Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/BRXVHdgsY-XMO3SJXLpw6luzIPg.roa
File: BRXVHdgsY-XMO3SJXLpw6luzIPg.roa (raw, json)
Hash identifier: 3PlvrorBiDmWpfP/pNcXBPuzQMlMPBEc1QCcZ2oo4JE=
Subject key identifier: 05:15:D5:1D:D8:2C:63:E5:CC:3B:74:89:5C:BA:70:EA:5B:B3:20:F8
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DFB011378D2813F09080085BCD325D47F
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/BRXVHdgsY-XMO3SJXLpw6luzIPg.roa
Signing time: Fri 01 Mar 2024 17:12:48 +0000
ROA not before: Fri 01 Mar 2024 17:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 01 Mar 2024 18:04:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:fb:01:13:78:d2:81:3f:09:08:00:85:bc:d3:25:d4:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 1 17:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0515d51dd82c63e5cc3b74895cba70ea5bb320f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:58:75:c6:76:2c:0e:4f:5c:a5:94:51:44:5c:
28:3c:48:bd:aa:24:55:c8:4f:3f:9b:b4:e1:f6:0b:
a6:10:0b:e7:52:d2:03:76:71:1b:ad:9f:59:39:dd:
c8:3f:f3:ef:d5:4d:5f:26:4c:19:a4:59:89:3a:c1:
6b:ec:78:f5:d7:90:71:0a:e3:7d:84:1b:d2:b4:37:
7d:b6:b0:f1:50:47:ae:72:cb:15:7c:09:d7:8a:f8:
a6:20:46:85:85:c1:50:fe:11:24:68:fe:c5:6f:4c:
a9:40:b5:1a:0f:26:60:ae:11:1f:60:e5:db:10:7d:
83:1c:d3:57:27:97:0f:9e:c7:db:dd:f8:e5:06:4c:
ad:d2:02:0f:d8:91:8e:fb:55:cc:db:b0:5b:09:bf:
a4:18:cf:31:c3:54:09:24:a2:4b:a7:8a:4c:09:01:
c7:f4:cf:9c:d3:c4:07:88:49:6f:8c:92:89:84:76:
66:bf:ca:a1:04:ab:ed:f8:a8:af:9e:ca:f2:0f:9b:
c4:c6:66:9b:a9:58:97:1b:d0:59:27:67:5c:f8:ff:
42:87:8c:d5:b3:c3:20:4c:08:21:32:18:fd:08:8f:
1d:4e:0b:c1:27:10:e0:dc:f9:fa:c8:92:21:89:ef:
5d:4f:cc:13:15:c4:4f:55:38:5e:fd:b2:4e:ff:6b:
00:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:15:D5:1D:D8:2C:63:E5:CC:3B:74:89:5C:BA:70:EA:5B:B3:20:F8
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/BRXVHdgsY-XMO3SJXLpw6luzIPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7a:d7:7b:b3:c0:b5:11:34:f0:6a:c5:b0:d1:6d:8a:6d:d2:7d:
42:98:62:6e:8d:a5:3e:2f:01:0a:1c:a8:01:28:5d:2c:fe:ee:
db:ac:26:a6:64:d7:4d:4c:51:0d:27:d4:fc:da:ca:03:78:2e:
40:c9:5c:5d:09:5a:39:39:78:53:a4:98:ec:f2:55:f4:97:43:
e3:7b:a1:f6:0f:a2:85:f8:4c:77:2e:5b:1e:d1:41:71:39:3d:
b8:68:10:89:0e:b9:d6:6c:b0:1b:e5:04:85:4f:78:dd:95:57:
c5:35:fb:86:e0:ae:ef:7a:0f:d5:e3:3d:ae:eb:f6:3b:41:43:
f0:ff:37:b2:ec:c3:1b:e5:27:23:e2:aa:61:1a:fb:04:65:55:
b5:c9:9b:bc:a3:1e:b1:17:12:67:11:f4:17:e8:d6:d3:dd:ec:
ab:7b:32:82:95:03:02:93:53:49:23:08:a3:34:e9:51:50:43:
21:ec:56:d4:75:70:e1:4d:13:a6:89:66:50:ab:1d:85:a8:92:
ff:3e:60:67:f2:13:3b:94:bd:5a:74:ef:6e:60:f0:64:5d:72:
0d:d8:25:43:6b:69:65:3e:8f:1b:72:f1:10:ad:3a:8c:45:e3:
ac:91:8f:cc:1f:55:c0:56:11:e0:3d:f7:43:bb:4c:8d:74:ed:
d0:97:b1:86
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY37ARN40oE/CQgAhbzTJdR/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzAxMTcxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTE1ZDUxZGQ4MmM2M2U1Y2MzYjc0ODk1Y2JhNzBlYTViYjMyMGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVh1xnYsDk9cpZRRRFwoPEi9qiRV
yE8/m7Th9gumEAvnUtIDdnEbrZ9ZOd3IP/Pv1U1fJkwZpFmJOsFr7Hj115BxCuN9
hBvStDd9trDxUEeucssVfAnXivimIEaFhcFQ/hEkaP7Fb0ypQLUaDyZgrhEfYOXb
EH2DHNNXJ5cPnsfb3fjlBkyt0gIP2JGO+1XM27BbCb+kGM8xw1QJJKJLp4pMCQHH
9M+c08QHiElvjJKJhHZmv8qhBKvt+KivnsryD5vExmabqViXG9BZJ2dc+P9Ch4zV
s8MgTAghMhj9CI8dTgvBJxDg3Pn6yJIhie9dT8wTFcRPVThe/bJO/2sALQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAUV1R3YLGPlzDt0iVy6cOpbsyD4MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvQlJYVkhkZ3NZLVhNTzNTSlhMcHc2bHV6SVBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHrXe7PAtRE08GrFsNFt
im3SfUKYYm6NpT4vAQocqAEoXSz+7tusJqZk101MUQ0n1PzaygN4LkDJXF0JWjk5
eFOkmOzyVfSXQ+N7ofYPooX4THcuWx7RQXE5PbhoEIkOudZssBvlBIVPeN2VV8U1
+4bgru96D9XjPa7r9jtBQ/D/N7LswxvlJyPiqmEa+wRlVbXJm7yjHrEXEmcR9Bfo
1tPd7Kt7MoKVAwKTU0kjCKM06VFQQyHsVtR1cOFNE6aJZlCrHYWokv8+YGfyEzuU
vVp0725g8GRdcg3YJUNraWU+jxty8RCtOoxF46yRj8wfVcBWEeA990O7TI107dCX
sYY=
-----END CERTIFICATE-----
Generated at Sat Mar 2 00:12:44 2024 by rpki-client on console.sobornost.net