Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Smhyzcrqhlk2_ktpOgVZh6I66O4.roa
File: Smhyzcrqhlk2_ktpOgVZh6I66O4.roa (raw, json)
Hash identifier: HXY2z09pA96VR0V88COOXLUqzYcc6rOfOrcUckgJL9I=
Subject key identifier: 4A:68:72:CD:CA:EA:86:59:36:FE:4B:69:3A:05:59:87:A2:3A:E8:EE
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E4FF90AF8EE19744493221FAEA18F30AA
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Smhyzcrqhlk2_ktpOgVZh6I66O4.roa
Signing time: Mon 18 Mar 2024 05:11:45 +0000
ROA not before: Mon 18 Mar 2024 05:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 18 Mar 2024 06:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:4f:f9:0a:f8:ee:19:74:44:93:22:1f:ae:a1:8f:30:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 18 05:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4a6872cdcaea865936fe4b693a055987a23ae8ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:01:54:2b:98:15:66:ff:f6:fb:16:d4:6d:3f:
f8:4b:f4:14:c4:e3:6e:71:1f:83:0f:cd:b4:a5:0b:
a8:d0:03:e1:51:1f:d6:b8:24:c4:70:c3:39:31:04:
4e:0f:71:9f:2f:c0:fe:c7:4f:3f:94:7e:ff:a4:18:
5e:de:00:b6:9a:5f:7a:50:92:a0:69:bc:4d:a6:45:
3e:b3:fc:49:2c:a5:8a:64:59:8c:a0:65:fa:63:e7:
3b:05:20:d9:a3:15:8a:7a:d1:23:9e:59:90:dc:e9:
ec:1f:c2:59:cf:1b:67:d8:4c:f7:ed:bd:34:b8:64:
cd:dc:c9:b4:1c:85:05:11:9d:b0:80:ef:47:b6:30:
f9:b9:46:31:f5:dc:1f:19:08:ce:99:f7:cf:69:97:
67:a5:e3:1e:cb:7c:d7:5a:19:67:a6:24:77:27:62:
29:94:4d:e0:3d:a5:e4:81:4b:cc:73:af:66:b2:b6:
8a:71:86:b0:9f:41:aa:29:13:f2:ea:07:c9:62:bb:
f3:6d:e9:8e:70:ca:79:31:09:24:1a:6c:1e:20:f8:
3d:91:6f:e2:80:bf:a6:f1:88:36:6e:d9:cc:8c:1c:
68:11:86:ba:93:fc:24:4e:e2:e5:93:e0:77:13:91:
47:36:af:66:97:d8:d5:ad:67:9e:67:f3:72:cd:68:
52:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:68:72:CD:CA:EA:86:59:36:FE:4B:69:3A:05:59:87:A2:3A:E8:EE
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Smhyzcrqhlk2_ktpOgVZh6I66O4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a3:1f:23:8c:01:02:ab:e6:ff:4c:f2:87:43:a5:de:c9:57:8b:
98:d3:98:ec:fc:d0:cb:bb:ec:d0:49:45:95:09:da:df:0f:3c:
77:08:b4:bd:af:1b:2a:12:85:e2:dd:21:30:96:78:d9:8a:67:
92:d3:6d:6c:5b:6a:2e:8f:65:73:3e:18:97:89:39:53:31:f5:
22:49:f2:99:06:4f:88:a4:01:d6:cf:f0:7d:ac:f9:d4:05:05:
14:26:16:28:e9:11:c5:c7:fa:19:0b:97:bd:10:d2:9e:a6:a2:
85:ff:10:b2:fb:41:49:aa:5b:9d:e8:2b:02:9e:67:3b:a9:67:
f5:d2:25:c6:b6:29:ca:3c:8d:ca:93:8f:31:8b:63:6d:f0:70:
75:08:68:31:67:2d:b9:89:7b:35:a9:72:28:cb:87:5c:07:6a:
29:24:87:d5:d5:d0:b2:dd:30:e4:bb:6e:0c:77:ce:8a:df:0a:
b5:a0:b3:2a:02:35:4d:83:c5:c5:86:05:3a:76:fd:39:9a:63:
52:85:3f:ea:3e:76:6f:05:7e:11:5a:e0:11:58:4b:be:0c:de:
3c:09:89:ad:88:fe:a8:60:24:c3:59:00:00:2b:16:b1:0a:ce:
05:f8:f9:17:ab:55:e6:8f:6a:21:b0:77:32:18:ef:33:6c:12:
0d:27:6f:54
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5P+Qr47hl0RJMiH66hjzCqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE4MDUxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTY4NzJjZGNhZWE4NjU5MzZmZTRiNjkzYTA1NTk4N2EyM2FlOGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwFUK5gVZv/2+xbUbT/4S/QUxONu
cR+DD820pQuo0APhUR/WuCTEcMM5MQROD3GfL8D+x08/lH7/pBhe3gC2ml96UJKg
abxNpkU+s/xJLKWKZFmMoGX6Y+c7BSDZoxWKetEjnlmQ3OnsH8JZzxtn2Ez37b00
uGTN3Mm0HIUFEZ2wgO9HtjD5uUYx9dwfGQjOmffPaZdnpeMey3zXWhlnpiR3J2Ip
lE3gPaXkgUvMc69msraKcYawn0GqKRPy6gfJYrvzbemOcMp5MQkkGmweIPg9kW/i
gL+m8Yg2btnMjBxoEYa6k/wkTuLlk+B3E5FHNq9ml9jVrWeeZ/NyzWhSSwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEpocs3K6oZZNv5LaToFWYeiOujuMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvU21oeXpjcnFobGsyX2t0cE9nVlpoNkk2Nk80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKMfI4wBAqvm/0zyh0Ol
3slXi5jTmOz80Mu77NBJRZUJ2t8PPHcItL2vGyoSheLdITCWeNmKZ5LTbWxbai6P
ZXM+GJeJOVMx9SJJ8pkGT4ikAdbP8H2s+dQFBRQmFijpEcXH+hkLl70Q0p6mooX/
ELL7QUmqW53oKwKeZzupZ/XSJca2Kco8jcqTjzGLY23wcHUIaDFnLbmJezWpcijL
h1wHaikkh9XV0LLdMOS7bgx3zorfCrWgsyoCNU2DxcWGBTp2/TmaY1KFP+o+dm8F
fhFa4BFYS74M3jwJia2I/qhgJMNZAAArFrEKzgX4+RerVeaPaiGwdzIY7zNsEg0n
b1Q=
-----END CERTIFICATE-----
Generated at Mon Mar 18 10:32:37 2024 by rpki-client on console.sobornost.net