Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Kt1MRIZG0J7NJjsZVmk9I0ASH4s.roa
File: Kt1MRIZG0J7NJjsZVmk9I0ASH4s.roa (raw, json)
Hash identifier: TYRpHVgrz6IxFpXSZxah0iMV6JXgxum8iMOfO3jYrl4=
Subject key identifier: 2A:DD:4C:44:86:46:D0:9E:CD:26:3B:19:56:69:3D:23:40:12:1F:8B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DEF35ABC1C805D6E9DF277672F2EE87F8
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Kt1MRIZG0J7NJjsZVmk9I0ASH4s.roa
Signing time: Wed 28 Feb 2024 10:14:48 +0000
ROA not before: Wed 28 Feb 2024 10:14:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 28 Feb 2024 11:04:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ef:35:ab:c1:c8:05:d6:e9:df:27:76:72:f2:ee:87:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 28 10:14:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2add4c448646d09ecd263b1956693d2340121f8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:7d:14:1c:a0:db:7c:bf:32:fd:29:30:c9:54:
19:bf:01:5a:88:68:da:57:9a:e0:89:2d:97:69:e8:
aa:5a:b9:f1:a5:bd:5b:29:df:47:87:fc:96:f5:c8:
81:59:92:ee:ed:c4:44:cd:37:aa:97:5d:6d:46:3f:
ef:32:57:18:37:0b:64:35:5d:8e:ce:a7:8c:6d:84:
91:15:dd:17:08:90:c2:0d:1f:4b:78:11:d8:eb:a2:
95:19:9e:f3:d6:97:92:d8:1b:44:23:b0:28:de:48:
db:ee:76:42:f8:d5:f9:23:22:d6:df:d1:44:f9:d1:
37:88:46:c8:e3:84:bf:a0:bb:13:d0:d1:b6:be:0c:
f7:db:72:58:43:ed:09:5f:35:ae:81:34:cf:92:89:
31:1d:01:59:35:e4:ec:fe:8f:5d:fd:d4:25:11:b2:
a3:9c:1d:94:7b:af:f4:dc:ef:10:b2:13:c1:f0:ec:
a3:5a:a0:34:fe:ef:a7:8b:43:e8:e3:18:61:ea:9b:
f3:0d:1d:f2:2a:4d:e2:bf:31:49:3a:2e:66:e4:6f:
f5:7a:97:e7:d8:76:f6:7e:8a:53:a3:4b:68:0e:b1:
c3:ff:e0:a8:80:c1:a6:fe:8a:40:d7:98:71:2e:f6:
5c:14:a1:0c:ed:f9:6d:a8:7f:d8:cf:1a:c5:96:fc:
77:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:DD:4C:44:86:46:D0:9E:CD:26:3B:19:56:69:3D:23:40:12:1F:8B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Kt1MRIZG0J7NJjsZVmk9I0ASH4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
56:a2:5f:d2:48:c5:0c:b5:e7:00:4d:a2:6d:a8:46:58:08:ed:
39:c7:73:25:42:ac:7b:be:26:48:13:93:5f:17:24:86:d7:d2:
3c:d4:19:c0:52:2d:fc:82:3e:2b:27:0b:5b:0c:2b:17:24:a5:
86:c9:07:09:19:29:7f:f0:9f:f4:16:f6:cb:01:61:ef:d0:18:
c5:95:20:46:a5:5f:1d:0c:3f:cd:2a:02:fe:41:08:94:87:7d:
36:fb:61:77:06:1d:38:3a:4b:ad:d9:25:22:e1:78:3b:18:61:
de:1a:50:ba:11:5b:df:b4:2e:15:6c:f6:d7:f3:f7:25:d3:ba:
8c:7c:45:cf:f7:09:60:96:3b:63:54:fb:90:14:78:83:65:6d:
0d:e9:76:35:c3:6e:c5:28:c2:7a:28:37:40:b0:db:a3:ad:3a:
7b:f4:fe:ea:a1:d2:f9:f5:0e:e6:44:6b:f2:9d:cc:32:27:19:
4e:01:4a:3c:90:2b:d4:3a:05:3c:04:29:be:ce:be:94:5a:1e:
83:da:10:68:24:d7:c4:3c:26:39:f3:2b:34:9e:11:ea:3a:2f:
11:3f:3e:43:f2:99:f0:f2:3d:00:cf:f7:6d:37:74:86:38:fa:
29:b5:9a:5f:1e:33:ca:cc:17:15:79:da:3a:57:5a:2a:8a:31:
27:99:99:94
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3vNavByAXW6d8ndnLy7of4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI4MTAxNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWRkNGM0NDg2NDZkMDllY2QyNjNiMTk1NjY5M2QyMzQwMTIxZjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjH0UHKDbfL8y/SkwyVQZvwFaiGja
V5rgiS2XaeiqWrnxpb1bKd9Hh/yW9ciBWZLu7cREzTeql11tRj/vMlcYNwtkNV2O
zqeMbYSRFd0XCJDCDR9LeBHY66KVGZ7z1peS2BtEI7Ao3kjb7nZC+NX5IyLW39FE
+dE3iEbI44S/oLsT0NG2vgz323JYQ+0JXzWugTTPkokxHQFZNeTs/o9d/dQlEbKj
nB2Ue6/03O8QshPB8OyjWqA0/u+ni0Po4xhh6pvzDR3yKk3ivzFJOi5m5G/1epfn
2Hb2fopTo0toDrHD/+CogMGm/opA15hxLvZcFKEM7fltqH/YzxrFlvx3vQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCrdTESGRtCezSY7GVZpPSNAEh+LMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvS3QxTVJJWkcwSjdOSmpzWlZtazlJMEFTSDRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFaiX9JIxQy15wBNom2o
RlgI7TnHcyVCrHu+JkgTk18XJIbX0jzUGcBSLfyCPisnC1sMKxckpYbJBwkZKX/w
n/QW9ssBYe/QGMWVIEalXx0MP80qAv5BCJSHfTb7YXcGHTg6S63ZJSLheDsYYd4a
ULoRW9+0LhVs9tfz9yXTuox8Rc/3CWCWO2NU+5AUeINlbQ3pdjXDbsUownooN0Cw
26OtOnv0/uqh0vn1DuZEa/KdzDInGU4BSjyQK9Q6BTwEKb7OvpRaHoPaEGgk18Q8
JjnzKzSeEeo6LxE/PkPymfDyPQDP9203dIY4+im1ml8eM8rMFxV52jpXWiqKMSeZ
mZQ=
-----END CERTIFICATE-----
Generated at Wed Feb 28 16:28:24 2024 by rpki-client on console.sobornost.net