Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Uz-qCFaDxbpozaeZHPu93YY_vns.roa
File: Uz-qCFaDxbpozaeZHPu93YY_vns.roa (raw, json)
Hash identifier: VtiaPydUFdGJkQRlj9BtlKq4ij+XZo+RoJNvJ6wgIRE=
Subject key identifier: 53:3F:AA:08:56:83:C5:BA:68:CD:A7:99:1C:FB:BD:DD:86:3F:BE:7B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018ECD7F78CF707328431F950FA56B5D7C87
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Uz-qCFaDxbpozaeZHPu93YY_vns.roa
Signing time: Thu 11 Apr 2024 14:11:06 +0000
ROA not before: Thu 11 Apr 2024 14:11:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 11 Apr 2024 15:05:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cd:7f:78:cf:70:73:28:43:1f:95:0f:a5:6b:5d:7c:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 11 14:11:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=533faa085683c5ba68cda7991cfbbddd863fbe7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c6:dd:b0:76:ac:2c:9e:27:54:6b:37:55:86:
bb:b4:45:b7:60:9d:8e:d7:f7:c3:33:dd:5f:6f:e5:
ff:fc:25:a4:95:95:39:3a:1a:88:a1:83:4f:7b:62:
f3:b7:dd:28:13:5f:82:f5:f7:47:0b:62:a9:03:d6:
54:46:cd:4f:10:32:9b:b1:74:57:23:58:66:52:3f:
1b:e4:f2:0d:8e:12:ca:b4:4b:36:61:eb:57:73:c0:
b7:3c:ba:84:ff:62:ad:e9:c5:3b:4b:cb:c8:79:23:
63:48:ae:5b:3b:68:c9:2c:ea:59:ee:ea:ac:4b:79:
b0:82:12:67:56:a1:82:2d:41:ba:c3:05:b2:12:7f:
dc:e5:25:41:ad:04:a9:5e:27:f7:cb:fa:4e:a1:a1:
d0:f7:ca:45:08:06:bb:00:bf:1b:c6:e1:84:d3:5a:
ff:ff:29:d8:d6:b7:61:68:64:a4:f0:78:2e:6b:ad:
be:b8:4b:53:b5:3e:02:06:59:d3:32:ff:a2:05:e5:
e5:0f:1e:c6:44:aa:f4:5e:57:ca:fc:d2:ba:f6:5c:
d9:db:28:04:ce:0f:fc:ea:fc:27:74:f4:97:9c:9c:
1c:a7:65:45:fe:77:57:f5:86:78:68:ce:c7:a8:e4:
79:5f:ef:44:cb:75:23:c8:d1:3a:b6:2a:5b:ac:83:
fa:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:3F:AA:08:56:83:C5:BA:68:CD:A7:99:1C:FB:BD:DD:86:3F:BE:7B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Uz-qCFaDxbpozaeZHPu93YY_vns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5b:68:9c:45:0a:df:d8:05:e3:45:c0:04:8d:13:16:0b:35:e4:
46:6d:7d:b6:99:7b:43:b0:7c:62:18:ae:19:54:da:f7:7a:79:
cb:44:bd:3b:a5:e9:fe:53:fc:7b:ed:1e:a9:cd:61:47:e6:e9:
89:96:f7:4f:1c:a7:b0:66:4a:1d:d0:7f:86:33:df:9b:3c:71:
e7:0a:92:eb:54:fc:3e:0a:e7:b4:c6:fc:96:06:47:ee:45:7c:
0f:48:a1:52:67:8e:3c:e8:de:13:30:75:ee:ea:d3:d0:d1:27:
a5:56:a1:33:31:6d:df:fa:61:30:27:36:0c:c1:86:f7:3d:56:
e1:88:c1:18:56:ed:a8:72:d3:9b:e6:3e:ba:36:cd:11:33:ac:
70:50:12:4b:b6:26:7e:bb:7e:98:a7:d5:f3:ee:cb:92:71:8c:
1e:60:7c:7d:57:07:88:32:42:8e:44:d6:b6:b4:ea:fe:ed:f9:
00:a8:c1:ab:29:16:e6:bb:be:00:7a:e4:5b:8f:3a:92:28:64:
29:4a:d1:b9:a9:a8:44:2a:1c:ec:6f:4f:f8:20:f3:4c:e5:64:
1f:03:dd:22:13:ee:31:e3:fe:b5:9b:f9:c1:28:c3:45:77:29:
74:40:97:27:62:d6:d5:13:e6:b5:8b:b4:ea:86:f6:fe:7c:bb:
e7:8b:de:36
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7Nf3jPcHMoQx+VD6VrXXyHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDExMTQxMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzNmYWEwODU2ODNjNWJhNjhjZGE3OTkxY2ZiYmRkZDg2M2ZiZTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscbdsHasLJ4nVGs3VYa7tEW3YJ2O
1/fDM91fb+X//CWklZU5OhqIoYNPe2Lzt90oE1+C9fdHC2KpA9ZURs1PEDKbsXRX
I1hmUj8b5PINjhLKtEs2YetXc8C3PLqE/2Kt6cU7S8vIeSNjSK5bO2jJLOpZ7uqs
S3mwghJnVqGCLUG6wwWyEn/c5SVBrQSpXif3y/pOoaHQ98pFCAa7AL8bxuGE01r/
/ynY1rdhaGSk8Hgua62+uEtTtT4CBlnTMv+iBeXlDx7GRKr0XlfK/NK69lzZ2ygE
zg/86vwndPSXnJwcp2VF/ndX9YZ4aM7HqOR5X+9Ey3UjyNE6tipbrIP6lwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFM/qghWg8W6aM2nmRz7vd2GP757MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVXotcUNGYUR4YnBvemFlWkhQdTkzWVlfdm5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFtonEUK39gF40XABI0T
Fgs15EZtfbaZe0OwfGIYrhlU2vd6ectEvTul6f5T/HvtHqnNYUfm6YmW908cp7Bm
Sh3Qf4Yz35s8cecKkutU/D4K57TG/JYGR+5FfA9IoVJnjjzo3hMwde7q09DRJ6VW
oTMxbd/6YTAnNgzBhvc9VuGIwRhW7ahy05vmPro2zREzrHBQEku2Jn67fpin1fPu
y5JxjB5gfH1XB4gyQo5E1ra06v7t+QCowaspFua7vgB65FuPOpIoZClK0bmpqEQq
HOxvT/gg80zlZB8D3SIT7jHj/rWb+cEow0V3KXRAlydi1tUT5rWLtOqG9v58u+eL
3jY=
-----END CERTIFICATE-----
Generated at Thu Apr 11 20:58:46 2024 by rpki-client on console.sobornost.net