Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/L_PNEjfQ-QWywm-IvXLheC6BE0U.roa
File: L_PNEjfQ-QWywm-IvXLheC6BE0U.roa (raw, json)
Hash identifier: NYw/s0y8a0ZgWbzd/gjgcA4YmIWNvUy+hOX+21nltIw=
Subject key identifier: 2F:F3:CD:12:37:D0:F9:05:B2:C2:6F:88:BD:72:E1:78:2E:81:13:45
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E2DD9484DBEB72667C9F1762441555F58
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/L_PNEjfQ-QWywm-IvXLheC6BE0U.roa
Signing time: Mon 11 Mar 2024 14:09:58 +0000
ROA not before: Mon 11 Mar 2024 14:09:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 11 Mar 2024 15:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2d:d9:48:4d:be:b7:26:67:c9:f1:76:24:41:55:5f:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 11 14:09:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ff3cd1237d0f905b2c26f88bd72e1782e811345
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f9:39:89:50:ae:bf:e9:c2:86:e9:3b:fa:48:
6a:a0:43:ef:42:69:8d:87:0b:a1:60:b7:c4:b5:1c:
fb:a5:16:ce:cc:d6:13:64:8d:a3:ae:19:80:7e:7d:
52:74:06:73:5f:21:0b:65:b3:bf:0a:52:e4:96:96:
25:10:ad:41:bd:c6:24:da:f9:ec:61:56:d2:9d:ef:
94:58:56:fb:db:ac:e3:c6:b9:8e:c3:ba:b4:1e:c7:
63:86:da:09:e1:ac:a3:f7:bd:13:8b:ba:e0:88:94:
17:2f:d3:d2:61:d5:23:1b:02:c2:7b:43:be:a9:2f:
ee:6e:91:94:ab:55:6a:72:43:c3:0f:e6:42:f9:b9:
01:4a:85:5f:4f:34:48:10:04:85:1a:55:13:93:4a:
bc:c7:fe:1f:95:b9:91:1d:1d:10:b5:7d:87:35:de:
69:98:fe:4b:e2:94:1e:6a:ad:f4:3b:c5:ed:76:f5:
bd:0c:c3:a7:fb:ca:08:5a:ed:b6:be:60:07:26:d4:
d9:49:0f:11:38:95:f8:72:63:b7:6e:33:e1:5a:70:
d2:28:a5:43:24:64:03:3e:e5:d8:76:4a:4f:6a:6b:
2a:d6:bc:99:ba:2f:dc:39:ac:23:b3:af:0a:42:94:
5c:ca:20:a6:95:c9:da:a0:92:ea:bd:86:27:c7:38:
30:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:F3:CD:12:37:D0:F9:05:B2:C2:6F:88:BD:72:E1:78:2E:81:13:45
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/L_PNEjfQ-QWywm-IvXLheC6BE0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0a:55:2c:4b:e7:bc:3f:dd:3a:44:fc:f5:0b:06:f5:d8:f7:ed:
1c:f5:a3:11:21:46:e5:72:7d:a9:2e:1a:bf:20:02:08:f2:5d:
ed:70:42:8c:86:a8:ff:fd:9c:5e:51:d1:89:73:be:ca:cf:43:
1d:be:4f:57:64:76:4c:13:b0:85:ea:5f:35:f5:bc:94:26:b7:
89:e0:26:66:1f:d4:7c:52:26:08:36:da:b3:f3:be:ab:ba:7b:
d4:85:e5:7f:73:fb:98:88:6c:bc:0a:f9:83:31:c8:c3:97:e6:
24:7f:05:0a:32:fa:22:b0:6d:31:37:6f:38:67:ba:e9:10:09:
da:38:ec:02:58:2c:dc:1a:7e:63:e4:26:cb:49:cc:47:d5:d3:
cf:72:83:73:38:d3:b8:64:9c:bd:47:f2:0b:05:ab:5a:01:fd:
c0:da:2a:76:4e:45:e4:ea:48:39:b4:62:0f:04:46:a1:f4:23:
b8:93:38:09:10:81:b5:04:52:f4:41:63:40:c1:e0:2c:2b:4c:
0f:ce:cd:6d:4a:66:85:da:68:6c:ed:cd:ba:ac:fb:9e:5e:7b:
8e:57:25:a9:37:8d:8a:c0:a1:81:e6:15:15:5e:3e:95:c0:47:
82:c5:a4:62:c3:02:05:40:90:cb:79:90:b1:18:aa:72:6d:5c:
4e:72:87:79
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4t2UhNvrcmZ8nxdiRBVV9YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzExMTQwOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmYzY2QxMjM3ZDBmOTA1YjJjMjZmODhiZDcyZTE3ODJlODExMzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovk5iVCuv+nChuk7+khqoEPvQmmN
hwuhYLfEtRz7pRbOzNYTZI2jrhmAfn1SdAZzXyELZbO/ClLklpYlEK1BvcYk2vns
YVbSne+UWFb726zjxrmOw7q0HsdjhtoJ4ayj970Ti7rgiJQXL9PSYdUjGwLCe0O+
qS/ubpGUq1VqckPDD+ZC+bkBSoVfTzRIEASFGlUTk0q8x/4flbmRHR0QtX2HNd5p
mP5L4pQeaq30O8XtdvW9DMOn+8oIWu22vmAHJtTZSQ8ROJX4cmO3bjPhWnDSKKVD
JGQDPuXYdkpPamsq1ryZui/cOawjs68KQpRcyiCmlcnaoJLqvYYnxzgwywIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC/zzRI30PkFssJviL1y4XgugRNFMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTF9QTkVqZlEtUVd5d20tSXZYTGhlQzZCRTBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAApVLEvnvD/dOkT89QsG
9dj37Rz1oxEhRuVyfakuGr8gAgjyXe1wQoyGqP/9nF5R0YlzvsrPQx2+T1dkdkwT
sIXqXzX1vJQmt4ngJmYf1HxSJgg22rPzvqu6e9SF5X9z+5iIbLwK+YMxyMOX5iR/
BQoy+iKwbTE3bzhnuukQCdo47AJYLNwafmPkJstJzEfV089yg3M407hknL1H8gsF
q1oB/cDaKnZOReTqSDm0Yg8ERqH0I7iTOAkQgbUEUvRBY0DB4CwrTA/OzW1KZoXa
aGztzbqs+55ee45XJak3jYrAoYHmFRVePpXAR4LFpGLDAgVAkMt5kLEYqnJtXE5y
h3k=
-----END CERTIFICATE-----
Generated at Mon Mar 11 21:33:14 2024 by rpki-client on console.sobornost.net