF5aUHmJWBsmBu2eEg5WcyOIGrO84ZPt0tP/3RS
qXdwlmdokxeyQv1BQUbtFNTa2ifntxnZv9Vj0A8jvLE6Q9ihsW5hbLWYeclZfmZ1
y2pmXiosOKzV3oLC3sUxtxJFtXdxoC0QGg0Ak9sBJLuw4WMlJ3464onRfx0oV5He
Fdg=
-----END CERTIFICATE-----
Generated at Mon Jan 8 18:04:54 2024 by rpki-client on console.sobornost.net