Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/3BHH-tdN-CwO94czVfGsXaRMRjg.roa
File: 3BHH-tdN-CwO94czVfGsXaRMRjg.roa (raw, json)
Hash identifier: fICoXdD8lpJppibhQ2CWW+RaDX8s+ED++n4uzvjPsIo=
Subject key identifier: DC:11:C7:FA:D7:4D:F8:2C:0E:F7:87:33:55:F1:AC:5D:A4:4C:46:38
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DEE8F0A923DD7A2F359B0D195B06669DF
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/3BHH-tdN-CwO94czVfGsXaRMRjg.roa
Signing time: Wed 28 Feb 2024 07:12:48 +0000
ROA not before: Wed 28 Feb 2024 07:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 28 Feb 2024 08:04:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ee:8f:0a:92:3d:d7:a2:f3:59:b0:d1:95:b0:66:69:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 28 07:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc11c7fad74df82c0ef7873355f1ac5da44c4638
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:89:2d:9c:02:93:0e:19:40:fb:de:ca:c4:1e:
b3:31:e9:e8:20:f6:06:48:da:cf:2e:dc:6d:8a:b2:
11:56:a4:03:25:b1:28:5e:ab:85:f3:4e:2a:da:12:
84:a7:f1:e0:0c:6e:b2:47:37:c3:5a:80:9b:46:64:
7a:bd:50:b9:52:4a:52:5a:b3:90:5d:3d:70:00:77:
2e:aa:da:e7:06:72:e5:54:99:d0:d1:b7:d7:bd:af:
39:8a:d5:fd:73:d0:6a:8c:64:e7:75:36:c1:82:e4:
e2:4f:b3:f6:58:12:81:80:31:9f:c1:41:8f:6a:e5:
27:5c:c2:03:76:62:06:5a:7a:04:b5:64:e2:ba:82:
e8:d2:f7:01:5f:de:6a:a7:97:aa:6e:7c:13:10:97:
8c:fb:44:7a:d2:a4:0c:ca:61:dc:36:1c:6d:6e:42:
a3:a1:61:f4:d6:43:34:ac:a3:f3:3d:63:c7:09:d3:
57:8a:a6:57:f6:d6:a7:d4:e0:6a:e0:30:d7:57:3d:
a1:06:10:75:f1:4e:cb:d7:c7:55:8c:58:33:1c:42:
98:36:77:3d:54:8a:a9:67:a4:33:61:b1:ce:72:f9:
81:86:95:97:b7:7d:2e:80:4d:dd:3b:f3:24:09:dc:
22:00:63:22:51:b9:8d:cb:14:d2:62:ad:cc:be:cc:
8a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:11:C7:FA:D7:4D:F8:2C:0E:F7:87:33:55:F1:AC:5D:A4:4C:46:38
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/3BHH-tdN-CwO94czVfGsXaRMRjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1f:25:81:8b:de:5d:22:6b:56:21:3a:e7:18:c7:00:d2:3f:83:
26:e2:6b:c5:e7:81:0e:7f:f0:d6:96:8f:e3:b4:90:68:d4:40:
49:6e:44:fb:78:ad:76:d6:db:38:90:6d:82:c4:22:f7:66:c2:
59:82:8e:89:b7:6e:5f:95:61:4a:ea:9b:07:4a:b1:36:3a:c7:
a9:8d:e5:f3:f9:14:63:41:90:a0:54:ed:ec:9e:b3:c5:4b:ed:
26:ee:6d:8b:7b:7d:f2:f9:f9:86:17:4c:4b:ec:80:c5:2f:98:
d4:3a:56:b7:09:21:fc:c1:25:3b:1c:8a:36:16:e8:e3:fb:c8:
07:e3:17:d9:46:12:e8:f9:08:91:b3:6b:e3:22:64:81:75:e2:
43:ba:72:e3:5c:9b:f1:40:1c:1f:bd:43:a2:fc:6a:dd:fd:97:
cf:d7:ff:1b:b9:95:f2:82:de:f1:c2:34:79:a2:c9:4a:b0:d0:
00:7c:c5:8f:c1:04:d2:55:cf:1a:74:e3:e4:8b:27:12:6d:84:
91:93:a4:1c:c5:0a:1c:d5:64:6f:d2:3f:3f:b1:3e:0a:5b:fe:
15:d0:32:1a:36:e1:6b:32:40:b4:cc:a0:77:2b:3e:33:5b:4e:
cb:94:bf:a5:fa:85:60:33:69:81:56:38:02:47:7a:f3:5b:46:
53:ab:88:16
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3ujwqSPdei81mw0ZWwZmnfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI4MDcxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzExYzdmYWQ3NGRmODJjMGVmNzg3MzM1NWYxYWM1ZGE0NGM0NjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIktnAKTDhlA+97KxB6zMenoIPYG
SNrPLtxtirIRVqQDJbEoXquF804q2hKEp/HgDG6yRzfDWoCbRmR6vVC5UkpSWrOQ
XT1wAHcuqtrnBnLlVJnQ0bfXva85itX9c9BqjGTndTbBguTiT7P2WBKBgDGfwUGP
auUnXMIDdmIGWnoEtWTiuoLo0vcBX95qp5eqbnwTEJeM+0R60qQMymHcNhxtbkKj
oWH01kM0rKPzPWPHCdNXiqZX9tan1OBq4DDXVz2hBhB18U7L18dVjFgzHEKYNnc9
VIqpZ6QzYbHOcvmBhpWXt30ugE3dO/MkCdwiAGMiUbmNyxTSYq3MvsyKXwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNwRx/rXTfgsDveHM1XxrF2kTEY4MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvM0JISC10ZE4tQ3dPOTRjelZmR3NYYVJNUmpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB8lgYveXSJrViE65xjH
ANI/gybia8XngQ5/8NaWj+O0kGjUQEluRPt4rXbW2ziQbYLEIvdmwlmCjom3bl+V
YUrqmwdKsTY6x6mN5fP5FGNBkKBU7eyes8VL7SbubYt7ffL5+YYXTEvsgMUvmNQ6
VrcJIfzBJTscijYW6OP7yAfjF9lGEuj5CJGza+MiZIF14kO6cuNcm/FAHB+9Q6L8
at39l8/X/xu5lfKC3vHCNHmiyUqw0AB8xY/BBNJVzxp04+SLJxJthJGTpBzFChzV
ZG/SPz+xPgpb/hXQMho24WsyQLTMoHcrPjNbTsuUv6X6hWAzaYFWOAJHevNbRlOr
iBY=
-----END CERTIFICATE-----
Generated at Wed Feb 28 13:24:37 2024 by rpki-client on console.sobornost.net