Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/M7y7OFWxEtkM9XMGJhBxOOm587w.roa
File: M7y7OFWxEtkM9XMGJhBxOOm587w.roa (raw, json)
Hash identifier: Dn8BraGQ51u1xw03qP/6rM1tdtoiUyWtYYyw1TL2juM=
Subject key identifier: 33:BC:BB:38:55:B1:12:D9:0C:F5:73:06:26:10:71:38:E9:B9:F3:BC
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EAD85C2D2173D3E84D5B869CE18917B8E
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/M7y7OFWxEtkM9XMGJhBxOOm587w.roa
Signing time: Fri 05 Apr 2024 09:10:08 +0000
ROA not before: Fri 05 Apr 2024 09:10:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 05 Apr 2024 10:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ad:85:c2:d2:17:3d:3e:84:d5:b8:69:ce:18:91:7b:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 5 09:10:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33bcbb3855b112d90cf5730626107138e9b9f3bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:79:85:82:1b:5e:99:82:9b:e3:9b:4b:e4:1c:
91:c0:f3:e9:64:b7:13:7e:14:7b:c0:a3:4e:fc:5a:
32:85:db:02:ee:bf:85:09:61:63:cb:60:56:24:ee:
de:e1:9e:b4:76:bf:bc:87:de:18:15:41:04:81:1d:
a2:70:39:94:d5:f8:07:16:22:a8:93:1b:7a:0a:2a:
dc:99:29:9d:48:6a:c2:82:47:17:d7:87:48:e5:f3:
29:f7:d9:0f:b3:d8:fd:e9:99:db:47:1d:bb:ff:1c:
ec:e1:01:45:b9:8c:45:f0:8d:03:30:7d:4a:51:4d:
4d:dd:5e:2d:d5:f3:02:de:a0:1c:ea:ba:43:df:1d:
62:88:15:e7:51:0a:c2:a2:60:d3:e3:59:fc:26:86:
0e:6d:ff:48:ca:d2:6c:8b:95:2a:22:97:66:57:20:
86:28:3a:ed:c3:09:f2:08:98:f7:d4:30:99:b6:db:
40:f4:3e:33:00:30:08:1c:54:01:cf:be:77:69:21:
c7:a1:7c:b2:ea:a2:20:89:fb:cb:9e:ee:94:3c:f5:
fa:ea:ac:c7:3f:80:87:96:0a:1b:87:75:b0:1a:d4:
89:87:38:f4:ad:50:61:d6:30:7d:7a:3f:25:7d:8d:
17:4b:73:ec:ec:e0:b6:0d:d4:e7:79:f1:b2:48:2f:
5c:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:BC:BB:38:55:B1:12:D9:0C:F5:73:06:26:10:71:38:E9:B9:F3:BC
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/M7y7OFWxEtkM9XMGJhBxOOm587w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8f:05:84:5d:e1:bc:bf:57:91:15:51:13:a7:9a:07:ae:f1:ad:
f2:5a:95:6e:d3:ad:9f:0b:ae:e5:4c:32:21:df:75:7f:2c:03:
e1:d8:89:b1:f1:59:27:ad:88:bd:13:44:5b:21:48:71:2c:e7:
1b:16:23:ec:54:de:39:99:25:6b:c7:07:01:22:d6:d0:c8:fd:
a4:65:81:2e:58:b3:e5:33:45:10:e7:9e:f9:cb:a2:9a:ef:58:
b3:d7:d2:df:61:6b:46:fb:05:a0:33:1e:58:30:cf:52:77:2b:
8d:d8:80:1f:95:9d:81:06:cd:cd:84:92:5a:c8:5f:e2:3d:7f:
d9:fe:10:33:8a:cc:24:a7:75:91:1e:75:f5:b1:4a:8c:e4:95:
da:0b:c9:10:5b:51:e5:ee:fc:59:2a:6e:f0:44:37:bd:53:49:
98:ed:ca:bc:8a:9b:2e:9b:de:0b:d7:87:12:d4:4e:b8:b9:2a:
8e:a5:cb:e9:c3:02:42:a2:00:c1:37:f9:e3:82:84:df:80:ae:
0b:f5:01:ff:7e:25:4c:55:64:b4:8e:35:70:8a:db:59:2e:88:
49:e0:b1:2d:68:37:fd:dc:71:df:d9:68:f3:31:65:e4:cd:5e:
07:01:ec:83:c7:3d:cf:67:6b:05:16:b2:cc:b5:47:93:fe:ad:
50:87:43:6a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6thcLSFz0+hNW4ac4YkXuOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA1MDkxMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2JjYmIzODU1YjExMmQ5MGNmNTczMDYyNjEwNzEzOGU5YjlmM2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunmFghtemYKb45tL5ByRwPPpZLcT
fhR7wKNO/FoyhdsC7r+FCWFjy2BWJO7e4Z60dr+8h94YFUEEgR2icDmU1fgHFiKo
kxt6CircmSmdSGrCgkcX14dI5fMp99kPs9j96ZnbRx27/xzs4QFFuYxF8I0DMH1K
UU1N3V4t1fMC3qAc6rpD3x1iiBXnUQrComDT41n8JoYObf9IytJsi5UqIpdmVyCG
KDrtwwnyCJj31DCZtttA9D4zADAIHFQBz753aSHHoXyy6qIgifvLnu6UPPX66qzH
P4CHlgobh3WwGtSJhzj0rVBh1jB9ej8lfY0XS3Ps7OC2DdTnefGySC9cpQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDO8uzhVsRLZDPVzBiYQcTjpufO8MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTTd5N09GV3hFdGtNOVhNR0poQnhPT201ODd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI8FhF3hvL9XkRVRE6ea
B67xrfJalW7TrZ8LruVMMiHfdX8sA+HYibHxWSetiL0TRFshSHEs5xsWI+xU3jmZ
JWvHBwEi1tDI/aRlgS5Ys+UzRRDnnvnLoprvWLPX0t9ha0b7BaAzHlgwz1J3K43Y
gB+VnYEGzc2EklrIX+I9f9n+EDOKzCSndZEedfWxSozkldoLyRBbUeXu/FkqbvBE
N71TSZjtyryKmy6b3gvXhxLUTri5Ko6ly+nDAkKiAME3+eOChN+Argv1Af9+JUxV
ZLSONXCK21kuiEngsS1oN/3ccd/ZaPMxZeTNXgcB7IPHPc9nawUWssy1R5P+rVCH
Q2o=
-----END CERTIFICATE-----
Generated at Fri Apr 5 15:53:56 2024 by rpki-client on console.sobornost.net