Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TMy0dgMpNfiGW8Evlf4_8rQ485s.roa
File: TMy0dgMpNfiGW8Evlf4_8rQ485s.roa (raw, json)
Hash identifier: MhepAofUphuP5MtqokT2eUL7rxK0XPZpfR+IlW/VGRk=
Subject key identifier: 4C:CC:B4:76:03:29:35:F8:86:5B:C1:2F:95:FE:3F:F2:B4:38:F3:9B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E9DA8209179956C4272C57E617B32DB02
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TMy0dgMpNfiGW8Evlf4_8rQ485s.roa
Signing time: Tue 02 Apr 2024 07:13:44 +0000
ROA not before: Tue 02 Apr 2024 07:13:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 02 Apr 2024 08:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9d:a8:20:91:79:95:6c:42:72:c5:7e:61:7b:32:db:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 2 07:13:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4cccb476032935f8865bc12f95fe3ff2b438f39b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:25:b7:ac:aa:2c:63:87:e5:d5:16:e3:f1:ab:
d7:18:02:ad:1c:03:a5:f1:1d:6d:6e:e5:39:c4:02:
9a:71:a7:12:fb:37:3e:0d:17:3e:9c:fd:5e:bd:db:
69:fd:10:1d:fd:f3:29:7f:b1:a3:09:9d:b2:db:ea:
81:da:39:2b:0b:a9:5c:e0:74:42:04:eb:06:e4:7f:
7c:f3:07:74:13:5c:cb:0c:e9:42:b6:3f:74:88:ec:
53:f6:80:b6:58:8c:15:28:b2:84:05:ff:54:ba:6b:
45:cb:06:f4:69:60:04:50:80:d4:3a:2f:a6:f8:fc:
68:c0:be:a9:da:be:94:bc:d0:ef:45:ce:9f:0c:58:
96:96:2e:be:2b:27:c8:0b:50:a0:94:65:e8:31:be:
c8:ee:43:7e:d3:0c:95:9d:8d:f5:bd:71:08:d5:06:
5c:40:c5:23:f2:27:3a:46:29:01:24:c2:ef:db:64:
58:96:b7:ed:45:bc:ac:5f:46:ab:81:11:ab:9c:bd:
96:d9:a6:26:ef:29:18:73:c6:1d:ab:23:7d:5c:6c:
96:5e:13:40:ce:91:69:d9:68:e3:6b:22:66:f7:89:
96:9d:38:e5:3a:cd:38:3e:62:9b:10:eb:14:a5:53:
de:54:dc:91:fd:c5:54:b9:1a:19:c6:58:6e:4d:28:
d3:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:CC:B4:76:03:29:35:F8:86:5B:C1:2F:95:FE:3F:F2:B4:38:F3:9B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TMy0dgMpNfiGW8Evlf4_8rQ485s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0f:81:4a:ac:8d:a6:d6:54:bc:d8:b2:37:52:f4:ef:ce:3e:1b:
2b:5c:77:e6:86:10:38:1f:55:2b:13:22:c1:aa:81:8d:5d:c4:
5a:b4:3f:a3:83:d4:27:97:87:9d:9a:1c:30:ac:21:b8:d7:ad:
c5:bd:97:7b:ec:55:8b:47:a9:e2:db:27:4f:8c:0e:ea:18:ea:
39:87:21:06:9d:a5:ea:d2:a9:70:5b:aa:79:70:1f:6e:02:9f:
61:fa:ae:f3:76:15:b0:c0:34:0a:53:11:ee:5d:22:ad:5f:f7:
c9:d1:c6:9d:47:e7:97:c7:b6:4c:14:04:46:d5:11:86:82:21:
be:b9:83:7f:dd:09:bb:c9:5f:da:e4:ce:df:db:98:6e:11:51:
92:5e:29:5c:95:e1:d0:b2:8d:1f:4c:53:b6:99:5d:6d:b5:c5:
ee:ca:1b:25:bb:40:d8:a5:d3:5a:f2:5b:b6:38:b3:cc:5d:a2:
f7:38:f8:6b:82:92:e5:fa:17:e2:3d:ad:6e:8a:71:b0:29:04:
1f:a9:13:37:89:5d:67:84:6c:3f:fc:47:de:fc:d1:3a:b4:c6:
a3:da:ec:a6:40:2b:48:2f:13:a4:49:c3:83:11:f7:7e:fd:08:
d4:4e:4c:7b:66:43:cb:2e:47:34:80:e6:5b:b7:55:1b:27:95:
2d:de:91:00
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6dqCCReZVsQnLFfmF7MtsCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDAyMDcxMzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2NjYjQ3NjAzMjkzNWY4ODY1YmMxMmY5NWZlM2ZmMmI0MzhmMzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8yW3rKosY4fl1Rbj8avXGAKtHAOl
8R1tbuU5xAKacacS+zc+DRc+nP1evdtp/RAd/fMpf7GjCZ2y2+qB2jkrC6lc4HRC
BOsG5H988wd0E1zLDOlCtj90iOxT9oC2WIwVKLKEBf9UumtFywb0aWAEUIDUOi+m
+PxowL6p2r6UvNDvRc6fDFiWli6+KyfIC1CglGXoMb7I7kN+0wyVnY31vXEI1QZc
QMUj8ic6RikBJMLv22RYlrftRbysX0argRGrnL2W2aYm7ykYc8YdqyN9XGyWXhNA
zpFp2WjjayJm94mWnTjlOs04PmKbEOsUpVPeVNyR/cVUuRoZxlhuTSjTgQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEzMtHYDKTX4hlvBL5X+P/K0OPObMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVE15MGRnTXBOZmlHVzhFdmxmNF84clE0ODVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA+BSqyNptZUvNiyN1L0
784+Gytcd+aGEDgfVSsTIsGqgY1dxFq0P6OD1CeXh52aHDCsIbjXrcW9l3vsVYtH
qeLbJ0+MDuoY6jmHIQadperSqXBbqnlwH24Cn2H6rvN2FbDANApTEe5dIq1f98nR
xp1H55fHtkwUBEbVEYaCIb65g3/dCbvJX9rkzt/bmG4RUZJeKVyV4dCyjR9MU7aZ
XW21xe7KGyW7QNil01ryW7Y4s8xdovc4+GuCkuX6F+I9rW6KcbApBB+pEzeJXWeE
bD/8R9780Tq0xqPa7KZAK0gvE6RJw4MR9379CNROTHtmQ8suRzSA5lu3VRsnlS3e
kQA=
-----END CERTIFICATE-----
Generated at Tue Apr 2 14:04:06 2024 by rpki-client on console.sobornost.net