Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/CW6OrIHoaX6sSnnjmaUxD8RGrz8.roa
File: CW6OrIHoaX6sSnnjmaUxD8RGrz8.roa (raw, json)
Hash identifier: DyaFiYgjq3ttEwiPCLCtpeSK/jOBmRJ6m9o2w0IEpPw=
Subject key identifier: 09:6E:8E:AC:81:E8:69:7E:AC:4A:79:E3:99:A5:31:0F:C4:46:AF:3F
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E69449179D244D044F9C12A33323D70EB
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/CW6OrIHoaX6sSnnjmaUxD8RGrz8.roa
Signing time: Sat 23 Mar 2024 03:04:45 +0000
ROA not before: Sat 23 Mar 2024 03:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:6944:58de/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 23 Mar 2024 03:10:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:69:44:91:79:d2:44:d0:44:f9:c1:2a:33:32:3d:70:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 23 03:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=096e8eac81e8697eac4a79e399a5310fc446af3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:84:d1:48:a1:a4:ab:81:c3:20:cf:9a:7e:a1:
d3:4d:5c:d2:06:4c:c7:9e:69:30:33:aa:3b:f8:4f:
47:1b:0c:a5:e2:4b:47:6b:2d:05:a4:30:91:ae:1b:
cf:67:a8:e6:8b:b1:33:13:c5:84:ec:03:0d:50:50:
28:e9:ce:09:da:d1:61:76:87:b2:19:e6:a9:7b:d8:
e1:eb:5a:64:1e:15:30:6e:c7:64:d2:f9:16:ee:59:
47:16:65:4e:e0:ab:14:d7:f7:f3:50:00:3d:fa:5b:
49:38:59:b9:39:66:73:83:9a:c3:6c:87:a4:f2:c6:
52:0c:c3:16:c3:af:d9:24:0a:6a:19:7f:d6:33:02:
bb:85:d2:48:f0:2e:77:1f:e3:46:cf:84:33:53:fb:
c5:7b:fc:9c:4c:e6:b9:ec:f7:6e:c9:1c:06:d1:c0:
f7:ec:34:c3:19:44:69:1a:11:9c:02:39:6c:91:d1:
cd:6b:5d:25:5d:d9:24:83:ef:8a:eb:30:26:15:03:
5e:28:c2:13:3b:f5:a8:4a:a0:0f:ed:94:47:33:02:
84:66:77:0a:f4:96:8f:3a:e4:5a:d1:b2:2b:29:08:
cf:07:a1:c2:ed:b4:e4:60:6a:54:30:2f:27:de:9c:
54:2a:ec:3c:dc:04:3a:6d:26:3d:a7:92:c3:a5:8c:
bc:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:6E:8E:AC:81:E8:69:7E:AC:4A:79:E3:99:A5:31:0F:C4:46:AF:3F
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/CW6OrIHoaX6sSnnjmaUxD8RGrz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
32:69:36:7f:33:af:89:6a:41:fe:32:4b:5a:4e:43:23:11:a6:
c9:12:5e:5b:d1:0f:83:f4:dd:63:27:e0:3e:83:8b:d1:21:4d:
08:b2:55:1d:f2:de:05:4d:b0:45:37:15:0e:fa:24:c8:9d:e0:
f8:67:51:53:4c:8c:47:05:7f:c9:8a:6c:bc:6e:6e:f4:12:32:
d8:b5:99:af:fb:7c:4e:86:25:59:ad:36:f8:64:25:00:20:a0:
81:22:96:c1:00:89:04:71:c8:c3:c2:7a:99:3e:aa:5a:1d:7e:
4c:07:1b:68:10:df:d0:a5:d4:51:2e:3b:54:2b:06:4e:6e:92:
2d:86:87:c3:48:36:68:3b:c7:7c:5d:df:79:5e:31:01:1c:40:
df:b7:ee:0a:db:4d:e3:f7:58:7f:b9:6d:d0:5d:e2:96:2d:3e:
ed:ce:f0:cb:82:ee:75:2d:f6:a5:9d:4d:e7:dc:f2:b2:6a:ac:
79:5e:67:41:22:fe:d4:b9:c5:0a:7c:01:ec:23:cb:ff:83:33:
4c:b6:39:5e:a5:b3:cf:c8:0a:4e:d8:1d:e8:86:3f:0a:88:2e:
96:f7:3c:68:06:e3:1b:7a:44:a8:e2:66:5f:0b:d7:a3:82:4c:
3a:47:ba:14:46:f3:4b:bc:66:e7:4b:5e:86:99:15:5f:e7:d3:
ad:f1:90:f5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5pRJF50kTQRPnBKjMyPXDrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzIzMDMwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTZlOGVhYzgxZTg2OTdlYWM0YTc5ZTM5OWE1MzEwZmM0NDZhZjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhITRSKGkq4HDIM+afqHTTVzSBkzH
nmkwM6o7+E9HGwyl4ktHay0FpDCRrhvPZ6jmi7EzE8WE7AMNUFAo6c4J2tFhdoey
Geape9jh61pkHhUwbsdk0vkW7llHFmVO4KsU1/fzUAA9+ltJOFm5OWZzg5rDbIek
8sZSDMMWw6/ZJApqGX/WMwK7hdJI8C53H+NGz4QzU/vFe/ycTOa57PduyRwG0cD3
7DTDGURpGhGcAjlskdHNa10lXdkkg++K6zAmFQNeKMITO/WoSqAP7ZRHMwKEZncK
9JaPOuRa0bIrKQjPB6HC7bTkYGpUMC8n3pxUKuw83AQ6bSY9p5LDpYy8YwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAlujqyB6Gl+rEp545mlMQ/ERq8/MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvQ1c2T3JJSG9hWDZzU25uam1hVXhEOFJHcno4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADJpNn8zr4lqQf4yS1pO
QyMRpskSXlvRD4P03WMn4D6Di9EhTQiyVR3y3gVNsEU3FQ76JMid4PhnUVNMjEcF
f8mKbLxubvQSMti1ma/7fE6GJVmtNvhkJQAgoIEilsEAiQRxyMPCepk+qlodfkwH
G2gQ39Cl1FEuO1QrBk5uki2Gh8NINmg7x3xd33leMQEcQN+37grbTeP3WH+5bdBd
4pYtPu3O8MuC7nUt9qWdTefc8rJqrHleZ0Ei/tS5xQp8Aewjy/+DM0y2OV6ls8/I
Ck7YHeiGPwqILpb3PGgG4xt6RKjiZl8L16OCTDpHuhRG80u8ZudLXoaZFV/n063x
kPU=
-----END CERTIFICATE-----
Generated at Sat Mar 23 09:24:54 2024 by rpki-client on console.sobornost.net