Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/E1oNBcwi3e9yNf5KrwxyMj__NSY.roa
File: E1oNBcwi3e9yNf5KrwxyMj__NSY.roa (raw, json)
Hash identifier: fRtX7VyXFVNdBbiNxDIuWbH46MLpXGktJyTYYUgu3RY=
Subject key identifier: 13:5A:0D:05:CC:22:DD:EF:72:35:FE:4A:AF:0C:72:32:3F:FF:35:26
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E1A8D23E3BDD6B2B4462548218091A4DB
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/E1oNBcwi3e9yNf5KrwxyMj__NSY.roa
Signing time: Thu 07 Mar 2024 20:14:01 +0000
ROA not before: Thu 07 Mar 2024 20:14:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 07 Mar 2024 21:05:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:1a:8d:23:e3:bd:d6:b2:b4:46:25:48:21:80:91:a4:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 7 20:14:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=135a0d05cc22ddef7235fe4aaf0c72323fff3526
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:cb:f2:01:00:a1:5f:30:62:91:48:45:7c:e4:
12:a4:e6:55:ba:c0:0a:69:66:11:44:5a:90:c7:1e:
b4:6a:68:ea:21:59:22:f8:71:9e:86:7e:05:31:28:
96:7c:74:3b:14:64:70:0b:ae:cc:98:30:99:8b:d9:
ad:7b:18:e5:94:1c:c7:7a:65:58:f7:d1:eb:87:5a:
19:64:09:98:97:f5:86:c4:e7:d1:2f:f5:a0:59:33:
43:bc:ab:3a:d8:4c:6f:27:7c:ff:6b:62:e3:d0:fa:
52:65:35:1a:b3:35:d5:86:2e:dc:11:56:14:61:01:
c9:b9:fa:14:99:3d:99:bb:1f:a6:a9:90:41:9b:26:
2d:9d:f3:f7:f8:22:7d:2e:80:64:8f:da:3b:35:3c:
b0:7d:16:eb:e6:de:0a:6d:61:13:ef:78:0c:19:b2:
76:59:df:c7:15:24:ea:3e:33:07:df:3d:2d:6d:38:
9d:30:62:24:de:90:40:5a:ea:49:23:28:de:01:03:
e7:e6:2b:74:ca:ed:f9:ef:9e:b9:13:03:8a:ad:d1:
5f:d8:39:24:84:d4:82:47:9e:40:f3:e2:fb:29:fb:
57:22:36:38:e2:f2:43:61:23:6c:59:02:b1:43:bd:
21:ed:ab:5f:91:31:9e:0a:c0:f9:e3:db:9e:af:d4:
04:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:5A:0D:05:CC:22:DD:EF:72:35:FE:4A:AF:0C:72:32:3F:FF:35:26
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/E1oNBcwi3e9yNf5KrwxyMj__NSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4e:78:ba:94:61:d3:3c:df:fa:eb:82:04:a7:67:ed:d7:63:05:
73:97:f6:43:ce:46:58:a2:a9:aa:c1:3e:d0:cf:ee:fd:2e:7b:
8e:f5:07:f0:14:a3:47:4b:56:b5:c6:30:04:e8:06:75:20:58:
40:7c:e7:2f:ab:34:31:b0:cd:da:8c:db:ef:0b:3e:80:f2:a1:
07:42:b6:31:f0:4f:dc:4f:02:6f:95:b6:23:ed:c0:90:dc:12:
86:b1:22:59:35:14:b7:0a:c2:60:1c:54:02:e4:c4:cf:c3:78:
21:de:16:6a:9c:39:9c:eb:66:01:6c:09:75:51:b2:95:52:a0:
d4:8e:f8:89:35:59:49:40:9d:fd:c3:c3:6e:0d:68:2a:f5:6f:
c3:87:53:2b:86:66:0f:af:4d:0d:cf:e2:ba:96:2f:bc:f1:95:
58:9f:3f:db:5f:7c:12:a6:37:c1:51:6d:d6:20:ec:5b:97:0c:
52:d7:be:a0:4d:ab:d0:d6:b0:95:fb:0d:fd:6e:ca:cd:dc:dc:
99:5e:47:a4:dc:cd:77:3c:79:b5:dd:14:8c:48:37:91:07:cc:
1b:65:c8:cb:1e:06:58:13:53:41:53:1f:ab:09:f2:7a:83:47:
d6:be:07:37:a1:84:6d:7c:ab:2c:f6:57:d5:ef:73:34:d9:9c:
01:1b:cc:3d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4ajSPjvdaytEYlSCGAkaTbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA3MjAxNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzVhMGQwNWNjMjJkZGVmNzIzNWZlNGFhZjBjNzIzMjNmZmYzNTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMvyAQChXzBikUhFfOQSpOZVusAK
aWYRRFqQxx60amjqIVki+HGehn4FMSiWfHQ7FGRwC67MmDCZi9mtexjllBzHemVY
99Hrh1oZZAmYl/WGxOfRL/WgWTNDvKs62ExvJ3z/a2Lj0PpSZTUaszXVhi7cEVYU
YQHJufoUmT2Zux+mqZBBmyYtnfP3+CJ9LoBkj9o7NTywfRbr5t4KbWET73gMGbJ2
Wd/HFSTqPjMH3z0tbTidMGIk3pBAWupJIyjeAQPn5it0yu357565EwOKrdFf2Dkk
hNSCR55A8+L7KftXIjY44vJDYSNsWQKxQ70h7atfkTGeCsD549uer9QEOQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBNaDQXMIt3vcjX+Sq8McjI//zUmMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvRTFvTkJjd2kzZTl5TmY1S3J3eHlNal9fTlNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE54upRh0zzf+uuCBKdn
7ddjBXOX9kPORliiqarBPtDP7v0ue471B/AUo0dLVrXGMAToBnUgWEB85y+rNDGw
zdqM2+8LPoDyoQdCtjHwT9xPAm+VtiPtwJDcEoaxIlk1FLcKwmAcVALkxM/DeCHe
FmqcOZzrZgFsCXVRspVSoNSO+Ik1WUlAnf3Dw24NaCr1b8OHUyuGZg+vTQ3P4rqW
L7zxlVifP9tffBKmN8FRbdYg7FuXDFLXvqBNq9DWsJX7Df1uys3c3JleR6TczXc8
ebXdFIxIN5EHzBtlyMseBlgTU0FTH6sJ8nqDR9a+BzehhG18qyz2V9XvczTZnAEb
zD0=
-----END CERTIFICATE-----
Generated at Fri Mar 8 06:45:59 2024 by rpki-client on console.sobornost.net