Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/L3tk8XaNNDX4aQ2ZxJMRiVbizVA.roa
File: L3tk8XaNNDX4aQ2ZxJMRiVbizVA.roa (raw, json)
Hash identifier: UYTHXUDxXYwXwf6oPL1w8eXQTLcy3aie/WHO8IHUSMA=
Subject key identifier: 2F:7B:64:F1:76:8D:34:35:F8:69:0D:99:C4:93:11:89:56:E2:CD:50
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E29C12F1B31A6328D3D7FFD62561AADDD
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/L3tk8XaNNDX4aQ2ZxJMRiVbizVA.roa
Signing time: Sun 10 Mar 2024 19:05:10 +0000
ROA not before: Sun 10 Mar 2024 19:05:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:29c0:6209/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 10 Mar 2024 19:18:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:29:c1:2f:1b:31:a6:32:8d:3d:7f:fd:62:56:1a:ad:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 10 19:05:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f7b64f1768d3435f8690d99c493118956e2cd50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:25:fd:92:da:0a:d7:1a:59:61:4c:05:89:68:
df:81:e8:9e:fd:b4:75:80:89:f6:4a:7f:b0:a3:eb:
9c:58:41:f5:25:3c:8a:db:fe:9b:e0:38:55:18:3a:
90:ca:ca:dc:f6:a5:fd:9a:c2:58:61:f9:49:7a:5d:
b6:5d:19:9a:ce:c8:af:19:04:5e:5c:44:76:02:71:
7a:cf:d3:20:07:f0:10:70:02:6e:e5:8f:f4:94:a4:
f9:09:0f:b8:49:f0:42:5f:69:23:f3:a4:c9:6d:b2:
ae:b5:c6:01:2f:45:fd:68:47:3b:8c:13:77:16:c7:
76:24:51:3d:90:76:90:f4:17:38:5a:8d:7f:a2:69:
29:63:ae:69:7c:e0:02:5d:51:d4:5d:97:35:34:d6:
09:d8:d3:69:26:9c:e0:34:ae:c6:93:2c:bb:5b:58:
12:d9:9b:35:9d:0f:e9:af:8a:a2:2f:a9:68:f8:cd:
cc:2b:65:9d:7e:92:92:8e:ee:c4:bb:9d:da:d0:62:
9e:63:d6:1c:c8:f2:d4:d6:a1:20:8f:4b:30:44:13:
d0:11:f7:f1:2a:11:77:ca:42:fe:fa:df:8d:e2:c6:
b3:1e:50:af:69:ee:7a:3b:ef:a6:5d:f1:13:74:a0:
25:9c:40:9b:22:a4:64:45:b2:cd:fe:b5:2c:20:6d:
f2:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:7B:64:F1:76:8D:34:35:F8:69:0D:99:C4:93:11:89:56:E2:CD:50
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/L3tk8XaNNDX4aQ2ZxJMRiVbizVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
72:ed:b6:42:ef:f7:e1:c9:52:ff:48:85:4c:fc:63:9d:0a:59:
37:b7:10:7c:9f:ae:fa:e9:2b:75:b1:25:31:b0:d1:51:1e:d1:
b7:53:cd:37:01:4a:11:fe:f2:28:c0:c4:42:65:23:36:e6:22:
ff:ac:12:e3:0d:1d:d8:76:1b:a3:14:2d:07:0e:03:6a:26:2c:
03:bb:34:6b:0d:d0:7f:61:f5:fe:5e:a3:48:f9:ba:57:4f:24:
4a:76:23:94:d2:42:c6:e3:80:0c:67:84:b2:ed:3a:27:9f:4c:
d1:88:0a:ae:fd:9d:53:94:d9:fa:f1:32:04:87:b0:56:fb:f3:
37:96:ad:13:ba:2a:cf:e0:8a:81:e0:ff:8a:7a:9b:0a:66:f2:
34:4f:3f:34:31:ad:d2:3c:14:86:7a:85:6c:d1:ea:ac:09:72:
c4:49:19:15:21:92:47:0d:bf:86:cd:f6:47:d0:ad:cd:17:9c:
40:88:98:63:8d:ee:4a:29:17:22:ee:1e:35:e0:2c:f0:08:7a:
14:15:10:f9:27:23:43:15:35:46:08:32:79:0b:45:71:9b:a0:
32:94:bf:44:68:e5:ae:e4:dc:e9:fb:8f:71:7b:ba:c9:3a:89:
e7:f3:2a:f0:73:f4:90:52:69:d6:8c:d9:24:4f:2b:52:36:4e:
a6:3b:ca:41
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4pwS8bMaYyjT1//WJWGq3dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzEwMTkwNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjdiNjRmMTc2OGQzNDM1Zjg2OTBkOTljNDkzMTE4OTU2ZTJjZDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCX9ktoK1xpZYUwFiWjfgeie/bR1
gIn2Sn+wo+ucWEH1JTyK2/6b4DhVGDqQysrc9qX9msJYYflJel22XRmazsivGQRe
XER2AnF6z9MgB/AQcAJu5Y/0lKT5CQ+4SfBCX2kj86TJbbKutcYBL0X9aEc7jBN3
Fsd2JFE9kHaQ9Bc4Wo1/omkpY65pfOACXVHUXZc1NNYJ2NNpJpzgNK7Gkyy7W1gS
2Zs1nQ/pr4qiL6lo+M3MK2WdfpKSju7Eu53a0GKeY9YcyPLU1qEgj0swRBPQEffx
KhF3ykL++t+N4sazHlCvae56O++mXfETdKAlnECbIqRkRbLN/rUsIG3yTwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC97ZPF2jTQ1+GkNmcSTEYlW4s1QMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTDN0azhYYU5ORFg0YVEyWnhKTVJpVmJpelZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHLttkLv9+HJUv9IhUz8
Y50KWTe3EHyfrvrpK3WxJTGw0VEe0bdTzTcBShH+8ijAxEJlIzbmIv+sEuMNHdh2
G6MULQcOA2omLAO7NGsN0H9h9f5eo0j5uldPJEp2I5TSQsbjgAxnhLLtOiefTNGI
Cq79nVOU2frxMgSHsFb78zeWrRO6Ks/gioHg/4p6mwpm8jRPPzQxrdI8FIZ6hWzR
6qwJcsRJGRUhkkcNv4bN9kfQrc0XnECImGON7kopFyLuHjXgLPAIehQVEPknI0MV
NUYIMnkLRXGboDKUv0Ro5a7k3On7j3F7usk6iefzKvBz9JBSadaM2SRPK1I2TqY7
ykE=
-----END CERTIFICATE-----
Generated at Sun Mar 10 22:45:00 2024 by rpki-client on console.sobornost.net