Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/T-8Fso68RCUdK-Ew8NXyFuOiZao.roa
File: T-8Fso68RCUdK-Ew8NXyFuOiZao.roa (raw, json)
Hash identifier: NSEHI/0A/9SGXMp1iBFE6DwcVcm0UFRTuXC0PhHXIAE=
Subject key identifier: 4F:EF:05:B2:8E:BC:44:25:1D:2B:E1:30:F0:D5:F2:16:E3:A2:65:AA
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E06615F27B738BB19D87B31660968DDE4
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/T-8Fso68RCUdK-Ew8NXyFuOiZao.roa
Signing time: Sun 03 Mar 2024 22:13:48 +0000
ROA not before: Sun 03 Mar 2024 22:13:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 03 Mar 2024 23:04:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:06:61:5f:27:b7:38:bb:19:d8:7b:31:66:09:68:dd:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 3 22:13:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4fef05b28ebc44251d2be130f0d5f216e3a265aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:47:75:93:a2:1b:40:22:36:3c:8e:5d:f4:8c:
1f:6b:94:d6:6f:63:53:16:7e:01:d9:57:b9:8f:da:
d0:cc:4b:eb:0a:d9:29:89:b2:91:7e:fd:85:2f:36:
50:c5:3a:fa:e5:72:ed:2e:78:4c:b4:0a:8f:ca:24:
c9:24:d4:e6:3b:d2:09:ca:cc:3b:75:59:e0:5b:b3:
ff:42:97:64:1c:4d:a8:e2:94:f5:bf:bd:3e:a9:5b:
69:af:22:b3:a3:48:84:41:49:81:4e:d9:78:26:58:
f4:6a:4d:06:e6:8e:25:07:7f:ba:b0:da:5a:8d:0b:
fe:04:d2:bb:19:a9:7b:6e:f1:ac:41:fc:a3:48:eb:
73:2a:4c:87:db:f8:b5:ef:43:39:af:e0:42:f4:9e:
ab:dc:72:a5:d9:6f:96:18:68:75:3a:db:c2:cb:21:
3b:a2:c5:fb:26:06:e3:60:89:53:65:7f:44:50:c9:
72:95:6d:13:a7:ff:8e:25:0c:78:ce:69:7b:7c:c0:
1e:3c:7f:e5:b6:f8:85:ec:7a:af:4e:4e:24:de:2f:
b0:b5:16:c0:ba:5d:5f:ae:3b:a8:ce:fa:ca:57:61:
bd:3b:e0:80:8d:c4:84:cd:36:8f:40:68:e0:35:6e:
7e:16:98:2b:b1:8a:eb:36:1e:59:07:34:9b:36:da:
d0:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:EF:05:B2:8E:BC:44:25:1D:2B:E1:30:F0:D5:F2:16:E3:A2:65:AA
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/T-8Fso68RCUdK-Ew8NXyFuOiZao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3a:55:ef:d6:4e:6b:69:ec:1e:28:82:b6:c7:48:e4:f9:eb:20:
60:13:d1:f7:0e:c1:0a:ec:85:77:c8:6c:f4:4e:c3:56:49:d6:
e9:af:e8:fc:dd:c3:75:53:4e:54:85:50:0f:6e:3b:8b:fc:01:
1a:8c:3a:81:06:61:23:dc:ff:80:eb:62:ba:04:f7:82:1c:92:
37:7f:80:73:ac:b3:00:c0:08:32:a1:b9:35:9b:9e:23:15:f8:
23:75:35:73:c3:4f:76:2a:5c:db:c6:4a:38:bb:ad:44:6f:22:
1c:09:38:66:26:71:96:93:3d:16:9b:00:b7:ca:eb:73:11:5c:
b3:d9:8a:e6:43:e0:9e:d8:d6:b8:b9:ba:bf:28:f3:d1:17:2d:
2f:80:55:e0:64:b1:b3:c3:c9:a0:78:97:5f:a6:aa:7f:b9:0a:
43:b7:ab:28:aa:87:8e:73:1c:b6:9f:35:74:1c:42:9a:bf:55:
e0:9c:66:16:bb:55:2f:e3:22:09:6b:38:a3:a8:c4:5f:95:50:
ce:92:fb:89:95:04:0c:d9:22:29:33:6b:75:f2:4b:c6:1e:f3:
33:93:cc:79:9d:c5:38:d6:b6:8f:e4:62:88:1b:16:73:a5:40:
1a:32:2b:7f:52:51:79:c2:03:26:e7:4c:b7:4d:c9:39:aa:69:
bf:01:24:13
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4GYV8ntzi7Gdh7MWYJaN3kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzAzMjIxMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmVmMDViMjhlYmM0NDI1MWQyYmUxMzBmMGQ1ZjIxNmUzYTI2NWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukd1k6IbQCI2PI5d9Iwfa5TWb2NT
Fn4B2Ve5j9rQzEvrCtkpibKRfv2FLzZQxTr65XLtLnhMtAqPyiTJJNTmO9IJysw7
dVngW7P/QpdkHE2o4pT1v70+qVtpryKzo0iEQUmBTtl4Jlj0ak0G5o4lB3+6sNpa
jQv+BNK7Gal7bvGsQfyjSOtzKkyH2/i170M5r+BC9J6r3HKl2W+WGGh1OtvCyyE7
osX7JgbjYIlTZX9EUMlylW0Tp/+OJQx4zml7fMAePH/ltviF7HqvTk4k3i+wtRbA
ul1frjuozvrKV2G9O+CAjcSEzTaPQGjgNW5+FpgrsYrrNh5ZBzSbNtrQnwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE/vBbKOvEQlHSvhMPDV8hbjomWqMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVC04RnNvNjhSQ1VkSy1FdzhOWHlGdU9pWmFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADpV79ZOa2nsHiiCtsdI
5PnrIGAT0fcOwQrshXfIbPROw1ZJ1umv6Pzdw3VTTlSFUA9uO4v8ARqMOoEGYSPc
/4DrYroE94Ickjd/gHOsswDACDKhuTWbniMV+CN1NXPDT3YqXNvGSji7rURvIhwJ
OGYmcZaTPRabALfK63MRXLPZiuZD4J7Y1ri5ur8o89EXLS+AVeBksbPDyaB4l1+m
qn+5CkO3qyiqh45zHLafNXQcQpq/VeCcZha7VS/jIglrOKOoxF+VUM6S+4mVBAzZ
Iikza3XyS8Ye8zOTzHmdxTjWto/kYogbFnOlQBoyK39SUXnCAybnTLdNyTmqab8B
JBM=
-----END CERTIFICATE-----
Generated at Mon Mar 4 06:08:35 2024 by rpki-client on console.sobornost.net