Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/K7CXnkz8gX2qt63Y9c4RAeJ5XHw.roa
File: K7CXnkz8gX2qt63Y9c4RAeJ5XHw.roa (raw, json)
Hash identifier: GqCUrVlxR/mSXcO0mN8NePLNSDwxcqLpybRLft5Yba8=
Subject key identifier: 2B:B0:97:9E:4C:FC:81:7D:AA:B7:AD:D8:F5:CE:11:01:E2:79:5C:7C
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EA78352022D76CD4BE812D774D04FFC0A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/K7CXnkz8gX2qt63Y9c4RAeJ5XHw.roa
Signing time: Thu 04 Apr 2024 05:09:45 +0000
ROA not before: Thu 04 Apr 2024 05:09:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 04 Apr 2024 06:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a7:83:52:02:2d:76:cd:4b:e8:12:d7:74:d0:4f:fc:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 4 05:09:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2bb0979e4cfc817daab7add8f5ce1101e2795c7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:06:09:dc:e4:9c:c6:1b:f3:dc:1f:d2:c3:34:
08:e2:77:dc:4b:c5:8f:23:16:e2:a3:df:7e:35:56:
bd:45:3f:67:04:1c:51:78:cd:ad:3e:24:f1:61:e4:
14:06:94:bd:45:28:1c:4c:ba:80:48:3d:94:b3:6f:
11:71:38:09:52:29:3b:8b:1e:f0:56:ac:55:4b:e7:
06:13:17:17:59:53:16:51:db:f3:9b:ba:36:36:3e:
41:c3:a8:a0:50:bc:d2:69:ba:cd:6f:d2:89:3f:5a:
f8:7c:5e:6e:51:07:32:a1:60:72:b3:a2:44:c9:6b:
c2:de:88:cb:81:ee:03:76:1c:95:fd:45:5e:96:91:
1d:23:11:c7:d8:98:92:84:bc:de:9c:34:86:b1:a5:
c9:79:02:70:71:04:87:c1:e7:d3:c7:e2:83:aa:34:
cf:aa:a8:ae:c3:a9:4f:5a:23:8c:96:8f:47:53:1c:
05:5b:38:4b:89:d4:71:53:04:18:d9:48:dd:53:4a:
ce:c8:42:eb:59:9b:91:59:9f:b9:66:66:4c:78:77:
1a:9b:30:c7:3c:da:ca:19:ae:a2:90:16:76:84:c1:
15:e3:34:f0:05:6d:a0:00:ee:26:d6:d5:b3:47:61:
b1:47:b6:ac:4a:93:82:29:5d:0c:8a:1d:6a:df:28:
6e:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:B0:97:9E:4C:FC:81:7D:AA:B7:AD:D8:F5:CE:11:01:E2:79:5C:7C
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/K7CXnkz8gX2qt63Y9c4RAeJ5XHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5a:fd:ae:a6:54:e7:42:90:39:fb:ca:b8:df:2c:2f:cb:c4:a2:
b8:ea:08:19:ee:b8:34:ab:0f:70:13:af:81:0d:28:23:e3:12:
14:73:39:90:82:ba:22:45:6a:58:8b:ff:90:21:28:72:63:19:
02:9f:44:23:c6:9d:99:9d:04:50:2a:3b:13:e9:a7:81:9f:9e:
27:8b:7c:76:29:be:32:54:9a:6b:58:7a:65:13:74:fb:52:34:
be:00:30:c0:89:48:3c:c7:06:e5:ce:63:ea:55:c3:99:cc:0d:
b2:7f:b6:16:1f:bf:d0:76:6f:ff:e3:4b:f5:2e:78:b0:5c:0a:
9d:8d:bc:1c:b5:75:2c:e9:26:ee:68:68:0b:01:4c:25:db:03:
29:1f:2b:df:bd:3c:c4:0f:83:46:23:c9:84:f8:b8:d7:a6:8e:
37:36:ab:28:b8:6c:57:5e:31:c8:1d:4d:d0:80:e5:1b:f4:08:
d0:25:a0:75:86:94:f4:fe:4a:5d:bb:7d:89:79:a7:16:9d:6d:
b3:fb:d7:c2:b3:7f:21:51:c7:20:81:d1:b2:b9:e3:4b:f9:09:
f3:6e:10:1b:39:d1:75:fc:a4:1b:58:54:93:04:e5:e4:fd:08:
af:1a:c8:93:79:d1:0b:6c:3b:76:e6:b6:ea:71:32:a5:1d:58:
85:c8:d3:c8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6ng1ICLXbNS+gS13TQT/wKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA0MDUwOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmIwOTc5ZTRjZmM4MTdkYWFiN2FkZDhmNWNlMTEwMWUyNzk1YzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAYJ3OScxhvz3B/SwzQI4nfcS8WP
Ixbio99+NVa9RT9nBBxReM2tPiTxYeQUBpS9RSgcTLqASD2Us28RcTgJUik7ix7w
VqxVS+cGExcXWVMWUdvzm7o2Nj5Bw6igULzSabrNb9KJP1r4fF5uUQcyoWBys6JE
yWvC3ojLge4DdhyV/UVelpEdIxHH2JiShLzenDSGsaXJeQJwcQSHwefTx+KDqjTP
qqiuw6lPWiOMlo9HUxwFWzhLidRxUwQY2UjdU0rOyELrWZuRWZ+5ZmZMeHcamzDH
PNrKGa6ikBZ2hMEV4zTwBW2gAO4m1tWzR2GxR7asSpOCKV0Mih1q3yhuTwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCuwl55M/IF9qret2PXOEQHieVx8MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSzdDWG5rejhnWDJxdDYzWTljNFJBZUo1WEh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFr9rqZU50KQOfvKuN8s
L8vEorjqCBnuuDSrD3ATr4ENKCPjEhRzOZCCuiJFaliL/5AhKHJjGQKfRCPGnZmd
BFAqOxPpp4GfnieLfHYpvjJUmmtYemUTdPtSNL4AMMCJSDzHBuXOY+pVw5nMDbJ/
thYfv9B2b//jS/UueLBcCp2NvBy1dSzpJu5oaAsBTCXbAykfK9+9PMQPg0YjyYT4
uNemjjc2qyi4bFdeMcgdTdCA5Rv0CNAloHWGlPT+Sl27fYl5pxadbbP718KzfyFR
xyCB0bK540v5CfNuEBs50XX8pBtYVJME5eT9CK8ayJN50QtsO3bmtupxMqUdWIXI
08g=
-----END CERTIFICATE-----
Generated at Thu Apr 4 12:50:12 2024 by rpki-client on console.sobornost.net