Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/PbC5Hg8jQK0dkZjOPUnj9RFL2ks.roa
File: PbC5Hg8jQK0dkZjOPUnj9RFL2ks.roa (raw, json)
Hash identifier: 6W6TA3FYrD2Fbg+OmdvJVIntnifM904qG2WcJdHx6zI=
Subject key identifier: 3D:B0:B9:1E:0F:23:40:AD:1D:91:98:CE:3D:49:E3:F5:11:4B:DA:4B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E5634CE5353FA7862601F09D7A849A43B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/PbC5Hg8jQK0dkZjOPUnj9RFL2ks.roa
Signing time: Tue 19 Mar 2024 10:14:45 +0000
ROA not before: Tue 19 Mar 2024 10:14:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 19 Mar 2024 11:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:56:34:ce:53:53:fa:78:62:60:1f:09:d7:a8:49:a4:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 19 10:14:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3db0b91e0f2340ad1d9198ce3d49e3f5114bda4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3d:0b:9a:ba:c2:82:12:d3:c0:43:4d:f6:88:
20:97:08:c9:c6:31:48:12:8b:21:46:60:73:6a:de:
3d:f1:dc:1b:3d:fe:a1:4d:99:9a:b6:6c:f6:80:99:
8e:b8:61:9f:df:a4:b8:38:5f:c2:04:69:d8:8e:61:
32:03:c6:77:be:c4:52:d1:65:e6:ec:f4:fb:d8:56:
79:1a:09:1d:09:2a:82:33:f3:8c:75:72:72:9f:ed:
5f:a9:68:28:fd:ac:18:a2:4e:fb:88:dd:b3:03:3d:
ce:3a:f6:4f:8d:92:f3:16:ef:c5:a3:83:16:1e:ad:
2f:ce:74:2b:c6:79:ce:5c:0d:2b:0a:59:68:e7:49:
70:69:b5:52:ef:5e:f2:b8:9c:9d:8c:54:04:d4:6e:
b0:2a:34:dc:3e:6e:6c:e7:06:92:0e:20:75:c0:ac:
b7:08:72:f4:86:2d:5e:59:66:c0:de:22:e6:42:99:
ae:77:8a:a8:96:d1:a3:a9:48:41:1d:9f:79:cb:ef:
42:f9:d1:d1:72:ed:5b:18:da:2e:fc:00:46:ae:e5:
51:9c:b9:8b:a6:c2:96:e3:b3:48:e0:ff:d0:b0:b2:
7e:2d:25:42:58:2b:f4:e6:3f:a8:9c:d5:2f:56:de:
77:bb:3b:ee:9f:44:fb:26:35:75:37:15:d1:ab:e4:
5c:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:B0:B9:1E:0F:23:40:AD:1D:91:98:CE:3D:49:E3:F5:11:4B:DA:4B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/PbC5Hg8jQK0dkZjOPUnj9RFL2ks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
41:b4:02:f1:85:9b:20:4f:df:f4:1f:92:cd:b9:4f:c1:c1:f4:
69:6c:d7:3c:2e:0f:7b:01:1d:1e:db:79:30:72:ec:4c:9c:fc:
5e:59:e4:84:e2:34:50:ab:60:9c:3d:5c:f2:75:07:4c:d1:de:
c2:72:74:d2:3a:90:8d:0b:3c:4f:8b:1e:b3:de:60:17:14:5a:
39:47:fa:90:68:d1:0c:ec:c3:f0:1d:7b:fd:5e:5d:b9:fa:ba:
22:bd:87:d0:92:06:a6:45:e6:e2:74:a1:68:eb:81:8e:23:7a:
1b:2a:91:30:61:0e:33:dc:9c:c7:10:07:0a:a1:b8:5c:72:63:
d7:0b:c7:1d:07:3c:82:a9:9b:4c:74:f2:2d:e6:0a:28:c8:7a:
17:8a:84:92:56:6f:3c:d0:60:a7:ec:03:01:dc:be:3f:40:fe:
f9:ec:ff:65:0f:c3:55:df:94:81:a3:51:b6:9e:cd:9d:28:a8:
05:7e:a0:b5:2a:77:0c:d0:69:29:e5:33:a3:20:25:9e:69:98:
e7:3c:1b:b4:1f:33:5f:ae:95:73:6f:10:60:d9:5d:38:fe:55:
89:f0:89:8a:e8:ee:7c:22:16:f3:0b:df:3d:1b:34:ec:dc:9a:
dc:8a:1b:0a:2f:63:9f:f0:4c:48:b0:7a:ce:c1:87:88:8f:82:
33:3c:f0:f6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5WNM5TU/p4YmAfCdeoSaQ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE5MTAxNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGIwYjkxZTBmMjM0MGFkMWQ5MTk4Y2UzZDQ5ZTNmNTExNGJkYTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvT0LmrrCghLTwENN9ogglwjJxjFI
EoshRmBzat498dwbPf6hTZmatmz2gJmOuGGf36S4OF/CBGnYjmEyA8Z3vsRS0WXm
7PT72FZ5GgkdCSqCM/OMdXJyn+1fqWgo/awYok77iN2zAz3OOvZPjZLzFu/Fo4MW
Hq0vznQrxnnOXA0rCllo50lwabVS717yuJydjFQE1G6wKjTcPm5s5waSDiB1wKy3
CHL0hi1eWWbA3iLmQpmud4qoltGjqUhBHZ95y+9C+dHRcu1bGNou/ABGruVRnLmL
psKW47NI4P/QsLJ+LSVCWCv05j+onNUvVt53uzvun0T7JjV1NxXRq+RcMQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD2wuR4PI0CtHZGYzj1J4/URS9pLMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUGJDNUhnOGpRSzBka1pqT1BVbmo5UkZMMmtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEG0AvGFmyBP3/Qfks25
T8HB9Gls1zwuD3sBHR7beTBy7Eyc/F5Z5ITiNFCrYJw9XPJ1B0zR3sJydNI6kI0L
PE+LHrPeYBcUWjlH+pBo0Qzsw/Ade/1eXbn6uiK9h9CSBqZF5uJ0oWjrgY4jehsq
kTBhDjPcnMcQBwqhuFxyY9cLxx0HPIKpm0x08i3mCijIeheKhJJWbzzQYKfsAwHc
vj9A/vns/2UPw1XflIGjUbaezZ0oqAV+oLUqdwzQaSnlM6MgJZ5pmOc8G7QfM1+u
lXNvEGDZXTj+VYnwiYro7nwiFvML3z0bNOzcmtyKGwovY5/wTEiwes7Bh4iPgjM8
8PY=
-----END CERTIFICATE-----
Generated at Tue Mar 19 17:19:05 2024 by rpki-client on console.sobornost.net