Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/3F4LPJlHmNDTEJFX_NUyp5RrOAo.roa
File: 3F4LPJlHmNDTEJFX_NUyp5RrOAo.roa (raw, json)
Hash identifier: OPa10/SfG+zlwKSaGJk7jUShRw2Nub+0Ky8xVyHf/yE=
Subject key identifier: DC:5E:0B:3C:99:47:98:D0:D3:10:91:57:FC:D5:32:A7:94:6B:38:0A
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EE1ACDFE4413BAEC8164E69D30536837D
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/3F4LPJlHmNDTEJFX_NUyp5RrOAo.roa
Signing time: Mon 15 Apr 2024 12:13:06 +0000
ROA not before: Mon 15 Apr 2024 12:13:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 15 Apr 2024 13:05:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e1:ac:df:e4:41:3b:ae:c8:16:4e:69:d3:05:36:83:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 15 12:13:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc5e0b3c994798d0d3109157fcd532a7946b380a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:4e:82:3e:2e:58:47:2d:c7:2a:50:50:4c:a2:
29:c1:ba:1a:b4:90:f4:b2:1d:b9:86:17:7a:c9:c3:
78:f3:a7:92:37:e3:5c:98:39:02:53:87:4c:e0:57:
43:50:a9:5d:bd:77:9e:ad:a8:07:6d:cd:85:39:08:
6e:80:fe:99:3f:38:07:e7:a1:7d:e3:34:8d:ab:32:
02:29:7d:76:62:ca:fd:f6:5d:4f:c7:20:be:fe:c1:
aa:3d:45:69:e1:07:95:3c:86:42:aa:0c:25:ca:1c:
a3:de:db:b6:1d:1d:79:45:75:45:de:16:7a:6f:d1:
80:17:9d:35:b1:f9:2c:b2:28:d4:5c:66:14:f6:9a:
30:36:bf:e9:ea:3b:56:0c:71:b5:59:7d:14:70:51:
76:90:6f:69:1f:51:b1:6c:bf:96:dd:71:6e:b5:3d:
0e:6d:18:a7:91:ea:b0:4d:6d:ad:af:d3:94:f0:f8:
7d:99:94:3b:00:f8:3b:7f:32:d2:08:b9:53:92:08:
47:64:99:30:56:5c:76:13:4b:88:a5:2b:b8:85:0c:
cc:73:c9:57:34:9b:31:bc:5d:8c:ff:ba:b9:32:c7:
f3:ca:6a:dd:dc:c4:d7:8b:05:7a:01:2c:fb:dd:d0:
b2:a2:c9:6a:51:ec:fb:e1:fa:a8:05:07:b0:46:81:
3a:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:5E:0B:3C:99:47:98:D0:D3:10:91:57:FC:D5:32:A7:94:6B:38:0A
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/3F4LPJlHmNDTEJFX_NUyp5RrOAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9d:67:9f:97:0d:42:61:94:32:21:f9:24:a9:3f:7e:3d:95:59:
36:36:be:02:9c:38:95:f2:7a:45:36:44:e2:5f:45:45:28:59:
4e:e6:fd:a0:82:36:a5:0c:47:75:4b:c6:c3:40:ee:30:79:3d:
db:3e:dd:17:d7:d6:13:e9:9d:9c:2d:00:f2:33:dc:53:37:61:
6a:81:a8:79:3e:5d:c6:53:ae:8b:9d:d6:7f:6f:f6:a6:48:c3:
7d:90:4d:dd:5a:85:57:65:90:f9:03:72:aa:cf:fc:fd:8a:29:
6b:75:95:7b:40:01:a0:38:4e:15:f2:0a:e5:03:c3:62:fe:5d:
e5:a3:4d:5d:09:65:5f:ec:ef:a3:46:8f:19:e9:08:98:42:f0:
1a:d4:f3:a7:50:6c:6f:91:f1:98:e1:15:ba:32:f1:0f:c2:78:
80:f3:34:75:85:ee:1c:e4:b1:7e:ec:e2:f0:88:05:a5:05:71:
93:35:3e:69:68:06:6a:59:dc:b1:31:78:a4:0b:e0:4d:f9:9a:
fd:5f:cf:93:25:16:bd:8c:71:fd:f7:75:38:c1:85:22:44:b2:
84:7c:f4:e5:66:21:91:d7:1b:4b:80:30:b6:c3:5d:3f:9b:92:
3e:29:47:50:f0:32:0f:4a:76:bc:b5:37:01:9a:2f:30:4e:00:
39:e8:a8:9a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7hrN/kQTuuyBZOadMFNoN9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDE1MTIxMzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzVlMGIzYzk5NDc5OGQwZDMxMDkxNTdmY2Q1MzJhNzk0NmIzODBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiU6CPi5YRy3HKlBQTKIpwboatJD0
sh25hhd6ycN486eSN+NcmDkCU4dM4FdDUKldvXeeragHbc2FOQhugP6ZPzgH56F9
4zSNqzICKX12Ysr99l1PxyC+/sGqPUVp4QeVPIZCqgwlyhyj3tu2HR15RXVF3hZ6
b9GAF501sfkssijUXGYU9powNr/p6jtWDHG1WX0UcFF2kG9pH1GxbL+W3XFutT0O
bRinkeqwTW2tr9OU8Ph9mZQ7APg7fzLSCLlTkghHZJkwVlx2E0uIpSu4hQzMc8lX
NJsxvF2M/7q5Msfzymrd3MTXiwV6ASz73dCyoslqUez74fqoBQewRoE6qQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNxeCzyZR5jQ0xCRV/zVMqeUazgKMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvM0Y0TFBKbEhtTkRURUpGWF9OVXlwNVJyT0FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ1nn5cNQmGUMiH5JKk/
fj2VWTY2vgKcOJXyekU2ROJfRUUoWU7m/aCCNqUMR3VLxsNA7jB5Pds+3RfX1hPp
nZwtAPIz3FM3YWqBqHk+XcZTroud1n9v9qZIw32QTd1ahVdlkPkDcqrP/P2KKWt1
lXtAAaA4ThXyCuUDw2L+XeWjTV0JZV/s76NGjxnpCJhC8BrU86dQbG+R8ZjhFboy
8Q/CeIDzNHWF7hzksX7s4vCIBaUFcZM1PmloBmpZ3LExeKQL4E35mv1fz5MlFr2M
cf33dTjBhSJEsoR89OVmIZHXG0uAMLbDXT+bkj4pR1DwMg9Kdry1NwGaLzBOADno
qJo=
-----END CERTIFICATE-----
Generated at Mon Apr 15 19:41:49 2024 by rpki-client on console.sobornost.net