Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/63lVH1vQwcKIyv9S6mBOVXPj-Ro.roa
File: 63lVH1vQwcKIyv9S6mBOVXPj-Ro.roa (raw, json)
Hash identifier: ZqYu3qP8denTc57T1r6tVs2YjRwIsNtnXRoqc8gkUZU=
Subject key identifier: EB:79:55:1F:5B:D0:C1:C2:88:CA:FF:52:EA:60:4E:55:73:E3:F9:1A
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DEFD8A1BB3CF5258895DD4F75514EAF98
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/63lVH1vQwcKIyv9S6mBOVXPj-Ro.roa
Signing time: Wed 28 Feb 2024 13:12:48 +0000
ROA not before: Wed 28 Feb 2024 13:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 28 Feb 2024 14:04:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ef:d8:a1:bb:3c:f5:25:88:95:dd:4f:75:51:4e:af:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 28 13:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eb79551f5bd0c1c288caff52ea604e5573e3f91a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:54:a9:c3:26:f6:5f:04:1f:89:81:98:68:01:
e2:20:15:c4:4c:ef:5b:48:67:3d:1d:19:0c:34:85:
e1:da:4d:76:ec:d5:a5:b4:99:9e:32:7d:dd:6f:3a:
7a:a9:9a:3b:e9:5c:ef:17:16:c3:30:5e:92:5d:fa:
e2:81:f4:45:d9:a3:7b:d6:fa:11:f6:07:67:a8:c8:
1a:03:c7:10:04:a0:9e:a6:de:19:9b:e9:79:a6:25:
8c:17:6d:dc:39:5b:c5:30:b3:4e:3e:3a:58:48:99:
cf:76:08:5a:7f:a8:0d:26:e6:68:37:21:43:94:a2:
4e:be:79:35:43:8e:83:b6:6c:27:e6:ec:42:cf:9b:
91:8b:a3:9c:28:34:64:07:27:4c:86:fb:85:e6:dd:
f3:66:e3:9c:04:74:7f:75:dc:2b:f8:fd:0f:64:35:
7a:4d:a2:58:85:08:f2:4a:d0:52:b4:e3:60:a4:55:
82:24:8a:84:38:61:d5:c0:42:db:a9:c2:be:ca:f1:
36:9a:b6:31:0e:25:4d:bd:11:17:74:15:3e:05:29:
cb:73:4d:85:a6:ce:a9:4b:38:50:48:aa:4c:17:10:
85:12:d7:df:f0:6b:93:48:d6:e5:54:4e:ea:13:9c:
aa:c4:e2:63:2d:4c:7d:28:2f:f6:69:0e:65:fb:a8:
f3:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:79:55:1F:5B:D0:C1:C2:88:CA:FF:52:EA:60:4E:55:73:E3:F9:1A
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/63lVH1vQwcKIyv9S6mBOVXPj-Ro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
55:90:6f:36:f0:7d:f3:24:2a:58:ae:3d:d2:cb:72:d7:5e:20:
dc:97:e4:d8:5d:c1:77:08:5a:08:24:cd:67:e0:33:3c:53:0a:
bd:a6:75:d2:e6:64:09:ef:7c:3b:91:80:84:23:49:82:f7:4c:
c6:18:f3:0d:52:a1:32:4e:55:87:37:02:f0:30:ec:7d:9f:0f:
f1:c9:e5:3b:9a:d9:d8:bb:38:7c:af:3b:ab:55:70:86:b5:68:
93:ef:4d:4c:6f:38:16:32:af:33:2e:a5:b9:96:98:cf:22:c0:
91:7d:31:c3:f2:45:32:c4:b8:c8:0d:79:6d:8c:d0:26:9f:30:
28:b1:07:dd:d1:d3:78:4c:03:f3:5c:72:f3:f6:38:30:bc:bf:
bb:64:2f:62:98:57:21:5b:f9:86:32:6b:c2:5e:e6:41:79:3f:
8d:07:a9:f7:98:0f:2b:4e:05:27:3f:3a:8a:97:03:ff:1d:89:
e3:f0:87:65:42:ad:49:45:1f:5c:bd:a6:08:9f:54:6a:c0:5e:
04:e7:c3:4d:a6:de:18:11:fa:af:aa:62:7b:be:5b:16:e8:df:
f2:9e:78:bd:52:2a:72:6e:c3:2b:6a:79:15:da:b6:67:7f:b7:
42:1a:59:4f:44:3a:72:23:cc:f6:c9:3e:20:a4:7d:08:1e:06:
d6:86:64:d7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3v2KG7PPUliJXdT3VRTq+YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI4MTMxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjc5NTUxZjViZDBjMWMyODhjYWZmNTJlYTYwNGU1NTczZTNmOTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFSpwyb2XwQfiYGYaAHiIBXETO9b
SGc9HRkMNIXh2k127NWltJmeMn3dbzp6qZo76VzvFxbDMF6SXfrigfRF2aN71voR
9gdnqMgaA8cQBKCept4Zm+l5piWMF23cOVvFMLNOPjpYSJnPdghaf6gNJuZoNyFD
lKJOvnk1Q46Dtmwn5uxCz5uRi6OcKDRkBydMhvuF5t3zZuOcBHR/ddwr+P0PZDV6
TaJYhQjyStBStONgpFWCJIqEOGHVwELbqcK+yvE2mrYxDiVNvREXdBU+BSnLc02F
ps6pSzhQSKpMFxCFEtff8GuTSNblVE7qE5yqxOJjLUx9KC/2aQ5l+6jzFwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOt5VR9b0MHCiMr/UupgTlVz4/kaMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvNjNsVkgxdlF3Y0tJeXY5UzZtQk9WWFBqLVJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFWQbzbwffMkKliuPdLL
ctdeINyX5NhdwXcIWggkzWfgMzxTCr2mddLmZAnvfDuRgIQjSYL3TMYY8w1SoTJO
VYc3AvAw7H2fD/HJ5Tua2di7OHyvO6tVcIa1aJPvTUxvOBYyrzMupbmWmM8iwJF9
McPyRTLEuMgNeW2M0CafMCixB93R03hMA/NccvP2ODC8v7tkL2KYVyFb+YYya8Je
5kF5P40HqfeYDytOBSc/OoqXA/8diePwh2VCrUlFH1y9pgifVGrAXgTnw02m3hgR
+q+qYnu+Wxbo3/KeeL1SKnJuwytqeRXatmd/t0IaWU9EOnIjzPbJPiCkfQgeBtaG
ZNc=
-----END CERTIFICATE-----
Generated at Wed Feb 28 19:48:54 2024 by rpki-client on console.sobornost.net