Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/BOKbF2Me_IvTW265k8D4NKc0OLQ.roa
File: BOKbF2Me_IvTW265k8D4NKc0OLQ.roa (raw, json)
Hash identifier: 0d+7xd7mVm1KrA/fj6FRDmMlBTQo7OwNT6vUU0D9Yuc=
Subject key identifier: 04:E2:9B:17:63:1E:FC:8B:D3:5B:6E:B9:93:C0:F8:34:A7:34:38:B4
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E9FFC229A9254E4E517EB89278081CCF2
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/BOKbF2Me_IvTW265k8D4NKc0OLQ.roa
Signing time: Tue 02 Apr 2024 18:04:44 +0000
ROA not before: Tue 02 Apr 2024 18:04:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
2001:67c:64:ffff:0:18e:9ffb:d715/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 02 Apr 2024 18:12:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9f:fc:22:9a:92:54:e4:e5:17:eb:89:27:80:81:cc:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 2 18:04:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04e29b17631efc8bd35b6eb993c0f834a73438b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:e6:7a:3c:49:28:fc:d3:2c:74:67:77:68:a7:
5d:58:6e:f0:f7:7c:26:67:0c:6b:ad:ee:b8:10:f5:
4b:47:1c:2a:ce:1a:94:9a:34:cc:fe:76:65:59:01:
40:53:30:b6:dd:cd:50:2b:3f:2c:b4:29:db:39:f6:
fb:96:cf:a8:a4:35:f3:17:b2:75:5c:6f:c9:b1:ec:
25:da:1f:38:2d:77:99:69:26:af:be:77:f5:68:0a:
28:be:48:27:9c:aa:a2:d8:69:18:e4:81:35:40:ef:
fb:4d:40:d4:e9:b5:5b:29:b3:77:d1:48:d6:f0:08:
19:02:5b:ad:97:22:9e:a9:9a:39:56:81:f6:c9:12:
84:50:77:81:4f:4c:9b:2a:14:1f:8b:01:99:eb:ee:
32:c2:be:d0:ec:73:02:de:5f:e3:d2:be:f1:1c:be:
5b:4c:41:4a:92:e3:54:7b:e0:b2:80:c2:63:68:59:
dd:68:ce:82:39:ab:78:3a:83:e5:8c:3c:ee:33:b5:
56:8f:8a:a8:78:70:3e:df:f3:10:cb:eb:05:64:57:
66:a3:48:a1:52:bd:ce:17:0e:57:1d:5f:8e:c1:54:
d6:f0:6d:82:53:85:8e:4c:8f:da:18:06:b6:b3:7a:
33:f4:cb:56:f5:f5:b0:22:1a:36:7f:b9:6f:6a:6d:
a3:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:E2:9B:17:63:1E:FC:8B:D3:5B:6E:B9:93:C0:F8:34:A7:34:38:B4
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/BOKbF2Me_IvTW265k8D4NKc0OLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8a:be:87:86:9e:1c:d6:85:eb:22:02:ea:70:4f:13:9b:d6:1e:
1c:69:10:4d:cd:50:e0:36:c2:11:c8:b1:2a:f0:5e:f0:a3:06:
05:b8:59:41:27:d3:75:b1:e9:55:56:79:73:ed:1d:37:ba:2d:
c1:33:df:aa:a7:cf:e6:9e:d9:85:fb:98:96:45:eb:0b:3f:df:
01:09:cb:c9:9e:4a:74:84:aa:ad:f2:8d:10:a4:85:39:9c:5b:
a7:5e:cc:7d:5f:37:15:af:3e:d7:39:4d:46:06:dc:1b:04:46:
03:7e:96:00:e6:8f:7d:ee:b8:3d:7e:fd:9f:e5:91:53:15:d9:
c9:b0:41:55:b9:71:b8:f3:f7:23:ab:11:36:88:75:ad:78:e9:
af:08:41:33:2d:5b:4f:bf:6c:6e:fc:d7:27:86:53:f8:8a:38:
8b:86:6b:8a:65:81:7f:50:8d:df:fb:6a:aa:ce:86:80:45:0e:
50:97:cc:7d:03:f7:94:c3:df:5d:71:d9:98:7b:f4:61:d6:5b:
92:a9:69:35:de:13:b4:0a:bb:12:63:25:f3:79:87:9f:76:1e:
4c:11:c0:85:ff:fa:a2:34:74:9b:a6:84:b9:9b:31:7d:58:41:
35:28:ea:aa:d9:e5:90:28:b6:c6:4f:cd:ca:31:80:d1:6e:2d:
21:a6:18:9c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6f/CKaklTk5RfriSeAgczyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDAyMTgwNDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGUyOWIxNzYzMWVmYzhiZDM1YjZlYjk5M2MwZjgzNGE3MzQzOGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuZ6PEko/NMsdGd3aKddWG7w93wm
Zwxrre64EPVLRxwqzhqUmjTM/nZlWQFAUzC23c1QKz8stCnbOfb7ls+opDXzF7J1
XG/Jsewl2h84LXeZaSavvnf1aAoovkgnnKqi2GkY5IE1QO/7TUDU6bVbKbN30UjW
8AgZAlutlyKeqZo5VoH2yRKEUHeBT0ybKhQfiwGZ6+4ywr7Q7HMC3l/j0r7xHL5b
TEFKkuNUe+CygMJjaFndaM6COat4OoPljDzuM7VWj4qoeHA+3/MQy+sFZFdmo0ih
Ur3OFw5XHV+OwVTW8G2CU4WOTI/aGAa2s3oz9MtW9fWwIho2f7lvam2jJwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFATimxdjHvyL01tuuZPA+DSnNDi0MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvQk9LYkYyTWVfSXZUVzI2NWs4RDROS2MwT0xRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIq+h4aeHNaF6yIC6nBP
E5vWHhxpEE3NUOA2whHIsSrwXvCjBgW4WUEn03Wx6VVWeXPtHTe6LcEz36qnz+ae
2YX7mJZF6ws/3wEJy8meSnSEqq3yjRCkhTmcW6dezH1fNxWvPtc5TUYG3BsERgN+
lgDmj33uuD1+/Z/lkVMV2cmwQVW5cbjz9yOrETaIda146a8IQTMtW0+/bG781yeG
U/iKOIuGa4plgX9Qjd/7aqrOhoBFDlCXzH0D95TD311x2Zh79GHWW5KpaTXeE7QK
uxJjJfN5h592HkwRwIX/+qI0dJumhLmbMX1YQTUo6qrZ5ZAotsZPzcoxgNFuLSGm
GJw=
-----END CERTIFICATE-----
Generated at Wed Apr 3 01:44:28 2024 by rpki-client on console.sobornost.net