Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4j8sE8l55173addlMIo_GPnFRpw.roa
File: 4j8sE8l55173addlMIo_GPnFRpw.roa (raw, json)
Hash identifier: fFKvh24dhB5L6k7q5v7wYPwbnHQ3Fn5lMFDavjLXRac=
Subject key identifier: E2:3F:2C:13:C9:79:E7:5E:F7:69:D7:65:30:8A:3F:18:F9:C5:46:9C
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E39A73D335D6B77408ACAF5782D8EA2E6
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4j8sE8l55173addlMIo_GPnFRpw.roa
Signing time: Wed 13 Mar 2024 21:10:45 +0000
ROA not before: Wed 13 Mar 2024 21:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 13 Mar 2024 22:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:39:a7:3d:33:5d:6b:77:40:8a:ca:f5:78:2d:8e:a2:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 13 21:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e23f2c13c979e75ef769d765308a3f18f9c5469c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:95:a9:1c:2c:c9:7b:b7:15:90:a7:c2:93:ee:
3e:21:b3:b3:07:f3:13:99:cb:eb:c5:da:21:19:a5:
4f:1f:29:a4:7d:8f:73:86:ac:38:e0:d3:61:e1:1b:
6d:3e:10:be:e8:0e:cc:80:d7:0d:7e:f7:85:f1:94:
c3:e8:f4:59:58:48:48:a9:75:ea:7f:9f:b8:94:4f:
74:41:c0:95:f0:b3:a6:ff:3e:53:4f:5d:e9:3b:3f:
cc:f6:be:f1:c4:a9:e4:2e:fb:9d:8e:62:b4:22:e6:
fa:ed:cd:e4:eb:c4:dc:5b:90:28:6e:f0:4c:92:b5:
1a:f6:ed:b3:70:58:68:c7:a4:91:2d:74:b3:ae:72:
81:8f:3a:39:53:a6:32:b6:11:c7:fb:b8:f8:a8:65:
c2:34:11:0b:55:0e:a8:5e:95:be:c0:2f:56:f0:78:
97:69:cd:da:59:83:1a:ed:c5:df:62:67:2b:80:f5:
73:5c:69:a7:f8:08:05:9b:68:16:3c:13:90:98:94:
0b:fb:60:03:8e:0a:83:7c:78:38:4a:2d:36:cb:40:
b5:ba:1f:2a:f7:bf:2b:54:81:c1:89:23:c5:8f:8c:
63:f9:ef:83:bf:79:9e:a1:64:20:10:f6:56:fd:23:
2a:78:1e:0e:a3:dc:b7:74:9e:17:8f:01:7c:2b:a0:
49:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:3F:2C:13:C9:79:E7:5E:F7:69:D7:65:30:8A:3F:18:F9:C5:46:9C
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4j8sE8l55173addlMIo_GPnFRpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
19:3f:f7:9f:04:47:d1:c2:3e:81:48:7d:06:78:9e:07:28:ff:
78:71:d7:a6:78:44:2b:7d:f5:36:7f:35:99:06:8b:88:8b:b9:
63:b6:b5:e3:b4:37:3f:72:63:ce:ab:6b:2a:d8:cd:09:60:86:
0f:10:70:6e:62:3a:7e:72:4e:16:54:a7:f2:db:5d:21:46:93:
95:d8:bb:7b:ad:c2:ca:45:69:87:ba:67:e5:92:75:c5:4d:3a:
cb:92:9f:50:fc:c7:2f:2f:ec:dd:b6:3a:b2:6e:86:23:1a:c0:
fc:a5:dd:8c:90:71:b8:af:b2:e7:2b:29:72:2a:76:29:ed:87:
19:a6:ca:60:8b:2a:e5:e5:62:d9:4e:d9:44:7a:cf:80:ca:12:
cf:7b:f2:5d:3b:70:f9:7b:f3:c1:7f:90:96:07:41:50:93:26:
94:13:c3:8a:4d:6d:14:bb:6e:c3:f6:94:17:3a:71:5e:b0:60:
26:e5:b9:d8:aa:18:10:8f:5c:6b:42:c1:e5:2c:4a:0f:de:a1:
e0:dc:9e:54:56:37:47:c2:87:d0:0e:73:ea:cf:8c:5f:a5:94:
fa:50:bc:0a:8a:5c:cb:2d:bc:67:22:90:25:1b:ab:57:5a:29:
6b:ba:29:6c:9e:e2:d1:3e:bd:6b:30:cc:59:6e:b5:52:8f:d9:
3a:f5:50:9c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY45pz0zXWt3QIrK9XgtjqLmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzEzMjExMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjNmMmMxM2M5NzllNzVlZjc2OWQ3NjUzMDhhM2YxOGY5YzU0NjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJWpHCzJe7cVkKfCk+4+IbOzB/MT
mcvrxdohGaVPHymkfY9zhqw44NNh4RttPhC+6A7MgNcNfveF8ZTD6PRZWEhIqXXq
f5+4lE90QcCV8LOm/z5TT13pOz/M9r7xxKnkLvudjmK0Iub67c3k68TcW5AobvBM
krUa9u2zcFhox6SRLXSzrnKBjzo5U6YythHH+7j4qGXCNBELVQ6oXpW+wC9W8HiX
ac3aWYMa7cXfYmcrgPVzXGmn+AgFm2gWPBOQmJQL+2ADjgqDfHg4Si02y0C1uh8q
978rVIHBiSPFj4xj+e+Dv3meoWQgEPZW/SMqeB4Oo9y3dJ4XjwF8K6BJuQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOI/LBPJeede92nXZTCKPxj5xUacMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvNGo4c0U4bDU1MTczYWRkbE1Jb19HUG5GUnB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABk/958ER9HCPoFIfQZ4
ngco/3hx16Z4RCt99TZ/NZkGi4iLuWO2teO0Nz9yY86rayrYzQlghg8QcG5iOn5y
ThZUp/LbXSFGk5XYu3utwspFaYe6Z+WSdcVNOsuSn1D8xy8v7N22OrJuhiMawPyl
3YyQcbivsucrKXIqdinthxmmymCLKuXlYtlO2UR6z4DKEs978l07cPl788F/kJYH
QVCTJpQTw4pNbRS7bsP2lBc6cV6wYCbludiqGBCPXGtCweUsSg/eoeDcnlRWN0fC
h9AOc+rPjF+llPpQvAqKXMstvGcikCUbq1daKWu6KWye4tE+vWswzFlutVKP2Tr1
UJw=
-----END CERTIFICATE-----
Generated at Thu Mar 14 05:55:29 2024 by rpki-client on console.sobornost.net