Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/5ECCq9QjLRAgI5bz8iANZednB4k.roa
File: 5ECCq9QjLRAgI5bz8iANZednB4k.roa (raw, json)
Hash identifier: iCQ0rKYmpp1w7SgM0kwqOoHeuAQy89Vc9ksc/fZO47o=
Subject key identifier: E4:40:82:AB:D4:23:2D:10:20:23:96:F3:F2:20:0D:65:E7:67:07:89
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EA4BA20393FF6325AD7184536FA139B55
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/5ECCq9QjLRAgI5bz8iANZednB4k.roa
Signing time: Wed 03 Apr 2024 16:10:45 +0000
ROA not before: Wed 03 Apr 2024 16:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 03 Apr 2024 17:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a4:ba:20:39:3f:f6:32:5a:d7:18:45:36:fa:13:9b:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 3 16:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e44082abd4232d10202396f3f2200d65e7670789
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:77:0b:74:69:ed:68:31:4f:fb:36:12:44:a0:
12:df:69:85:0b:75:6c:9d:4d:ce:cf:5c:36:fe:b7:
90:1d:c7:5d:04:84:dc:aa:ad:fa:72:00:5f:73:dc:
a5:b4:47:7e:66:6d:98:da:ca:c2:fe:91:d6:d9:f5:
10:1f:f3:aa:64:40:dd:e7:8f:b9:b7:62:15:66:ca:
d4:da:cd:f8:4c:17:b4:80:1a:fb:3f:00:7e:69:39:
4c:14:e3:dc:a9:30:e4:37:62:84:20:e0:9c:21:23:
cf:fa:24:cb:5e:86:a0:7e:7b:ba:a2:e4:86:a5:93:
28:7e:e4:ca:f2:3d:51:69:b7:f3:bc:17:69:3d:3b:
c9:df:88:be:a2:91:a9:82:e7:eb:b7:3a:1d:2c:d3:
fa:07:b1:b2:17:dd:5b:5a:3f:ef:57:67:76:ed:cf:
81:6d:6b:fc:1a:a5:cb:58:13:c4:69:5f:f2:43:07:
d4:50:e9:e1:b1:4c:ed:c7:23:0a:8b:12:13:59:5f:
f2:7f:e8:14:a4:2b:d2:73:81:20:8a:be:d0:a8:b8:
9d:e9:6f:82:af:22:3c:7c:09:6b:3a:6c:e3:b7:9f:
33:99:92:14:f2:7e:26:11:54:22:c8:2b:1f:30:1d:
5f:ac:fd:80:df:18:72:21:d2:eb:20:dd:5c:73:35:
77:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:40:82:AB:D4:23:2D:10:20:23:96:F3:F2:20:0D:65:E7:67:07:89
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/5ECCq9QjLRAgI5bz8iANZednB4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
01:f0:3c:a1:ac:d5:6b:75:5b:8e:fd:84:36:24:61:d6:f4:06:
09:76:32:c1:fe:0b:0a:61:21:76:6d:d1:33:4a:3c:42:a5:d3:
db:9a:8c:e6:d8:cf:ff:d9:97:f2:2a:ff:25:d1:8c:03:31:e5:
de:b9:4c:36:98:d6:f0:f5:3e:0a:83:c7:fa:88:97:f8:4b:40:
2c:ae:c5:a6:b2:e8:2c:97:36:ca:30:09:cc:7e:c4:4a:96:5e:
99:87:e1:50:62:25:13:db:8a:03:b5:97:b4:08:26:26:24:0f:
4e:4d:fb:9a:3f:ff:41:95:f1:60:fd:e9:27:86:7a:d2:e2:95:
c6:f1:d0:1f:21:71:bb:ca:0a:43:d0:5b:01:b6:a3:0e:20:5d:
17:9d:5b:34:23:3e:cc:41:8e:53:42:cb:bc:af:91:45:59:53:
46:3d:e4:11:be:45:76:b5:53:00:75:ab:c4:ca:94:b6:40:ef:
0f:51:9b:af:2d:86:a3:d3:cd:56:67:b3:5f:20:61:63:5d:1e:
e8:d0:94:f7:a3:62:d3:a8:c5:e1:9b:21:47:16:f3:5b:99:a8:
37:f1:da:8f:12:07:df:91:67:88:ea:94:cc:b1:9d:a8:26:7c:
42:54:4b:0b:b9:8f:7e:84:70:1b:9d:44:e0:21:81:50:f1:33:
cd:46:3e:66
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6kuiA5P/YyWtcYRTb6E5tVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDAzMTYxMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDQwODJhYmQ0MjMyZDEwMjAyMzk2ZjNmMjIwMGQ2NWU3NjcwNzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkncLdGntaDFP+zYSRKAS32mFC3Vs
nU3Oz1w2/reQHcddBITcqq36cgBfc9yltEd+Zm2Y2srC/pHW2fUQH/OqZEDd54+5
t2IVZsrU2s34TBe0gBr7PwB+aTlMFOPcqTDkN2KEIOCcISPP+iTLXoagfnu6ouSG
pZMofuTK8j1RabfzvBdpPTvJ34i+opGpgufrtzodLNP6B7GyF91bWj/vV2d27c+B
bWv8GqXLWBPEaV/yQwfUUOnhsUztxyMKixITWV/yf+gUpCvSc4Egir7QqLid6W+C
ryI8fAlrOmzjt58zmZIU8n4mEVQiyCsfMB1frP2A3xhyIdLrIN1cczV30wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFORAgqvUIy0QICOW8/IgDWXnZweJMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvNUVDQ3E5UWpMUkFnSTViejhpQU5aZWRuQjRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAHwPKGs1Wt1W479hDYk
Ydb0Bgl2MsH+CwphIXZt0TNKPEKl09uajObYz//Zl/Iq/yXRjAMx5d65TDaY1vD1
PgqDx/qIl/hLQCyuxaay6CyXNsowCcx+xEqWXpmH4VBiJRPbigO1l7QIJiYkD05N
+5o//0GV8WD96SeGetLilcbx0B8hcbvKCkPQWwG2ow4gXRedWzQjPsxBjlNCy7yv
kUVZU0Y95BG+RXa1UwB1q8TKlLZA7w9Rm68thqPTzVZns18gYWNdHujQlPejYtOo
xeGbIUcW81uZqDfx2o8SB9+RZ4jqlMyxnagmfEJUSwu5j36EcBudROAhgVDxM81G
PmY=
-----END CERTIFICATE-----
Generated at Wed Apr 3 23:51:53 2024 by rpki-client on console.sobornost.net