Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HhMePknVp0AzoSqKoIXrrJNQxyc.roa
File: HhMePknVp0AzoSqKoIXrrJNQxyc.roa (raw, json)
Hash identifier: SR/vmOhCDcqcgDkTqGkQwpWklp0yW0Fg+BPlyRLMX+o=
Subject key identifier: 1E:13:1E:3E:49:D5:A7:40:33:A1:2A:8A:A0:85:EB:AC:93:50:C7:27
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E4CF7FFDBCD65431D052B3C67C1C7BDB9
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HhMePknVp0AzoSqKoIXrrJNQxyc.roa
Signing time: Sun 17 Mar 2024 15:11:45 +0000
ROA not before: Sun 17 Mar 2024 15:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 17 Mar 2024 16:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:4c:f7:ff:db:cd:65:43:1d:05:2b:3c:67:c1:c7:bd:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 17 15:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e131e3e49d5a74033a12a8aa085ebac9350c727
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:3a:06:1a:5f:20:7f:66:42:8f:09:df:55:bf:
9b:27:dc:a1:21:84:97:73:bf:76:fa:53:a7:34:78:
bc:cd:c5:7e:8f:de:c4:21:21:b2:50:67:6f:ef:fe:
45:5e:3f:85:46:c7:78:c9:b5:c3:ed:11:70:d0:19:
fe:2c:0c:d6:b1:ff:93:b7:32:67:3c:e0:24:ca:50:
d7:59:c1:b9:75:cf:93:40:6e:c8:23:58:ec:13:56:
79:c7:4b:ee:dd:26:f7:2f:91:06:58:74:a6:99:43:
37:13:22:1d:63:9f:6a:62:25:91:ab:1d:91:fa:c9:
5a:55:7d:f0:62:d4:d8:b3:bf:73:82:06:81:2f:1d:
8d:51:f2:9e:0e:e2:42:f1:67:f8:21:12:a7:8c:c3:
6a:3f:37:e6:39:b8:d8:a2:54:4a:78:48:e6:5b:3d:
72:c8:74:08:56:10:68:3b:c2:4d:39:14:f7:3b:0a:
6b:0d:1e:b7:c4:be:fc:66:18:54:c5:9f:68:75:44:
54:2b:15:7e:68:48:5a:9a:ac:38:72:9d:e0:48:fa:
e2:99:3f:fb:ba:de:ef:f7:0e:97:f2:c1:f8:6e:1a:
f1:15:11:d0:e2:9a:57:b7:7d:33:60:47:48:d7:76:
1e:9d:88:44:cf:1d:29:d0:98:0c:7a:5f:fe:c3:f7:
98:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:13:1E:3E:49:D5:A7:40:33:A1:2A:8A:A0:85:EB:AC:93:50:C7:27
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HhMePknVp0AzoSqKoIXrrJNQxyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
53:01:c6:e7:c3:87:76:cb:2a:73:ac:e6:c0:25:8f:32:32:66:
fe:5b:b0:1a:22:4a:c6:bc:02:96:72:0b:d9:45:3b:7b:7f:76:
87:77:f0:bb:b7:29:96:1e:96:3a:e5:66:8b:45:58:b7:91:35:
e8:4a:be:35:20:06:bb:a0:19:17:98:cf:92:9a:ff:c3:35:ec:
cc:16:2d:dc:01:a0:ff:1d:61:58:5d:47:27:8b:e5:93:62:a5:
f6:5e:aa:26:e7:02:40:e4:e9:ce:d2:d4:09:fb:c9:24:c7:ce:
d9:56:b8:c0:10:ef:1f:83:3c:03:2f:93:41:a0:ba:f5:94:ba:
83:d9:53:e1:a5:48:e3:88:2d:43:2b:96:dc:e5:1c:c8:80:9e:
74:5a:a1:69:ce:9f:33:42:2f:8a:e3:f4:79:fe:e5:cb:9e:54:
96:94:7f:5c:89:73:06:32:ed:d1:fc:41:b3:1f:5b:c1:17:01:
01:ad:d3:97:d2:8d:c2:76:42:c3:79:66:f4:1d:3b:2a:45:4a:
e8:17:66:c1:a5:e6:ad:2d:83:93:47:fb:62:b7:e0:69:5b:0e:
3d:55:08:4f:d0:b8:95:1b:06:96:67:67:8f:94:2c:d2:17:01:
a0:ba:c1:be:50:f4:54:84:37:34:ac:67:1e:ee:f3:7c:e1:99:
24:0b:39:e6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5M9//bzWVDHQUrPGfBx725MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE3MTUxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTEzMWUzZTQ5ZDVhNzQwMzNhMTJhOGFhMDg1ZWJhYzkzNTBjNzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5DoGGl8gf2ZCjwnfVb+bJ9yhIYSX
c792+lOnNHi8zcV+j97EISGyUGdv7/5FXj+FRsd4ybXD7RFw0Bn+LAzWsf+TtzJn
POAkylDXWcG5dc+TQG7II1jsE1Z5x0vu3Sb3L5EGWHSmmUM3EyIdY59qYiWRqx2R
+slaVX3wYtTYs79zggaBLx2NUfKeDuJC8Wf4IRKnjMNqPzfmObjYolRKeEjmWz1y
yHQIVhBoO8JNORT3OwprDR63xL78ZhhUxZ9odURUKxV+aEhamqw4cp3gSPrimT/7
ut7v9w6X8sH4bhrxFRHQ4ppXt30zYEdI13YenYhEzx0p0JgMel/+w/eYFwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB4THj5J1adAM6EqiqCF66yTUMcnMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSGhNZVBrblZwMEF6b1NxS29JWHJySk5ReHljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFMBxufDh3bLKnOs5sAl
jzIyZv5bsBoiSsa8ApZyC9lFO3t/dod38Lu3KZYeljrlZotFWLeRNehKvjUgBrug
GReYz5Ka/8M17MwWLdwBoP8dYVhdRyeL5ZNipfZeqibnAkDk6c7S1An7ySTHztlW
uMAQ7x+DPAMvk0GguvWUuoPZU+GlSOOILUMrltzlHMiAnnRaoWnOnzNCL4rj9Hn+
5cueVJaUf1yJcwYy7dH8QbMfW8EXAQGt05fSjcJ2QsN5ZvQdOypFSugXZsGl5q0t
g5NH+2K34GlbDj1VCE/QuJUbBpZnZ4+ULNIXAaC6wb5Q9FSENzSsZx7u83zhmSQL
OeY=
-----END CERTIFICATE-----
Generated at Sun Mar 17 19:12:39 2024 by rpki-client on console.sobornost.net