Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/3AnrMIs8tx2dLD61llW-grHzcOM.roa
File: 3AnrMIs8tx2dLD61llW-grHzcOM.roa (raw, json)
Hash identifier: TAyCyU8nIPA85g2aOGJEK8ZHVhrAPGDprRdY7bKJTms=
Subject key identifier: DC:09:EB:30:8B:3C:B7:1D:9D:2C:3E:B5:96:55:BE:82:B1:F3:70:E3
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E37140F68F93FC1809805C003FBF6098D
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/3AnrMIs8tx2dLD61llW-grHzcOM.roa
Signing time: Wed 13 Mar 2024 09:10:45 +0000
ROA not before: Wed 13 Mar 2024 09:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 13 Mar 2024 10:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:37:14:0f:68:f9:3f:c1:80:98:05:c0:03:fb:f6:09:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 13 09:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc09eb308b3cb71d9d2c3eb59655be82b1f370e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:9c:ac:6f:76:ec:2a:60:ca:97:b3:7f:0a:26:
06:df:4e:ae:1a:a9:22:d9:17:d2:f8:93:33:8f:20:
01:05:4b:43:4d:11:04:e7:69:23:4a:5e:89:79:d2:
d8:35:f3:83:f3:59:40:0b:5c:bd:b6:71:3f:a5:ed:
97:0e:a4:b5:4a:0d:bf:38:b2:7d:98:9e:15:59:9a:
13:3f:ed:2f:c3:3b:7c:b0:b8:4f:6b:44:ad:61:61:
d8:33:c2:44:89:0f:18:4c:0c:e6:21:c7:cc:0d:53:
4d:bf:32:03:f5:98:54:e7:42:57:6c:10:50:27:8a:
7d:55:97:a1:12:40:b9:35:a6:8f:82:a4:2e:23:e0:
45:3b:5d:63:30:6b:03:e0:47:be:b7:42:63:f7:26:
38:a3:03:f4:b9:cd:72:fe:54:7d:f8:2a:04:c4:7c:
c1:be:41:9e:33:71:bd:fa:08:d5:b2:c9:f2:f8:65:
93:65:3d:ac:31:cd:5c:51:5f:ee:5f:82:05:81:7b:
c4:70:5f:83:ed:3b:67:a2:6b:3b:cb:bc:52:06:a0:
d2:38:bf:93:be:c8:c3:8f:b3:cd:69:1d:f7:65:99:
f2:2a:45:dc:8a:38:0c:4a:60:7d:9c:26:ac:41:8a:
de:b3:b8:22:da:c2:06:dd:5f:f2:73:a9:e0:38:44:
b0:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:09:EB:30:8B:3C:B7:1D:9D:2C:3E:B5:96:55:BE:82:B1:F3:70:E3
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/3AnrMIs8tx2dLD61llW-grHzcOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
73:c8:d4:79:b7:cb:10:ca:50:81:f7:37:df:50:04:d7:e5:69:
14:b8:2a:07:9d:88:aa:d4:6a:51:aa:61:33:33:4e:73:58:ad:
a2:0d:17:ed:1e:9c:b9:a9:4a:a0:d7:e1:df:50:fa:10:cc:87:
85:3f:32:40:2a:3d:ee:0f:e9:d3:23:96:0a:02:02:da:86:d0:
0f:69:42:72:29:a6:71:f5:9b:cc:d5:27:1a:cf:bc:78:cb:1d:
cb:cf:09:f2:cd:e5:83:36:83:96:0d:cc:e9:be:02:83:52:db:
b3:90:7f:c3:fb:d4:d1:3e:0c:52:e8:8d:85:10:df:14:07:b7:
77:df:32:a4:ad:f5:3d:25:60:49:12:c2:b6:0e:f4:9a:49:ec:
be:71:59:22:9b:95:75:be:c1:2b:b1:61:2c:44:aa:47:36:da:
76:72:75:2d:4c:c5:c0:f0:4f:f1:50:dd:6e:c8:7e:1c:18:9a:
35:c9:12:41:80:54:9d:a2:e5:09:c0:8c:04:6d:5a:1b:bd:d4:
f2:bd:c4:5b:3c:c6:a6:13:15:d9:e7:66:5e:14:da:7a:7e:56:
ae:5f:1c:45:c3:f6:a2:78:45:e7:a6:fc:c0:1e:a2:44:cf:61:
b8:27:23:8c:b0:fb:45:c5:17:aa:86:8a:66:2c:d7:2c:0a:61:
7f:74:55:25
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY43FA9o+T/BgJgFwAP79gmNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzEzMDkxMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzA5ZWIzMDhiM2NiNzFkOWQyYzNlYjU5NjU1YmU4MmIxZjM3MGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4pysb3bsKmDKl7N/CiYG306uGqki
2RfS+JMzjyABBUtDTREE52kjSl6JedLYNfOD81lAC1y9tnE/pe2XDqS1Sg2/OLJ9
mJ4VWZoTP+0vwzt8sLhPa0StYWHYM8JEiQ8YTAzmIcfMDVNNvzID9ZhU50JXbBBQ
J4p9VZehEkC5NaaPgqQuI+BFO11jMGsD4Ee+t0Jj9yY4owP0uc1y/lR9+CoExHzB
vkGeM3G9+gjVssny+GWTZT2sMc1cUV/uX4IFgXvEcF+D7Ttnoms7y7xSBqDSOL+T
vsjDj7PNaR33ZZnyKkXcijgMSmB9nCasQYres7gi2sIG3V/yc6ngOESwnwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNwJ6zCLPLcdnSw+tZZVvoKx83DjMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvM0Fuck1Jczh0eDJkTEQ2MWxsVy1nckh6Y09NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHPI1Hm3yxDKUIH3N99Q
BNflaRS4KgediKrUalGqYTMzTnNYraINF+0enLmpSqDX4d9Q+hDMh4U/MkAqPe4P
6dMjlgoCAtqG0A9pQnIppnH1m8zVJxrPvHjLHcvPCfLN5YM2g5YNzOm+AoNS27OQ
f8P71NE+DFLojYUQ3xQHt3ffMqSt9T0lYEkSwrYO9JpJ7L5xWSKblXW+wSuxYSxE
qkc22nZydS1MxcDwT/FQ3W7IfhwYmjXJEkGAVJ2i5QnAjARtWhu91PK9xFs8xqYT
FdnnZl4U2np+Vq5fHEXD9qJ4Reem/MAeokTPYbgnI4yw+0XFF6qGimYs1ywKYX90
VSU=
-----END CERTIFICATE-----
Generated at Wed Mar 13 17:12:30 2024 by rpki-client on console.sobornost.net