Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/OAcvH3xlL8J1Tz04oZlb9QB3yvs.roa
File: OAcvH3xlL8J1Tz04oZlb9QB3yvs.roa (raw, json)
Hash identifier: 3kGOjvGi87TY0paizxJiKiUpQ4zlx/Za1lQIDeAhllU=
Subject key identifier: 38:07:2F:1F:7C:65:2F:C2:75:4F:3D:38:A1:99:5B:F5:00:77:CA:FB
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E38CC6D82D112229284DC6F8386528EF0
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/OAcvH3xlL8J1Tz04oZlb9QB3yvs.roa
Signing time: Wed 13 Mar 2024 17:11:45 +0000
ROA not before: Wed 13 Mar 2024 17:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 13 Mar 2024 18:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:38:cc:6d:82:d1:12:22:92:84:dc:6f:83:86:52:8e:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 13 17:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38072f1f7c652fc2754f3d38a1995bf50077cafb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b4:33:e3:0e:37:aa:a6:be:07:d5:4a:e4:f8:
98:6a:ec:a5:61:b4:88:f4:2e:65:d4:e7:69:ac:df:
b6:4d:31:ca:38:11:23:1c:1e:54:d4:cd:a6:a8:5a:
34:c6:ec:23:de:e8:9e:a3:8b:3a:14:88:f5:fa:46:
20:73:44:50:64:ec:6c:dc:f3:f7:d1:cc:be:56:d2:
1d:48:9e:d6:3a:9c:e8:d3:aa:20:69:b8:9a:a1:fb:
a7:9d:92:cd:10:0a:c7:50:7e:fb:4f:52:f4:e5:80:
96:c0:b3:1d:4b:c6:aa:27:9c:50:92:fc:db:d1:16:
76:eb:a5:33:ad:f5:f2:05:63:c3:b3:51:f5:d4:b7:
ea:54:fb:97:bb:63:b8:dd:13:63:1c:a2:f3:2b:c7:
96:b1:2f:a9:12:a8:42:ae:16:19:ae:aa:34:26:47:
ae:ff:69:26:7d:8f:2f:d3:11:48:3f:14:cb:42:c9:
1d:ed:07:5c:60:4a:18:96:20:f7:1e:5f:75:aa:7f:
63:f0:a4:91:3e:5f:c9:3e:6f:b8:83:5e:6a:e3:65:
fd:ff:b2:bc:e9:50:9c:97:9b:46:72:97:13:c2:a3:
b5:07:e6:61:25:5d:95:5d:bf:30:85:e3:98:f9:6d:
96:e6:c8:11:94:20:fc:66:83:6e:6a:4f:23:65:e2:
6b:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:07:2F:1F:7C:65:2F:C2:75:4F:3D:38:A1:99:5B:F5:00:77:CA:FB
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/OAcvH3xlL8J1Tz04oZlb9QB3yvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
52:ca:63:d1:67:61:e3:3b:33:2c:78:60:9b:08:ec:d3:9a:09:
42:23:30:07:ee:9d:5e:8c:25:93:7f:d4:2b:b4:c4:19:c4:be:
13:4d:3f:4e:1e:32:b4:ff:9b:42:11:d7:de:72:d1:31:b3:5e:
ed:24:2d:d1:8b:5e:bf:be:83:24:21:32:9a:6b:35:94:33:c6:
b2:67:e6:52:3b:8f:34:d2:d9:b2:68:dc:3a:2c:3b:6f:c2:b4:
5e:78:97:53:17:bc:e9:0f:6f:12:07:96:58:b0:aa:7a:b8:e7:
64:55:29:d9:fd:6f:d0:cb:76:b2:da:b3:3c:e8:ed:bf:10:b8:
25:bc:ea:f0:12:b4:23:c8:1e:cf:38:07:85:82:82:30:8c:41:
b6:f6:a8:83:71:6e:5f:a3:62:22:f2:25:67:32:d6:07:be:fa:
4f:8b:c5:fc:0f:dd:5a:e3:36:27:14:d3:6a:0f:77:ef:fd:04:
0a:49:ac:8b:c2:39:41:b9:28:74:54:69:c5:f4:9f:e2:67:3d:
cc:f1:47:74:dc:b9:00:41:4e:b9:93:c4:a9:4f:c4:c7:e0:5e:
98:a1:f1:66:09:4f:75:ab:a7:ff:cf:db:e9:ac:43:75:c7:ce:
a8:20:0d:55:21:1d:c8:79:1a:3d:b7:f3:a8:a9:6b:63:c4:01:
45:43:6c:7b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY44zG2C0RIikoTcb4OGUo7wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzEzMTcxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODA3MmYxZjdjNjUyZmMyNzU0ZjNkMzhhMTk5NWJmNTAwNzdjYWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7Qz4w43qqa+B9VK5PiYauylYbSI
9C5l1OdprN+2TTHKOBEjHB5U1M2mqFo0xuwj3uieo4s6FIj1+kYgc0RQZOxs3PP3
0cy+VtIdSJ7WOpzo06ogabiaofunnZLNEArHUH77T1L05YCWwLMdS8aqJ5xQkvzb
0RZ266UzrfXyBWPDs1H11LfqVPuXu2O43RNjHKLzK8eWsS+pEqhCrhYZrqo0Jkeu
/2kmfY8v0xFIPxTLQskd7QdcYEoYliD3Hl91qn9j8KSRPl/JPm+4g15q42X9/7K8
6VCcl5tGcpcTwqO1B+ZhJV2VXb8wheOY+W2W5sgRlCD8ZoNuak8jZeJrtQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDgHLx98ZS/CdU89OKGZW/UAd8r7MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvT0FjdkgzeGxMOEoxVHowNG9abGI5UUIzeXZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFLKY9FnYeM7Myx4YJsI
7NOaCUIjMAfunV6MJZN/1Cu0xBnEvhNNP04eMrT/m0IR195y0TGzXu0kLdGLXr++
gyQhMpprNZQzxrJn5lI7jzTS2bJo3DosO2/CtF54l1MXvOkPbxIHlliwqnq452RV
Kdn9b9DLdrLaszzo7b8QuCW86vAStCPIHs84B4WCgjCMQbb2qINxbl+jYiLyJWcy
1ge++k+LxfwP3VrjNicU02oPd+/9BApJrIvCOUG5KHRUacX0n+JnPczxR3TcuQBB
TrmTxKlPxMfgXpih8WYJT3Wrp//P2+msQ3XHzqggDVUhHch5Gj2386ipa2PEAUVD
bHs=
-----END CERTIFICATE-----
Generated at Thu Mar 14 01:13:13 2024 by rpki-client on console.sobornost.net