Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/GY24GzQS-GvDTVC4EjQLIcqbDoY.roa
File: GY24GzQS-GvDTVC4EjQLIcqbDoY.roa (raw, json)
Hash identifier: +PEu2Wi6yg9SYEdPTQSEwv9W4DlV6T/AYQS8x5J5bUI=
Subject key identifier: 19:8D:B8:1B:34:12:F8:6B:C3:4D:50:B8:12:34:0B:21:CA:9B:0E:86
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E341219BD5799ABAFA2B403032812526C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/GY24GzQS-GvDTVC4EjQLIcqbDoY.roa
Signing time: Tue 12 Mar 2024 19:09:45 +0000
ROA not before: Tue 12 Mar 2024 19:09:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 12 Mar 2024 20:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:34:12:19:bd:57:99:ab:af:a2:b4:03:03:28:12:52:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 12 19:09:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=198db81b3412f86bc34d50b812340b21ca9b0e86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:16:63:41:ab:f4:4d:33:cb:bc:32:6e:05:f2:
a6:04:53:ac:af:b2:39:89:2e:53:52:99:76:5c:c4:
73:aa:1d:e4:bc:2e:f8:c7:c3:20:2a:ea:2b:7a:7a:
cc:43:51:01:22:1d:58:f2:19:c0:10:9b:00:d8:5d:
45:fe:02:f7:d3:89:d7:a8:39:7f:22:a2:63:fb:63:
9a:87:ea:a6:71:88:d5:f4:01:76:56:68:23:24:5f:
78:b4:bd:c2:ca:fa:75:4d:0a:ef:6b:0a:31:b2:09:
5b:cf:35:02:22:ad:4a:0f:12:2c:5e:21:e8:73:2d:
fe:db:b2:d0:95:b3:81:2e:65:6c:f4:89:3d:d1:02:
02:cb:ff:a1:18:4d:63:a2:e6:7e:d9:21:25:04:1f:
64:da:2c:6a:cb:d6:c8:8e:98:ae:ea:02:bb:bc:a3:
22:4f:df:e7:df:0c:5d:d0:f7:c7:0c:28:1c:6a:f7:
1e:a1:c7:33:d2:38:53:79:09:0d:a9:71:81:ce:bc:
c4:1d:bb:a6:ec:df:76:76:19:13:66:19:9c:5a:d7:
0b:59:0a:d8:01:ab:50:4a:c7:68:14:a5:cc:96:29:
35:92:5d:4e:63:cc:11:17:b4:73:16:9c:41:12:41:
66:6d:4d:77:0b:e4:fe:67:4d:6c:e9:a7:74:11:4f:
fc:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:8D:B8:1B:34:12:F8:6B:C3:4D:50:B8:12:34:0B:21:CA:9B:0E:86
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/GY24GzQS-GvDTVC4EjQLIcqbDoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9e:24:46:0d:73:bb:bb:b2:ff:f0:3a:5e:8a:84:e4:25:a8:46:
14:1f:29:fe:bf:15:ba:ea:49:ab:ac:eb:7a:38:65:b0:d7:35:
0c:e8:66:6a:db:15:38:d4:93:71:d2:c7:66:34:3d:1c:3a:16:
81:58:85:c4:89:83:a9:f8:01:4d:fa:02:e4:5a:73:06:1a:94:
a1:eb:f0:c2:56:a7:94:de:91:c8:30:04:71:14:8f:5c:a0:3f:
94:9a:92:d6:a6:ae:af:d3:32:82:9b:e5:b0:fe:0a:e4:35:76:
31:c3:7b:3d:fb:0d:c2:2b:b8:09:d7:cb:8e:5d:17:64:21:87:
2f:da:ac:11:15:68:06:13:91:26:08:9c:66:b2:3e:1f:c6:4d:
00:bd:e1:da:74:be:e4:3b:ce:43:96:87:ab:be:0f:02:5d:25:
55:ef:5d:97:06:75:99:48:ad:fa:fd:bc:b1:70:a6:98:e2:12:
5c:f6:d8:9f:c5:41:3d:a4:58:0e:2a:03:66:fe:fe:d9:91:c2:
69:b5:31:e0:62:ec:60:89:7c:2d:83:01:ae:87:8d:a8:0c:26:
1e:90:1f:6d:5e:9e:d4:34:41:2b:e0:fa:d3:ae:af:91:58:a7:
eb:f4:7f:24:e6:96:90:0d:ef:ad:af:0b:d2:32:9e:97:a4:8f:
7e:e3:2d:2e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY40Ehm9V5mrr6K0AwMoElJsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzEyMTkwOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOThkYjgxYjM0MTJmODZiYzM0ZDUwYjgxMjM0MGIyMWNhOWIwZTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBZjQav0TTPLvDJuBfKmBFOsr7I5
iS5TUpl2XMRzqh3kvC74x8MgKuorenrMQ1EBIh1Y8hnAEJsA2F1F/gL304nXqDl/
IqJj+2Oah+qmcYjV9AF2VmgjJF94tL3Cyvp1TQrvawoxsglbzzUCIq1KDxIsXiHo
cy3+27LQlbOBLmVs9Ik90QICy/+hGE1jouZ+2SElBB9k2ixqy9bIjpiu6gK7vKMi
T9/n3wxd0PfHDCgcavceoccz0jhTeQkNqXGBzrzEHbum7N92dhkTZhmcWtcLWQrY
AatQSsdoFKXMlik1kl1OY8wRF7RzFpxBEkFmbU13C+T+Z01s6ad0EU/81wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBmNuBs0Evhrw01QuBI0CyHKmw6GMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvR1kyNEd6UVMtR3ZEVFZDNEVqUUxJY3FiRG9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ4kRg1zu7uy//A6XoqE
5CWoRhQfKf6/FbrqSaus63o4ZbDXNQzoZmrbFTjUk3HSx2Y0PRw6FoFYhcSJg6n4
AU36AuRacwYalKHr8MJWp5TekcgwBHEUj1ygP5Saktamrq/TMoKb5bD+CuQ1djHD
ez37DcIruAnXy45dF2Qhhy/arBEVaAYTkSYInGayPh/GTQC94dp0vuQ7zkOWh6u+
DwJdJVXvXZcGdZlIrfr9vLFwppjiElz22J/FQT2kWA4qA2b+/tmRwmm1MeBi7GCJ
fC2DAa6HjagMJh6QH21entQ0QSvg+tOur5FYp+v0fyTmlpAN762vC9Iynpekj37j
LS4=
-----END CERTIFICATE-----
Generated at Wed Mar 13 09:43:04 2024 by rpki-client on console.sobornost.net