Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/IVxRngCWhaeEpw2aJ-MhGvkdEnI.roa
File: IVxRngCWhaeEpw2aJ-MhGvkdEnI.roa (raw, json)
Hash identifier: iYgsg/hAHz+Ezk777gvMBFrFru0WutKqjt6IYcxdDvA=
Subject key identifier: 21:5C:51:9E:00:96:85:A7:84:A7:0D:9A:27:E3:21:1A:F9:1D:12:72
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E19B1699736857B5062642DC64E94267A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/IVxRngCWhaeEpw2aJ-MhGvkdEnI.roa
Signing time: Thu 07 Mar 2024 16:14:01 +0000
ROA not before: Thu 07 Mar 2024 16:14:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 07 Mar 2024 17:05:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:19:b1:69:97:36:85:7b:50:62:64:2d:c6:4e:94:26:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 7 16:14:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=215c519e009685a784a70d9a27e3211af91d1272
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:63:4f:10:15:b1:c8:dc:be:9e:1c:44:f7:4d:
ad:c3:34:78:8f:32:db:9e:1f:b0:83:51:fe:77:68:
a6:62:b6:a8:43:69:31:e2:cd:1f:b9:b3:8c:67:3b:
03:da:18:ed:30:32:41:33:f4:51:7e:a6:3e:8a:b1:
f1:9e:f4:ac:b3:00:8a:96:7c:97:45:4c:c2:ab:88:
a2:45:be:06:1e:c2:7b:85:18:74:63:e6:9e:e0:ef:
26:5d:9e:76:b9:3c:2a:c5:cb:cc:90:1b:8a:f7:28:
7e:a9:10:76:af:77:8c:b1:10:1d:48:1f:10:aa:86:
9b:ca:1e:b8:25:89:5f:d6:bc:52:98:17:9b:77:45:
8f:46:9c:c7:93:eb:4b:89:25:a3:91:b9:ce:8c:44:
53:87:7b:91:ed:82:df:47:84:0d:27:e6:4d:76:24:
6f:ed:de:9d:91:4a:ac:bf:dd:e5:40:fb:86:73:27:
fe:e6:fe:7e:7c:75:b0:ae:c8:7d:0c:e9:da:b7:28:
b8:a5:85:0c:6b:b5:87:fa:ad:d9:9f:79:ee:ac:d1:
a5:8c:90:e8:27:63:a8:d5:e0:ad:5b:f4:8b:e0:44:
4b:1f:c6:e0:ad:e7:43:d6:5b:7b:85:b2:fe:2f:89:
81:7f:67:3e:eb:89:3d:90:03:85:4a:5b:4c:0d:86:
94:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:5C:51:9E:00:96:85:A7:84:A7:0D:9A:27:E3:21:1A:F9:1D:12:72
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/IVxRngCWhaeEpw2aJ-MhGvkdEnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2d:be:f0:d8:e4:ba:74:df:9b:79:82:f6:9d:9b:82:8a:df:19:
12:5d:c4:8d:f1:f5:7f:e1:9d:f6:fe:8a:12:3b:65:de:3d:25:
be:0f:52:da:9a:27:06:fe:51:81:8d:d4:7d:35:32:17:d8:2f:
ba:21:f5:98:fa:33:37:1d:89:33:49:ad:76:5b:f0:1a:82:be:
c4:38:47:e3:c1:5f:09:66:9c:e4:ab:d8:8b:a9:69:94:e3:1e:
84:32:81:b8:b2:be:e9:fe:91:bc:0a:14:9b:6f:1a:d3:f1:ce:
da:ea:1d:11:66:fe:8b:57:d2:21:e5:d7:fc:0a:ea:ef:1a:fc:
a2:ff:0d:40:80:47:8b:e4:d6:a2:65:63:72:3e:e0:cc:4a:38:
1d:2b:d1:69:86:32:7a:f6:9a:87:e4:d9:ab:7f:47:c5:d1:57:
2a:46:94:cb:7b:a1:30:c8:3b:fd:51:72:e5:86:48:8c:98:b2:
61:28:60:c3:65:84:e3:1a:89:49:d5:40:5f:f3:39:37:17:8e:
e3:3b:4b:b4:5d:d6:6f:a4:9d:bf:03:a0:8d:ad:d5:fb:68:8b:
e3:d7:8b:70:0d:b4:9f:cd:a6:cb:77:af:4b:a2:6f:90:6f:4f:
a7:61:eb:4b:c0:2d:38:dc:1a:7d:73:43:94:e8:a8:32:4e:88:
b4:33:67:8a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4ZsWmXNoV7UGJkLcZOlCZ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA3MTYxNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTVjNTE5ZTAwOTY4NWE3ODRhNzBkOWEyN2UzMjExYWY5MWQxMjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1WNPEBWxyNy+nhxE902twzR4jzLb
nh+wg1H+d2imYraoQ2kx4s0fubOMZzsD2hjtMDJBM/RRfqY+irHxnvSsswCKlnyX
RUzCq4iiRb4GHsJ7hRh0Y+ae4O8mXZ52uTwqxcvMkBuK9yh+qRB2r3eMsRAdSB8Q
qoabyh64JYlf1rxSmBebd0WPRpzHk+tLiSWjkbnOjERTh3uR7YLfR4QNJ+ZNdiRv
7d6dkUqsv93lQPuGcyf+5v5+fHWwrsh9DOnatyi4pYUMa7WH+q3Zn3nurNGljJDo
J2Oo1eCtW/SL4ERLH8bgredD1lt7hbL+L4mBf2c+64k9kAOFSltMDYaU0QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCFcUZ4AloWnhKcNmifjIRr5HRJyMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSVZ4Um5nQ1doYWVFcHcyYUotTWhHdmtkRW5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC2+8NjkunTfm3mC9p2b
gorfGRJdxI3x9X/hnfb+ihI7Zd49Jb4PUtqaJwb+UYGN1H01MhfYL7oh9Zj6Mzcd
iTNJrXZb8BqCvsQ4R+PBXwlmnOSr2IupaZTjHoQygbiyvun+kbwKFJtvGtPxztrq
HRFm/otX0iHl1/wK6u8a/KL/DUCAR4vk1qJlY3I+4MxKOB0r0WmGMnr2mofk2at/
R8XRVypGlMt7oTDIO/1RcuWGSIyYsmEoYMNlhOMaiUnVQF/zOTcXjuM7S7Rd1m+k
nb8DoI2t1ftoi+PXi3ANtJ/Npst3r0uib5BvT6dh60vALTjcGn1zQ5ToqDJOiLQz
Z4o=
-----END CERTIFICATE-----
Generated at Fri Mar 8 00:12:04 2024 by rpki-client on console.sobornost.net