Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/8bhRe03bzUWuA2Cep6dgspSY_hY.roa
File: 8bhRe03bzUWuA2Cep6dgspSY_hY.roa (raw, json)
Hash identifier: tozsO7IotMfq/ivKbWuaUW7/WJQzEk7u7HAcRjsONXE=
Subject key identifier: F1:B8:51:7B:4D:DB:CD:45:AE:03:60:9E:A7:A7:60:B2:94:98:FE:16
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E5E9064F23159D83B825F268338EE5EBE
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/8bhRe03bzUWuA2Cep6dgspSY_hY.roa
Signing time: Thu 21 Mar 2024 01:11:45 +0000
ROA not before: Thu 21 Mar 2024 01:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 21 Mar 2024 02:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5e:90:64:f2:31:59:d8:3b:82:5f:26:83:38:ee:5e:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 21 01:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1b8517b4ddbcd45ae03609ea7a760b29498fe16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:75:7e:4d:d1:08:da:b6:a3:e6:fe:05:b7:b2:
c0:f7:9e:91:a6:db:42:c4:a7:db:0d:07:59:5d:df:
e9:d7:ea:a8:c6:ac:fe:5a:cd:ba:25:ef:ca:15:0c:
28:85:7d:a1:da:34:75:9b:78:23:0b:c3:cf:af:01:
af:42:c9:b8:79:6d:11:2a:09:ab:39:09:3e:87:b3:
9f:92:d2:61:56:87:91:ad:1f:d0:34:b0:d8:d3:6c:
99:8b:8d:5c:a6:90:40:4e:c6:76:2d:2d:2f:df:9a:
99:76:6b:cb:0d:5c:08:9c:3c:29:01:3f:0d:46:a1:
48:2f:df:93:94:f4:a8:c5:6b:34:3d:c3:12:5c:1b:
5d:f6:e4:a9:5a:45:fd:f3:ac:f6:b8:67:0c:99:b2:
1d:33:c3:3f:75:8a:cc:59:8b:fa:48:a1:63:58:30:
58:31:4a:d4:0e:a0:9f:4c:38:59:8e:a6:ae:76:1e:
e8:2d:8a:12:1a:db:8a:3a:62:e9:5c:ee:55:91:4a:
45:b1:ca:9e:b6:6e:83:a7:f2:70:ef:f6:24:c6:54:
c2:da:95:92:c7:17:87:73:54:6d:0c:77:27:7a:f1:
f4:d2:49:8f:27:7e:70:bc:14:7b:5f:e1:ac:64:fa:
c7:d0:a7:f8:3d:9f:77:44:68:dc:97:77:42:22:13:
58:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:B8:51:7B:4D:DB:CD:45:AE:03:60:9E:A7:A7:60:B2:94:98:FE:16
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/8bhRe03bzUWuA2Cep6dgspSY_hY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
40:f6:85:50:6b:ef:7e:69:fa:ce:ab:1c:bb:d0:46:39:7e:6c:
8c:51:34:bc:c8:85:98:ce:d0:9b:d0:5d:08:32:9d:2b:3c:a2:
c9:7f:5b:ae:ac:db:00:48:75:18:44:8b:db:fb:c2:52:73:e2:
8e:50:1d:2e:08:51:1f:fc:25:7d:3f:8c:bc:53:c7:cb:5e:3a:
65:db:4f:af:18:c0:95:5d:39:65:88:d8:7a:8a:b2:d7:53:db:
29:28:2e:80:ae:7d:7a:63:33:42:23:d7:b0:79:e8:0c:3f:1b:
4a:76:6c:35:b9:c9:d5:60:d1:87:cd:8c:d3:dd:87:67:18:b3:
46:83:c0:59:0d:12:d9:f7:08:a1:a5:b5:54:6e:a2:83:b3:20:
b2:3c:8e:83:8b:a1:28:45:f1:a6:a9:68:bc:da:63:be:f1:de:
62:b6:31:41:91:69:16:07:2a:27:75:f6:ee:0d:99:1f:e1:5a:
34:d2:34:97:c8:63:bd:39:3c:87:13:e9:01:0d:09:f1:4e:7a:
e5:8c:d5:7b:67:6f:da:b2:98:c5:f1:18:b3:1c:bd:13:90:01:
0a:e7:13:36:09:35:cd:dc:c2:78:6a:84:db:cd:b5:62:1c:bd:
80:37:1d:70:21:49:3f:49:5a:16:9b:cc:5d:53:46:ef:8a:0d:
b2:77:7e:37
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5ekGTyMVnYO4JfJoM47l6+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzIxMDExMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWI4NTE3YjRkZGJjZDQ1YWUwMzYwOWVhN2E3NjBiMjk0OThmZTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnV+TdEI2raj5v4Ft7LA956RpttC
xKfbDQdZXd/p1+qoxqz+Ws26Je/KFQwohX2h2jR1m3gjC8PPrwGvQsm4eW0RKgmr
OQk+h7OfktJhVoeRrR/QNLDY02yZi41cppBATsZ2LS0v35qZdmvLDVwInDwpAT8N
RqFIL9+TlPSoxWs0PcMSXBtd9uSpWkX986z2uGcMmbIdM8M/dYrMWYv6SKFjWDBY
MUrUDqCfTDhZjqaudh7oLYoSGtuKOmLpXO5VkUpFscqetm6Dp/Jw7/YkxlTC2pWS
xxeHc1RtDHcnevH00kmPJ35wvBR7X+GsZPrH0Kf4PZ93RGjcl3dCIhNYpQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPG4UXtN281FrgNgnqenYLKUmP4WMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvOGJoUmUwM2J6VVd1QTJDZXA2ZGdzcFNZX2hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAED2hVBr735p+s6rHLvQ
Rjl+bIxRNLzIhZjO0JvQXQgynSs8osl/W66s2wBIdRhEi9v7wlJz4o5QHS4IUR/8
JX0/jLxTx8teOmXbT68YwJVdOWWI2HqKstdT2ykoLoCufXpjM0Ij17B56Aw/G0p2
bDW5ydVg0YfNjNPdh2cYs0aDwFkNEtn3CKGltVRuooOzILI8joOLoShF8aapaLza
Y77x3mK2MUGRaRYHKid19u4NmR/hWjTSNJfIY705PIcT6QENCfFOeuWM1Xtnb9qy
mMXxGLMcvROQAQrnEzYJNc3cwnhqhNvNtWIcvYA3HXAhST9JWhabzF1TRu+KDbJ3
fjc=
-----END CERTIFICATE-----
Generated at Thu Mar 21 08:08:15 2024 by rpki-client on console.sobornost.net