Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4NR-XaJSTSAxLVPxMsvgKrx1eBI.roa
File: 4NR-XaJSTSAxLVPxMsvgKrx1eBI.roa (raw, json)
Hash identifier: mQVCUpkbiWhDHoZvo9OCst5ypImW8sJGFEsABX0CV8w=
Subject key identifier: E0:D4:7E:5D:A2:52:4D:20:31:2D:53:F1:32:CB:E0:2A:BC:75:78:12
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DED7C620B421551A7251835C194683115
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4NR-XaJSTSAxLVPxMsvgKrx1eBI.roa
Signing time: Wed 28 Feb 2024 02:12:48 +0000
ROA not before: Wed 28 Feb 2024 02:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 28 Feb 2024 03:04:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ed:7c:62:0b:42:15:51:a7:25:18:35:c1:94:68:31:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 28 02:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0d47e5da2524d20312d53f132cbe02abc757812
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:c7:21:3a:95:cc:5e:af:c1:ad:06:d3:a2:c4:
f0:e5:8c:b7:49:f1:70:c2:a0:6d:43:89:2a:b7:07:
28:d6:7c:eb:b9:ce:0c:50:76:2f:c4:d0:15:93:3e:
c4:e7:c8:4a:5a:1d:12:55:b8:b7:21:83:e8:3c:85:
51:8b:4c:c4:7e:fe:d0:d0:03:0d:23:90:bb:47:ef:
5d:73:a6:31:8a:69:ea:1d:4a:2a:1b:59:d8:f8:98:
1f:3d:4e:cf:3f:b0:b0:9c:4a:ec:ad:26:4c:17:26:
bf:fa:5d:0b:6b:55:0f:cc:3c:98:ba:ad:c2:a9:ef:
94:67:7c:46:db:b4:50:68:8f:5b:42:af:35:dc:51:
95:b4:15:1f:b0:fb:03:0a:0c:e3:a7:aa:29:e8:82:
85:c4:4d:03:ab:5b:56:03:51:9b:01:e3:61:0a:7a:
0f:47:53:01:d6:f5:56:aa:b0:57:ab:72:74:22:4e:
22:fe:ad:04:d1:74:40:b2:cd:b6:67:de:a7:7b:c3:
25:e4:d7:eb:5d:70:ce:6e:09:aa:6f:01:ed:66:b5:
67:79:a1:e7:c4:b5:d9:44:a7:48:bc:49:00:f8:45:
9c:ea:05:17:f0:c4:6a:32:22:a0:b3:9b:75:75:88:
96:13:21:f3:ec:4f:44:68:ec:f0:b3:40:04:fc:c3:
54:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:D4:7E:5D:A2:52:4D:20:31:2D:53:F1:32:CB:E0:2A:BC:75:78:12
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4NR-XaJSTSAxLVPxMsvgKrx1eBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
15:67:71:b7:65:8e:11:fa:92:84:b5:f4:27:38:3e:3e:e1:f4:
74:4a:45:19:26:09:32:3b:37:cf:64:b6:35:1d:19:40:fc:7f:
67:09:81:67:8b:74:fb:05:d5:bb:7a:ae:6a:8e:89:e8:2a:45:
50:c7:60:72:4d:c5:41:6d:cb:b5:4f:82:a9:8e:ca:d1:ba:a3:
a7:1c:c7:8b:3a:df:fc:46:4a:1d:7c:44:d9:77:5f:2c:4e:e2:
85:ec:b7:3e:87:bc:4b:f7:c9:ce:8e:1a:1a:96:62:8e:61:68:
40:bc:80:a5:b9:e6:25:f8:ed:c0:75:75:f7:5b:0c:78:23:1c:
37:cf:04:e4:c3:0e:ce:b8:db:d8:c5:45:b3:cb:3c:f6:c5:91:
b1:84:b3:2d:46:d3:34:6a:b4:82:12:ac:5f:ed:35:ca:98:7c:
c1:05:09:b5:25:35:37:e0:79:d8:69:7e:2d:17:4b:79:cc:66:
3f:9f:4b:c4:10:80:83:22:47:9e:ab:62:5e:13:ec:ef:fe:49:
d0:b7:07:4d:9e:fd:e9:5d:10:65:5e:c8:27:95:5a:d7:55:8c:
72:96:0a:12:c0:df:66:d5:73:23:9f:ac:52:0d:24:24:35:0c:
b0:ff:c7:80:bd:14:b9:92:17:52:22:53:05:66:03:d5:d2:8e:
3d:99:ff:4f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3tfGILQhVRpyUYNcGUaDEVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI4MDIxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGQ0N2U1ZGEyNTI0ZDIwMzEyZDUzZjEzMmNiZTAyYWJjNzU3ODEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjschOpXMXq/BrQbTosTw5Yy3SfFw
wqBtQ4kqtwco1nzruc4MUHYvxNAVkz7E58hKWh0SVbi3IYPoPIVRi0zEfv7Q0AMN
I5C7R+9dc6YximnqHUoqG1nY+JgfPU7PP7CwnErsrSZMFya/+l0La1UPzDyYuq3C
qe+UZ3xG27RQaI9bQq813FGVtBUfsPsDCgzjp6op6IKFxE0Dq1tWA1GbAeNhCnoP
R1MB1vVWqrBXq3J0Ik4i/q0E0XRAss22Z96ne8Ml5NfrXXDObgmqbwHtZrVneaHn
xLXZRKdIvEkA+EWc6gUX8MRqMiKgs5t1dYiWEyHz7E9EaOzws0AE/MNUkwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFODUfl2iUk0gMS1T8TLL4Cq8dXgSMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvNE5SLVhhSlNUU0F4TFZQeE1zdmdLcngxZUJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABVncbdljhH6koS19Cc4
Pj7h9HRKRRkmCTI7N89ktjUdGUD8f2cJgWeLdPsF1bt6rmqOiegqRVDHYHJNxUFt
y7VPgqmOytG6o6ccx4s63/xGSh18RNl3XyxO4oXstz6HvEv3yc6OGhqWYo5haEC8
gKW55iX47cB1dfdbDHgjHDfPBOTDDs6429jFRbPLPPbFkbGEsy1G0zRqtIISrF/t
NcqYfMEFCbUlNTfgedhpfi0XS3nMZj+fS8QQgIMiR56rYl4T7O/+SdC3B02e/eld
EGVeyCeVWtdVjHKWChLA32bVcyOfrFINJCQ1DLD/x4C9FLmSF1IiUwVmA9XSjj2Z
/08=
-----END CERTIFICATE-----
Generated at Wed Feb 28 07:01:11 2024 by rpki-client on console.sobornost.net