Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/LGUhi5fYxqQBhLV3UtS97cHmk0o.roa
File: LGUhi5fYxqQBhLV3UtS97cHmk0o.roa (raw, json)
Hash identifier: F26wiydb3sc6EWWjR726+pewwgTfPlL+08GavFj62vw=
Subject key identifier: 2C:65:21:8B:97:D8:C6:A4:01:84:B5:77:52:D4:BD:ED:C1:E6:93:4A
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E5BC648528739AA7E60826C5815720315
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/LGUhi5fYxqQBhLV3UtS97cHmk0o.roa
Signing time: Wed 20 Mar 2024 12:11:45 +0000
ROA not before: Wed 20 Mar 2024 12:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 20 Mar 2024 13:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5b:c6:48:52:87:39:aa:7e:60:82:6c:58:15:72:03:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 20 12:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2c65218b97d8c6a40184b57752d4bdedc1e6934a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:79:c5:d1:39:d1:80:77:c8:01:09:10:38:37:
b3:6f:10:e3:c2:81:f4:a6:a9:94:61:f5:0f:d5:27:
ec:cc:1e:86:3e:76:b9:44:2c:36:19:4d:d6:da:45:
0f:9f:f7:4c:c0:91:6d:3d:f0:1d:8d:82:4f:5e:79:
c2:02:b0:06:ff:a3:05:ce:9b:45:27:87:62:42:3f:
a0:cc:8d:c7:eb:e0:f7:b8:11:89:f1:1f:24:31:f3:
5a:6d:78:44:5d:99:03:06:8e:be:f7:9c:42:c7:5b:
b3:3f:7c:a3:5a:50:a0:cd:66:f0:e2:c5:c5:3c:8a:
5c:c1:46:3b:3e:15:9e:60:44:f1:9b:79:82:63:d6:
ef:ca:5f:17:de:fd:38:23:27:bb:66:eb:44:aa:81:
d5:20:4a:80:e2:10:dd:9a:53:f7:4b:c9:6f:63:e6:
da:57:26:dc:78:16:80:12:da:be:7e:76:ea:fe:be:
6d:bb:eb:b2:4d:60:3f:1a:75:69:ed:26:00:23:e3:
0d:8a:7d:b1:e2:07:3b:59:39:c2:52:84:7c:7b:7a:
2d:2e:74:08:cb:ae:8e:a6:ff:b2:b4:fc:45:a1:ef:
21:d7:99:7e:26:73:27:32:7b:8a:04:1e:9a:3b:8f:
d3:16:ff:aa:49:d1:4a:50:06:cd:65:0e:20:ff:34:
d8:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:65:21:8B:97:D8:C6:A4:01:84:B5:77:52:D4:BD:ED:C1:E6:93:4A
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/LGUhi5fYxqQBhLV3UtS97cHmk0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
84:63:b5:ca:2a:8d:ab:98:09:ee:43:3c:ae:a7:8f:6a:fc:27:
6b:08:a8:2e:d1:d6:9b:76:65:33:50:c0:ac:12:35:7e:55:de:
a0:84:5b:b6:4a:84:c2:10:96:1d:16:8d:d4:d2:7d:04:24:23:
f0:e0:7b:5a:a9:e3:34:58:c0:51:76:59:ba:68:8a:31:ee:16:
8f:c2:62:3e:24:10:bd:5b:83:fa:cb:89:31:b0:60:9e:3d:0a:
18:e1:c0:5d:a2:03:30:0a:d2:55:a2:21:f7:5b:70:2e:2c:aa:
d5:72:1d:59:cd:62:d2:21:a1:d0:fd:25:32:f1:0d:ce:56:bb:
52:31:6d:d3:ba:e3:e5:ef:2b:a4:8d:e5:86:1e:54:7d:2f:9c:
f1:35:0d:a6:db:25:66:db:e3:ce:00:08:94:44:f0:4c:26:46:
c3:84:17:5c:e3:1d:36:26:c8:0e:72:b1:58:e1:34:eb:96:1f:
2a:9f:20:ce:5b:64:c1:da:bf:fd:46:53:28:75:68:9f:31:ca:
c8:31:0e:1e:99:b3:e5:40:d3:56:7e:0d:7b:e9:82:25:20:9d:
cf:4e:b4:0a:b0:ba:92:60:1f:05:af:57:9c:d0:d5:60:9f:a0:
a5:2f:30:e8:91:2f:ae:ba:87:b3:b5:80:8c:31:92:da:bb:7b:
53:74:95:18
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5bxkhShzmqfmCCbFgVcgMVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzIwMTIxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzY1MjE4Yjk3ZDhjNmE0MDE4NGI1Nzc1MmQ0YmRlZGMxZTY5MzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXnF0TnRgHfIAQkQODezbxDjwoH0
pqmUYfUP1SfszB6GPna5RCw2GU3W2kUPn/dMwJFtPfAdjYJPXnnCArAG/6MFzptF
J4diQj+gzI3H6+D3uBGJ8R8kMfNabXhEXZkDBo6+95xCx1uzP3yjWlCgzWbw4sXF
PIpcwUY7PhWeYETxm3mCY9bvyl8X3v04Iye7ZutEqoHVIEqA4hDdmlP3S8lvY+ba
VybceBaAEtq+fnbq/r5tu+uyTWA/GnVp7SYAI+MNin2x4gc7WTnCUoR8e3otLnQI
y66Opv+ytPxFoe8h15l+JnMnMnuKBB6aO4/TFv+qSdFKUAbNZQ4g/zTYZQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCxlIYuX2MakAYS1d1LUve3B5pNKMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTEdVaGk1Zll4cVFCaExWM1V0Uzk3Y0htazBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIRjtcoqjauYCe5DPK6n
j2r8J2sIqC7R1pt2ZTNQwKwSNX5V3qCEW7ZKhMIQlh0WjdTSfQQkI/Dge1qp4zRY
wFF2WbpoijHuFo/CYj4kEL1bg/rLiTGwYJ49ChjhwF2iAzAK0lWiIfdbcC4sqtVy
HVnNYtIhodD9JTLxDc5Wu1IxbdO64+XvK6SN5YYeVH0vnPE1DabbJWbb484ACJRE
8EwmRsOEF1zjHTYmyA5ysVjhNOuWHyqfIM5bZMHav/1GUyh1aJ8xysgxDh6Zs+VA
01Z+DXvpgiUgnc9OtAqwupJgHwWvV5zQ1WCfoKUvMOiRL666h7O1gIwxktq7e1N0
lRg=
-----END CERTIFICATE-----
Generated at Wed Mar 20 19:24:13 2024 by rpki-client on console.sobornost.net