Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/CtlxxY0S4gRGfKhmHJ0piGxGyjY.roa
File: CtlxxY0S4gRGfKhmHJ0piGxGyjY.roa (raw, json)
Hash identifier: tRsMlWn6/4Ck/Ankrd1cmE9oYtytzTTq9dCIeCzmOCA=
Subject key identifier: 0A:D9:71:C5:8D:12:E2:04:46:7C:A8:66:1C:9D:29:88:6C:46:CA:36
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DF9BB2741A82E99E4326EE6A453EBB953
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/CtlxxY0S4gRGfKhmHJ0piGxGyjY.roa
Signing time: Fri 01 Mar 2024 11:16:48 +0000
ROA not before: Fri 01 Mar 2024 11:16:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 01 Mar 2024 12:04:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f9:bb:27:41:a8:2e:99:e4:32:6e:e6:a4:53:eb:b9:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 1 11:16:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ad971c58d12e204467ca8661c9d29886c46ca36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:46:f2:92:17:47:5f:f5:b7:e1:dd:bb:a3:03:
4c:e0:34:d4:80:c0:fc:03:0f:0c:17:3c:91:b2:42:
1e:65:39:03:99:ec:5f:22:10:11:7a:b5:1f:11:da:
25:75:cf:10:df:d9:73:d3:4d:05:d0:54:d6:1d:cb:
45:d7:f9:16:33:96:04:fa:0c:05:c6:f6:5c:eb:d8:
fc:93:8f:72:3b:fe:7c:b9:ef:c2:a8:c0:a1:96:13:
0f:2e:47:02:f8:97:40:1a:a8:50:7d:0e:08:7d:95:
65:53:a1:18:ce:c7:0a:01:ce:0e:44:b5:d3:37:99:
47:92:71:3d:c1:97:7b:6d:b5:63:9d:52:d2:56:99:
b7:62:66:d3:1b:b0:6c:5d:6b:83:f6:9c:2e:d3:7b:
d3:e9:83:13:5a:be:20:f6:d8:9d:a6:62:c8:d6:1f:
e8:78:4f:c8:fe:47:6a:b6:04:ec:6e:79:4a:33:52:
f9:5d:b6:55:3a:1b:8c:92:c7:46:2a:29:3f:4b:1e:
9a:98:6f:43:e0:81:8c:9a:48:d0:59:26:14:ec:e2:
b0:ab:d6:96:cd:bd:40:1b:b3:ac:ae:84:eb:c5:14:
57:a0:98:c7:56:31:d2:24:a5:45:e1:01:d7:c2:b5:
ec:54:fe:83:c5:32:e4:86:f3:0b:1f:2f:60:82:16:
32:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:D9:71:C5:8D:12:E2:04:46:7C:A8:66:1C:9D:29:88:6C:46:CA:36
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/CtlxxY0S4gRGfKhmHJ0piGxGyjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3b:f9:f5:07:fe:77:40:fa:e3:f0:fd:40:f4:28:e9:47:b6:26:
b6:6f:12:67:58:60:87:3f:ee:42:ca:db:8d:c1:b9:33:1b:bf:
29:f1:32:8a:13:18:f1:cc:ad:a6:94:8e:c2:a4:24:2a:5f:de:
cc:7f:9f:c5:15:02:5a:8a:db:35:8a:f0:d5:b9:c9:4b:01:5a:
e3:12:7e:c8:8b:27:25:92:b8:d1:08:48:64:f5:f9:32:78:64:
e2:40:54:72:0f:38:2d:91:45:19:2f:d5:8b:eb:fa:85:8b:d0:
c6:be:3a:8e:9c:8f:6a:f9:96:79:d0:3d:35:98:1d:94:7d:0e:
b7:3d:32:5b:0a:f0:84:59:4d:6a:0b:63:39:4a:29:ae:5c:c1:
b8:54:19:85:f2:0c:03:28:55:3e:9e:72:ec:68:ec:d0:20:b5:
b0:c6:cc:d0:d7:78:18:22:03:52:e5:c8:12:79:ea:a0:ff:69:
94:50:09:e6:15:af:58:05:a4:01:1c:e4:00:dc:8e:e1:9b:37:
65:f2:0e:d3:a3:28:3b:48:a9:94:c3:36:ad:58:a6:6e:44:b3:
93:b1:a9:99:f2:bc:5f:fc:dd:66:dc:94:66:88:36:91:d1:62:
95:37:5d:b5:bd:62:7e:39:8c:6c:61:26:ee:c3:d3:cf:08:be:
24:30:60:a5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY35uydBqC6Z5DJu5qRT67lTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzAxMTExNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWQ5NzFjNThkMTJlMjA0NDY3Y2E4NjYxYzlkMjk4ODZjNDZjYTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkbykhdHX/W34d27owNM4DTUgMD8
Aw8MFzyRskIeZTkDmexfIhARerUfEdoldc8Q39lz000F0FTWHctF1/kWM5YE+gwF
xvZc69j8k49yO/58ue/CqMChlhMPLkcC+JdAGqhQfQ4IfZVlU6EYzscKAc4ORLXT
N5lHknE9wZd7bbVjnVLSVpm3YmbTG7BsXWuD9pwu03vT6YMTWr4g9tidpmLI1h/o
eE/I/kdqtgTsbnlKM1L5XbZVOhuMksdGKik/Sx6amG9D4IGMmkjQWSYU7OKwq9aW
zb1AG7OsroTrxRRXoJjHVjHSJKVF4QHXwrXsVP6DxTLkhvMLHy9gghYyzQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFArZccWNEuIERnyoZhydKYhsRso2MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvQ3RseHhZMFM0Z1JHZktobUhKMHBpR3hHeWpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADv59Qf+d0D64/D9QPQo
6Ue2JrZvEmdYYIc/7kLK243BuTMbvynxMooTGPHMraaUjsKkJCpf3sx/n8UVAlqK
2zWK8NW5yUsBWuMSfsiLJyWSuNEISGT1+TJ4ZOJAVHIPOC2RRRkv1Yvr+oWL0Ma+
Oo6cj2r5lnnQPTWYHZR9Drc9MlsK8IRZTWoLYzlKKa5cwbhUGYXyDAMoVT6ecuxo
7NAgtbDGzNDXeBgiA1LlyBJ56qD/aZRQCeYVr1gFpAEc5ADcjuGbN2XyDtOjKDtI
qZTDNq1Ypm5Es5OxqZnyvF/83WbclGaINpHRYpU3XbW9Yn45jGxhJu7D088IviQw
YKU=
-----END CERTIFICATE-----
Generated at Fri Mar 1 20:24:23 2024 by rpki-client on console.sobornost.net