Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9c2gcZnKlVSEhxMtYP7lA7gCHA4.roa
File: 9c2gcZnKlVSEhxMtYP7lA7gCHA4.roa (raw, json)
Hash identifier: xhmgpUXllVSUnOfdJ8aDQrpI9sK9SNizBoDItx2cWGY=
Subject key identifier: F5:CD:A0:71:99:CA:95:54:84:87:13:2D:60:FE:E5:03:B8:02:1C:0E
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018ECC0015D68C223B5784ECF3D67F6402A9
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9c2gcZnKlVSEhxMtYP7lA7gCHA4.roa
Signing time: Thu 11 Apr 2024 07:12:21 +0000
ROA not before: Thu 11 Apr 2024 07:12:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 11 Apr 2024 08:05:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cc:00:15:d6:8c:22:3b:57:84:ec:f3:d6:7f:64:02:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 11 07:12:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5cda07199ca95548487132d60fee503b8021c0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:91:bb:a9:0d:8e:63:32:e8:eb:00:06:b4:33:
ca:f2:f2:ad:5d:d3:f8:78:13:ec:72:d4:3b:ac:1d:
f1:fb:6e:f8:a0:03:2d:36:de:1d:5b:ee:08:c2:34:
e9:f9:d7:1d:c3:66:73:32:47:e4:d2:dc:c9:2e:60:
00:e7:24:80:00:b6:a4:d9:3f:d5:6f:74:6a:11:b6:
37:2b:df:1e:0b:29:77:5b:28:ad:cf:85:ee:4e:c0:
1b:a5:28:8d:54:ea:58:db:ee:98:89:3a:e1:23:b8:
b8:b0:2f:ac:7d:70:c9:24:80:db:f0:4b:54:c2:e7:
bf:22:e3:79:2f:dd:50:dd:38:f5:00:68:a7:d3:fb:
1c:35:75:f7:e4:33:f9:0b:09:30:df:d5:96:5c:e9:
43:e2:f6:c9:fd:6c:77:f1:83:d8:99:01:59:16:b9:
2f:35:b7:0a:26:55:0f:b4:de:ac:32:eb:76:b3:c3:
6f:48:2f:09:74:02:9e:69:be:ff:91:e3:4f:8c:c9:
8f:8b:9f:77:78:50:ee:96:39:f8:22:23:b7:d0:6c:
5d:94:0e:a6:a9:4c:37:cf:f2:4c:fe:7c:b8:e5:e8:
ec:62:2e:dd:7e:74:33:91:0a:d4:84:c8:7d:01:4f:
22:b9:88:5e:5d:5e:38:52:09:2c:d1:31:82:f8:a7:
8f:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:CD:A0:71:99:CA:95:54:84:87:13:2D:60:FE:E5:03:B8:02:1C:0E
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9c2gcZnKlVSEhxMtYP7lA7gCHA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0c:fd:bc:23:1a:8d:63:93:a3:7c:f2:82:aa:1d:44:73:e9:95:
12:64:3b:65:6b:62:f3:c6:da:a2:e5:fd:4c:04:20:18:af:5d:
d4:a0:d3:e3:a6:ff:23:20:82:45:88:61:58:cf:98:bd:e0:fa:
66:9a:26:59:51:6d:36:7d:49:eb:87:12:6f:4b:e2:34:d3:2f:
4e:7c:3f:89:a3:55:9a:8e:de:49:59:69:b5:79:f0:60:08:e7:
70:f5:25:7e:0f:6b:f8:3b:b8:61:7d:e6:26:3f:c3:d1:98:ed:
b1:20:6f:b2:16:a7:97:2e:24:b4:ca:7a:6e:6a:96:22:b7:ff:
fd:7f:6d:4f:5a:98:c0:2b:04:92:d3:b6:f4:79:5d:31:20:63:
31:d6:1c:7d:5c:01:43:d8:cf:24:27:8a:b6:a1:0f:9e:66:1b:
6e:fb:cb:36:54:4f:34:13:19:33:ae:0b:e3:c2:a0:09:88:e3:
63:44:86:2e:5e:c8:2b:5a:a9:fb:23:6d:fe:39:49:24:47:56:
0b:d9:e9:13:80:75:cd:f2:56:13:d0:04:7f:99:d8:b7:69:77:
50:f2:53:a2:32:9e:d6:85:c6:d4:09:e4:75:88:55:ac:f1:26:
94:88:e3:d6:07:4f:a7:27:75:ef:8d:c3:80:33:fc:0a:d8:a2:
e9:0d:38:ce
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7MABXWjCI7V4Ts89Z/ZAKpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDExMDcxMjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWNkYTA3MTk5Y2E5NTU0ODQ4NzEzMmQ2MGZlZTUwM2I4MDIxYzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZG7qQ2OYzLo6wAGtDPK8vKtXdP4
eBPsctQ7rB3x+274oAMtNt4dW+4IwjTp+dcdw2ZzMkfk0tzJLmAA5ySAALak2T/V
b3RqEbY3K98eCyl3Wyitz4XuTsAbpSiNVOpY2+6YiTrhI7i4sC+sfXDJJIDb8EtU
wue/IuN5L91Q3Tj1AGin0/scNXX35DP5Cwkw39WWXOlD4vbJ/Wx38YPYmQFZFrkv
NbcKJlUPtN6sMut2s8NvSC8JdAKeab7/keNPjMmPi593eFDuljn4IiO30GxdlA6m
qUw3z/JM/ny45ejsYi7dfnQzkQrUhMh9AU8iuYheXV44Ugks0TGC+KePFwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPXNoHGZypVUhIcTLWD+5QO4AhwOMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvOWMyZ2NabktsVlNFaHhNdFlQN2xBN2dDSEE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAz9vCMajWOTo3zygqod
RHPplRJkO2VrYvPG2qLl/UwEIBivXdSg0+Om/yMggkWIYVjPmL3g+maaJllRbTZ9
SeuHEm9L4jTTL058P4mjVZqO3klZabV58GAI53D1JX4Pa/g7uGF95iY/w9GY7bEg
b7IWp5cuJLTKem5qliK3//1/bU9amMArBJLTtvR5XTEgYzHWHH1cAUPYzyQnirah
D55mG277yzZUTzQTGTOuC+PCoAmI42NEhi5eyCtaqfsjbf45SSRHVgvZ6ROAdc3y
VhPQBH+Z2Ldpd1DyU6IyntaFxtQJ5HWIVazxJpSI49YHT6cnde+Nw4Az/ArYoukN
OM4=
-----END CERTIFICATE-----
Generated at Thu Apr 11 14:03:42 2024 by rpki-client on console.sobornost.net