Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/MxCoH6dc73E6t17W0g4UZV9My3Y.roa
File: MxCoH6dc73E6t17W0g4UZV9My3Y.roa (raw, json)
Hash identifier: 1y5dmQOAlcbOTJmM+k8rsurNZtV3z/md+p7myFn8hMQ=
Subject key identifier: 33:10:A8:1F:A7:5C:EF:71:3A:B7:5E:D6:D2:0E:14:65:5F:4C:CB:76
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EA0A756BA3E153383A55E7E8C5E082F4E
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/MxCoH6dc73E6t17W0g4UZV9My3Y.roa
Signing time: Tue 02 Apr 2024 21:11:45 +0000
ROA not before: Tue 02 Apr 2024 21:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 02 Apr 2024 22:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a0:a7:56:ba:3e:15:33:83:a5:5e:7e:8c:5e:08:2f:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 2 21:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3310a81fa75cef713ab75ed6d20e14655f4ccb76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:e1:6d:b1:7a:d4:a5:db:b4:f6:49:29:1b:1e:
74:95:1a:49:bf:71:f5:6b:f2:bc:71:c7:5b:3d:41:
f6:98:73:a0:36:e8:de:79:e0:4f:f2:92:ee:1b:d2:
bf:61:57:39:d0:bc:c3:b2:88:83:1b:3c:40:76:ce:
f8:3c:e1:b4:15:14:b0:1a:23:72:a3:91:5e:f7:29:
c2:de:9e:3f:29:e2:d7:63:b4:f6:00:b5:90:ca:09:
54:fc:a3:27:9b:04:35:fe:b5:88:fd:28:a4:26:26:
e5:bd:9d:40:0c:2b:95:44:2c:24:8a:8b:20:89:43:
78:d8:12:0b:48:2d:16:87:ff:af:2c:0e:e9:15:ae:
5e:05:f7:b5:48:58:85:f9:de:63:94:dc:99:5f:6d:
98:e7:46:b6:4f:6a:c9:ed:1f:73:bf:55:8d:dd:17:
e8:e4:b8:22:71:23:0d:8c:de:18:e5:b0:78:b1:6a:
66:45:d0:ca:e7:3a:04:30:eb:e7:a5:02:67:8f:32:
18:60:67:c6:2c:d7:0c:a5:2c:54:0d:29:fc:7a:26:
d5:99:84:62:40:a1:c2:18:97:7d:8b:ae:9d:23:e9:
59:75:fb:47:63:59:b9:74:1b:dc:36:d3:64:e4:d8:
47:e5:e7:12:82:4d:07:e3:ca:06:e6:6d:22:da:b8:
f1:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:10:A8:1F:A7:5C:EF:71:3A:B7:5E:D6:D2:0E:14:65:5F:4C:CB:76
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/MxCoH6dc73E6t17W0g4UZV9My3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8e:1e:b9:f9:5f:12:a4:c0:02:4f:76:ea:29:a9:bd:4d:10:bb:
5a:92:d0:9c:e9:41:cf:7c:0b:d0:06:03:53:8d:f0:06:42:d7:
3d:bc:11:11:d1:a1:c5:c6:c9:3a:d0:38:80:15:77:27:a2:80:
28:3e:90:3d:35:ef:ab:01:04:76:df:00:80:6f:6d:2d:e2:ca:
cb:8c:43:f2:39:e0:0b:d9:85:69:4e:bd:03:8a:3a:d5:1e:45:
2b:d2:28:07:13:2b:db:53:6b:34:38:72:f0:51:19:c9:d5:5c:
21:e1:41:4d:48:98:41:09:c3:88:b3:f1:e4:96:02:f6:50:12:
9e:9d:90:2b:53:81:ea:a9:c3:a3:04:8d:c4:7a:ab:d8:a3:f7:
38:b5:b1:4b:6d:19:9a:4f:e5:a4:31:34:e3:57:1c:56:77:6e:
ff:4f:e6:40:05:a1:53:98:fc:dd:b9:49:3c:3d:bf:6b:46:51:
05:d4:e1:31:bd:94:f6:98:49:bf:0b:f8:50:c7:8e:a5:74:12:
fe:a0:29:db:c2:86:42:f1:ac:d7:94:4f:6b:24:6e:50:7a:a1:
b3:a7:63:20:e3:45:4a:43:c6:3d:24:12:02:e4:6f:19:ea:86:
f4:fc:b6:e2:28:cf:0b:52:7d:7b:5d:85:47:b9:23:6a:d9:4d:
08:11:3d:3a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6gp1a6PhUzg6VefoxeCC9OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDAyMjExMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzEwYTgxZmE3NWNlZjcxM2FiNzVlZDZkMjBlMTQ2NTVmNGNjYjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOFtsXrUpdu09kkpGx50lRpJv3H1
a/K8ccdbPUH2mHOgNujeeeBP8pLuG9K/YVc50LzDsoiDGzxAds74POG0FRSwGiNy
o5Fe9ynC3p4/KeLXY7T2ALWQyglU/KMnmwQ1/rWI/SikJiblvZ1ADCuVRCwkiosg
iUN42BILSC0Wh/+vLA7pFa5eBfe1SFiF+d5jlNyZX22Y50a2T2rJ7R9zv1WN3Rfo
5LgicSMNjN4Y5bB4sWpmRdDK5zoEMOvnpQJnjzIYYGfGLNcMpSxUDSn8eibVmYRi
QKHCGJd9i66dI+lZdftHY1m5dBvcNtNk5NhH5ecSgk0H48oG5m0i2rjxOQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDMQqB+nXO9xOrde1tIOFGVfTMt2MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTXhDb0g2ZGM3M0U2dDE3VzBnNFVaVjlNeTNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI4euflfEqTAAk926imp
vU0Qu1qS0JzpQc98C9AGA1ON8AZC1z28ERHRocXGyTrQOIAVdyeigCg+kD0176sB
BHbfAIBvbS3iysuMQ/I54AvZhWlOvQOKOtUeRSvSKAcTK9tTazQ4cvBRGcnVXCHh
QU1ImEEJw4iz8eSWAvZQEp6dkCtTgeqpw6MEjcR6q9ij9zi1sUttGZpP5aQxNONX
HFZ3bv9P5kAFoVOY/N25STw9v2tGUQXU4TG9lPaYSb8L+FDHjqV0Ev6gKdvChkLx
rNeUT2skblB6obOnYyDjRUpDxj0kEgLkbxnqhvT8tuIozwtSfXtdhUe5I2rZTQgR
PTo=
-----END CERTIFICATE-----
Generated at Wed Apr 3 06:11:30 2024 by rpki-client on console.sobornost.net