Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/3vhyYfmh9uGrLM-JSAiqWuy-jVc.roa
File: 3vhyYfmh9uGrLM-JSAiqWuy-jVc.roa (raw, json)
Hash identifier: nXDmz551kzxLpvwzlHBOtOMEIs0GiMitNLW1c0zGpyE=
Subject key identifier: DE:F8:72:61:F9:A1:F6:E1:AB:2C:CF:89:48:08:AA:5A:EC:BE:8D:57
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E366F42E9832F4B7403E7990A2C68C390
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/3vhyYfmh9uGrLM-JSAiqWuy-jVc.roa
Signing time: Wed 13 Mar 2024 06:10:45 +0000
ROA not before: Wed 13 Mar 2024 06:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 13 Mar 2024 07:04:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:36:6f:42:e9:83:2f:4b:74:03:e7:99:0a:2c:68:c3:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 13 06:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=def87261f9a1f6e1ab2ccf894808aa5aecbe8d57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:1d:9c:5b:0d:4b:fe:35:5c:2a:9e:db:e8:dd:
1e:dd:ac:18:56:64:31:4b:a0:e7:40:92:94:85:72:
88:26:46:f9:68:05:78:18:24:8b:32:1c:7f:6b:14:
b7:c4:75:77:47:f9:5a:0f:c8:b7:6b:a3:d2:21:f4:
77:58:4c:27:a6:e8:91:b5:b4:5d:8e:a9:e2:63:b5:
5a:62:a3:08:7d:2d:72:98:d5:97:28:35:00:cf:1a:
19:29:3b:23:16:7e:e3:5d:87:a9:49:d1:94:93:5a:
56:4a:36:88:c6:98:5d:aa:1c:eb:68:95:5a:af:2f:
c1:0a:2c:85:00:c8:8f:2a:42:79:37:d6:c0:62:d4:
ec:a3:b4:e4:c5:f5:2e:f1:0b:3a:83:ad:75:34:f9:
9c:ed:81:3c:26:94:ae:da:1b:85:8d:61:74:a5:cb:
46:56:bf:5d:ac:df:96:e6:1c:87:a9:3d:49:a6:34:
d5:45:ba:a8:14:c4:99:b4:cc:01:09:a3:1b:32:f8:
38:86:bf:ec:8a:0a:20:24:10:2d:7d:89:65:ae:2c:
f0:94:4a:91:2a:3c:6a:58:b9:18:77:4f:93:89:5b:
8d:53:cf:03:e4:55:2c:40:dd:87:11:6d:ca:49:d8:
d2:7e:cb:4b:d6:e3:a9:64:60:3f:3d:9d:d3:08:15:
c9:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:F8:72:61:F9:A1:F6:E1:AB:2C:CF:89:48:08:AA:5A:EC:BE:8D:57
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/3vhyYfmh9uGrLM-JSAiqWuy-jVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
77:6b:42:90:d1:b8:4e:0c:90:5c:87:bd:ea:56:16:d5:2b:60:
74:27:90:37:78:6e:0c:cc:bc:9d:11:ce:16:42:0d:f2:cd:5c:
ed:eb:c2:b6:ae:b8:eb:54:c3:b5:97:ad:0c:7e:f3:d6:81:e0:
e0:ea:1a:18:5d:3f:31:39:31:ea:4b:09:67:09:2d:cc:85:e8:
b7:93:dd:82:1e:66:7c:9c:c3:0d:0f:43:b0:2b:d6:78:c0:d0:
c2:ee:97:40:c1:ca:a0:3f:72:8d:9c:0b:2c:16:c6:2e:68:4c:
9c:10:00:db:c5:61:9c:77:4c:27:29:09:1e:74:5c:0d:09:9c:
d5:53:1d:7d:2e:8b:bd:7f:61:3d:d8:af:52:ad:7d:c0:b1:64:
17:02:2d:94:93:a8:c5:79:da:be:ad:4a:6d:6b:93:56:84:36:
b8:8d:65:f4:c2:fa:1a:ce:64:f6:7f:ae:35:43:37:7b:00:c7:
ac:23:11:b0:18:99:4e:9d:25:c7:d6:aa:50:1c:48:04:9f:c9:
b3:a3:cb:65:c3:1e:28:3f:2d:a0:a0:18:b8:29:47:f2:2f:5f:
36:ee:c9:87:45:6c:78:0e:5c:46:7a:da:32:8c:0c:cf:4f:68:
bb:20:9f:a4:3e:3b:aa:c2:49:4a:5b:76:32:ac:33:dc:e4:a2:
59:8d:a4:91
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY42b0Lpgy9LdAPnmQosaMOQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzEzMDYxMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWY4NzI2MWY5YTFmNmUxYWIyY2NmODk0ODA4YWE1YWVjYmU4ZDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhR2cWw1L/jVcKp7b6N0e3awYVmQx
S6DnQJKUhXKIJkb5aAV4GCSLMhx/axS3xHV3R/laD8i3a6PSIfR3WEwnpuiRtbRd
jqniY7VaYqMIfS1ymNWXKDUAzxoZKTsjFn7jXYepSdGUk1pWSjaIxphdqhzraJVa
ry/BCiyFAMiPKkJ5N9bAYtTso7TkxfUu8Qs6g611NPmc7YE8JpSu2huFjWF0pctG
Vr9drN+W5hyHqT1JpjTVRbqoFMSZtMwBCaMbMvg4hr/sigogJBAtfYllrizwlEqR
KjxqWLkYd0+TiVuNU88D5FUsQN2HEW3KSdjSfstL1uOpZGA/PZ3TCBXJ/wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN74cmH5ofbhqyzPiUgIqlrsvo1XMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvM3ZoeVlmbWg5dUdyTE0tSlNBaXFXdXktalZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHdrQpDRuE4MkFyHvepW
FtUrYHQnkDd4bgzMvJ0RzhZCDfLNXO3rwrauuOtUw7WXrQx+89aB4ODqGhhdPzE5
MepLCWcJLcyF6LeT3YIeZnycww0PQ7Ar1njA0MLul0DByqA/co2cCywWxi5oTJwQ
ANvFYZx3TCcpCR50XA0JnNVTHX0ui71/YT3Yr1KtfcCxZBcCLZSTqMV52r6tSm1r
k1aENriNZfTC+hrOZPZ/rjVDN3sAx6wjEbAYmU6dJcfWqlAcSASfybOjy2XDHig/
LaCgGLgpR/IvXzbuyYdFbHgOXEZ62jKMDM9PaLsgn6Q+O6rCSUpbdjKsM9zkolmN
pJE=
-----END CERTIFICATE-----
Generated at Wed Mar 13 13:26:48 2024 by rpki-client on console.sobornost.net