Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/IvNIzNONrAq9khEzC3aN6wnwxKI.roa
File: IvNIzNONrAq9khEzC3aN6wnwxKI.roa (raw, json)
Hash identifier: difWRyU8bD/BVkXfbgjNMpySHI0RBOn4czp5Md4300I=
Subject key identifier: 22:F3:48:CC:D3:8D:AC:0A:BD:92:11:33:0B:76:8D:EB:09:F0:C4:A2
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E61916F8BCF411005B4B608325CDBA8A2
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/IvNIzNONrAq9khEzC3aN6wnwxKI.roa
Signing time: Thu 21 Mar 2024 15:11:44 +0000
ROA not before: Thu 21 Mar 2024 15:11:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 21 Mar 2024 16:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:61:91:6f:8b:cf:41:10:05:b4:b6:08:32:5c:db:a8:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 21 15:11:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22f348ccd38dac0abd9211330b768deb09f0c4a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:02:a4:8c:9b:51:7e:49:7d:ed:87:bd:ba:8f:
4c:af:23:6b:c6:d3:0f:bc:73:01:5e:e5:26:5e:72:
16:64:42:ef:d5:b7:f7:e2:b2:70:5a:5b:11:a1:1d:
3d:d2:b5:66:b5:17:52:3e:e6:08:4a:33:9b:27:fb:
2f:02:10:ff:3b:45:5c:1d:e9:c1:9f:63:a0:e9:fb:
15:52:9f:bc:cd:07:ee:7d:cd:a9:88:a6:3c:17:d8:
c0:01:55:3a:9a:b8:e8:8a:aa:a7:23:29:b8:46:38:
d9:a2:5f:7c:08:77:b8:c1:fa:71:7b:eb:fa:e0:61:
50:57:6f:60:e5:92:23:5a:33:ee:7c:bf:0c:7f:73:
73:33:64:4e:a8:a2:03:35:f1:77:e8:7a:10:4d:1a:
e3:d7:cc:cb:38:77:72:95:5e:02:84:6e:95:a4:b2:
6f:05:dc:78:38:db:e3:4b:fa:2a:16:c0:67:6e:92:
29:33:df:63:ea:c2:6a:46:7b:c5:56:04:9b:48:e4:
41:9b:9d:f1:8f:fe:8f:44:41:c7:e8:fc:88:71:19:
69:4a:b2:5a:7b:e3:2e:c7:d0:c8:6a:fe:8e:0a:51:
ae:5a:c8:f1:13:0f:88:4d:44:bd:2b:86:21:0d:91:
55:a8:40:29:a5:0c:8c:2f:73:7a:61:79:a7:f4:c0:
13:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:F3:48:CC:D3:8D:AC:0A:BD:92:11:33:0B:76:8D:EB:09:F0:C4:A2
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/IvNIzNONrAq9khEzC3aN6wnwxKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5b:96:8c:c5:35:a4:47:10:33:d2:24:4d:10:29:eb:8d:dd:21:
98:c2:94:dd:4a:71:e9:17:d4:8b:c5:b0:d6:ab:9d:25:36:37:
77:cf:0b:7f:7f:c8:0b:1e:0e:79:a0:49:6d:b1:df:f0:40:e4:
94:0a:ec:02:70:66:08:06:17:03:67:f9:b4:a6:10:89:17:64:
82:90:c8:87:c5:32:2b:fb:c2:4e:1a:9a:b9:a3:7c:9e:da:ac:
39:fa:b8:11:99:52:3b:4d:24:b0:2d:90:41:37:ca:ba:dd:57:
db:e8:8e:17:76:03:37:87:d1:8a:8c:92:ff:02:d8:f1:6f:5f:
3b:aa:d6:42:df:71:f4:cb:c5:f8:b5:4d:48:0f:21:f2:e5:88:
b1:02:34:74:d4:4a:84:69:5b:1a:eb:e3:f3:bb:47:ff:66:71:
94:d0:c6:e0:32:b6:ee:13:b0:89:2c:9f:a4:b0:0d:f0:a9:3a:
9c:a3:ae:ca:6d:7c:93:76:ec:04:4a:29:7e:1c:11:1a:bb:25:
1e:93:1d:ad:cf:fe:d6:84:cf:ec:9f:53:e0:9b:2b:95:fb:ed:
6e:f1:88:d2:ff:43:73:e8:18:97:65:3b:69:70:c6:53:38:15:
93:00:12:24:2d:3a:cf:de:fb:d6:55:59:bf:2c:bd:ed:f8:34:
03:d9:d4:88
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5hkW+Lz0EQBbS2CDJc26iiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzIxMTUxMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmYzNDhjY2QzOGRhYzBhYmQ5MjExMzMwYjc2OGRlYjA5ZjBjNGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogKkjJtRfkl97Ye9uo9MryNrxtMP
vHMBXuUmXnIWZELv1bf34rJwWlsRoR090rVmtRdSPuYISjObJ/svAhD/O0VcHenB
n2Og6fsVUp+8zQfufc2piKY8F9jAAVU6mrjoiqqnIym4RjjZol98CHe4wfpxe+v6
4GFQV29g5ZIjWjPufL8Mf3NzM2ROqKIDNfF36HoQTRrj18zLOHdylV4ChG6VpLJv
Bdx4ONvjS/oqFsBnbpIpM99j6sJqRnvFVgSbSORBm53xj/6PREHH6PyIcRlpSrJa
e+Mux9DIav6OClGuWsjxEw+ITUS9K4YhDZFVqEAppQyML3N6YXmn9MATVwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCLzSMzTjawKvZIRMwt2jesJ8MSiMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSXZOSXpOT05yQXE5a2hFekMzYU42d253eEtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFuWjMU1pEcQM9IkTRAp
643dIZjClN1KcekX1IvFsNarnSU2N3fPC39/yAseDnmgSW2x3/BA5JQK7AJwZggG
FwNn+bSmEIkXZIKQyIfFMiv7wk4amrmjfJ7arDn6uBGZUjtNJLAtkEE3yrrdV9vo
jhd2AzeH0YqMkv8C2PFvXzuq1kLfcfTLxfi1TUgPIfLliLECNHTUSoRpWxrr4/O7
R/9mcZTQxuAytu4TsIksn6SwDfCpOpyjrsptfJN27ARKKX4cERq7JR6THa3P/taE
z+yfU+CbK5X77W7xiNL/Q3PoGJdlO2lwxlM4FZMAEiQtOs/e+9ZVWb8sve34NAPZ
1Ig=
-----END CERTIFICATE-----
Generated at Thu Mar 21 22:22:25 2024 by rpki-client on console.sobornost.net