Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/CGr76RSh5MXSUAcsB9Qesp0NauA.roa
File: CGr76RSh5MXSUAcsB9Qesp0NauA.roa (raw, json)
Hash identifier: aW6dJ66a3KvXjpI1lG/mquD0NIl09OFwy/hPtOMRE2M=
Subject key identifier: 08:6A:FB:E9:14:A1:E4:C5:D2:50:07:2C:07:D4:1E:B2:9D:0D:6A:E0
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E118BD8217DCAA4C0A35435C03344CAF8
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/CGr76RSh5MXSUAcsB9Qesp0NauA.roa
Signing time: Wed 06 Mar 2024 02:16:01 +0000
ROA not before: Wed 06 Mar 2024 02:16:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 06 Mar 2024 03:05:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:11:8b:d8:21:7d:ca:a4:c0:a3:54:35:c0:33:44:ca:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 6 02:16:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=086afbe914a1e4c5d250072c07d41eb29d0d6ae0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:9a:4f:53:53:d9:a9:a6:85:2a:13:38:60:bb:
20:87:fb:6d:af:fa:f6:d0:5c:fc:dd:b6:17:b3:17:
6e:13:41:c1:d7:f6:70:2c:14:36:1b:06:0a:90:45:
d3:17:19:f8:b4:83:c6:7b:20:84:45:1a:9f:c5:57:
d1:04:3f:9c:98:67:32:56:36:9e:5c:25:21:be:17:
83:27:cb:d1:db:92:e7:47:63:fe:8d:5a:08:e8:8d:
23:04:26:79:7b:a4:41:07:88:65:6f:a5:b1:0e:cb:
c8:89:23:08:56:fd:39:9f:dc:60:98:00:43:89:f6:
48:8f:6b:85:c3:98:a0:f4:97:df:bb:58:77:63:90:
0b:23:30:f4:4f:4f:1c:ac:a3:26:2c:df:f5:9b:b9:
f6:ee:08:b3:dd:0f:37:cb:82:46:d9:c2:6a:70:94:
99:f9:56:64:30:f2:b4:17:a2:03:a0:ac:db:3d:3c:
2f:72:5e:02:e5:ed:17:cc:bf:ad:52:7a:8d:d9:da:
56:dd:d9:b3:53:e2:03:92:7d:8d:b1:b1:7a:8e:e0:
5d:da:2f:16:d9:78:c8:b9:44:86:81:b0:28:14:2f:
12:7d:50:74:4d:22:2f:ed:a9:83:7e:47:f6:76:eb:
e4:58:91:86:e8:57:50:cb:3f:33:e0:1c:63:f9:44:
40:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:6A:FB:E9:14:A1:E4:C5:D2:50:07:2C:07:D4:1E:B2:9D:0D:6A:E0
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/CGr76RSh5MXSUAcsB9Qesp0NauA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
18:c2:60:03:54:c4:15:dc:fb:bc:52:e4:78:ca:95:1e:51:66:
5a:88:a3:d3:5a:bf:48:ec:ec:f6:4c:5b:78:e6:b6:b5:44:2b:
02:f4:2e:b7:13:a1:e7:f3:52:6c:91:39:f6:87:8b:ae:3b:93:
12:27:f7:71:e8:98:5c:0f:5a:a2:c9:aa:50:47:5c:ea:91:7e:
17:41:b2:68:f3:f8:ad:7d:a7:ae:88:43:0a:40:e4:d8:d1:c1:
9a:c9:a9:7b:b6:73:5a:59:12:ca:5b:4c:4a:ac:b0:3f:50:f1:
ae:8f:50:a5:35:90:8a:23:9a:75:37:30:fb:86:f0:76:97:4a:
17:ac:30:e8:f1:62:ed:8e:7c:a3:bd:05:bc:73:50:b2:6a:44:
6e:fa:75:7a:1b:49:75:c6:2e:5e:9b:2a:c2:2e:21:8d:38:19:
05:c7:33:87:7c:9b:8c:ff:14:e8:37:7c:48:cc:6a:be:e3:58:
44:51:b4:d9:ca:1b:02:df:ef:03:f5:92:87:3b:bb:a4:2c:70:
9c:e9:71:35:66:fb:97:1d:b6:38:96:17:d8:19:18:20:d9:e2:
bc:3f:31:cb:81:95:df:22:a3:b2:3b:45:d9:4f:82:e1:9d:4e:
6a:88:6d:26:5b:a3:ce:83:f3:65:ca:04:93:8a:25:8c:74:d8:
d0:a1:31:91
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4Ri9ghfcqkwKNUNcAzRMr4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA2MDIxNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODZhZmJlOTE0YTFlNGM1ZDI1MDA3MmMwN2Q0MWViMjlkMGQ2YWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJpPU1PZqaaFKhM4YLsgh/ttr/r2
0Fz83bYXsxduE0HB1/ZwLBQ2GwYKkEXTFxn4tIPGeyCERRqfxVfRBD+cmGcyVjae
XCUhvheDJ8vR25LnR2P+jVoI6I0jBCZ5e6RBB4hlb6WxDsvIiSMIVv05n9xgmABD
ifZIj2uFw5ig9Jffu1h3Y5ALIzD0T08crKMmLN/1m7n27giz3Q83y4JG2cJqcJSZ
+VZkMPK0F6IDoKzbPTwvcl4C5e0XzL+tUnqN2dpW3dmzU+IDkn2NsbF6juBd2i8W
2XjIuUSGgbAoFC8SfVB0TSIv7amDfkf2duvkWJGG6FdQyz8z4Bxj+URA8QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAhq++kUoeTF0lAHLAfUHrKdDWrgMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvQ0dyNzZSU2g1TVhTVUFjc0I5UWVzcDBOYXVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABjCYANUxBXc+7xS5HjK
lR5RZlqIo9Nav0js7PZMW3jmtrVEKwL0LrcToefzUmyROfaHi647kxIn93HomFwP
WqLJqlBHXOqRfhdBsmjz+K19p66IQwpA5NjRwZrJqXu2c1pZEspbTEqssD9Q8a6P
UKU1kIojmnU3MPuG8HaXShesMOjxYu2OfKO9BbxzULJqRG76dXobSXXGLl6bKsIu
IY04GQXHM4d8m4z/FOg3fEjMar7jWERRtNnKGwLf7wP1koc7u6QscJzpcTVm+5cd
tjiWF9gZGCDZ4rw/McuBld8io7I7RdlPguGdTmqIbSZbo86D82XKBJOKJYx02NCh
MZE=
-----END CERTIFICATE-----
Generated at Wed Mar 6 07:52:21 2024 by rpki-client on console.sobornost.net