Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/VhUgqYxQgU54Vo6QfghlQr-2KQs.roa
File: VhUgqYxQgU54Vo6QfghlQr-2KQs.roa (raw, json)
Hash identifier: AaK+LOnSutFO0pH3dXbP9EeZBuL3IX+vvwV8I/BoaiM=
Subject key identifier: 56:15:20:A9:8C:50:81:4E:78:56:8E:90:7E:08:65:42:BF:B6:29:0B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E4E42819DD93779345AD35BC9D16BC061
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/VhUgqYxQgU54Vo6QfghlQr-2KQs.roa
Signing time: Sun 17 Mar 2024 21:12:45 +0000
ROA not before: Sun 17 Mar 2024 21:12:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 17 Mar 2024 22:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:4e:42:81:9d:d9:37:79:34:5a:d3:5b:c9:d1:6b:c0:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 17 21:12:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=561520a98c50814e78568e907e086542bfb6290b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:fd:b7:a2:e3:ba:31:61:93:e9:d4:41:18:39:
ff:de:6a:14:77:cb:f5:2d:93:73:82:f5:ca:d9:ed:
d6:d8:2a:26:57:65:92:39:1f:8b:3d:f9:a2:d1:5f:
57:c9:e9:b2:4f:8f:a0:8f:9e:8e:50:95:53:8e:a4:
65:bc:a1:03:69:9d:58:7f:17:e7:d1:56:53:1b:d6:
90:b7:29:62:be:a7:9d:f0:e5:eb:70:5b:20:8f:ec:
96:3b:9a:d6:c1:50:09:db:dd:00:a5:f4:49:cc:1d:
ba:92:e3:e0:d7:c9:2a:8f:68:8d:62:bb:e1:d0:80:
e6:e4:f1:cb:33:35:1a:92:c6:d6:f8:d6:53:f4:7b:
0e:d5:a2:2c:b8:cb:30:7a:f4:2a:e7:8c:99:3d:29:
d2:13:09:ba:9a:cf:22:13:a5:77:30:83:f4:e7:f8:
3c:95:a1:5c:ee:71:98:79:01:d6:47:be:2e:90:27:
97:58:b2:24:d9:e2:31:dc:c9:40:65:2b:2a:fd:cd:
8a:c8:3f:56:0d:52:d6:f8:c9:ad:06:94:73:da:91:
3b:b2:5a:a1:8e:1b:af:6e:28:23:b0:8c:35:d3:0d:
28:a5:fe:c8:63:f5:d9:8b:8b:04:86:08:05:46:a2:
6d:db:11:01:0e:f9:91:50:4d:d1:4d:5c:b4:03:9e:
40:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:15:20:A9:8C:50:81:4E:78:56:8E:90:7E:08:65:42:BF:B6:29:0B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/VhUgqYxQgU54Vo6QfghlQr-2KQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
07:39:40:e2:d2:64:84:bf:94:cf:51:da:e7:42:dd:33:39:8b:
f3:7c:b9:0e:d6:3d:4c:c2:bd:df:b1:a3:88:fb:85:5e:63:20:
48:c0:ae:c3:c2:a9:b2:2b:df:3c:78:cd:bf:70:89:22:b9:05:
91:3b:8f:9d:2d:13:61:46:fe:64:bc:00:61:75:f4:4b:8e:e3:
19:38:d4:cf:5f:7c:5e:0b:5c:67:7b:d4:97:a3:cb:cc:38:2f:
e1:5b:34:8e:0e:46:b9:3c:e4:f5:10:fd:f2:60:4c:3b:f0:60:
9b:bb:a3:8b:c8:6f:2f:d6:21:77:cb:e0:b4:ca:9b:98:f8:d6:
09:cf:dd:bc:80:8f:93:19:aa:d6:0f:72:80:4f:1c:66:f6:c5:
e1:b3:be:1d:40:7e:0f:10:e1:61:45:2d:c9:5c:ec:ff:f8:65:
a3:af:a3:aa:53:c1:57:9e:ab:64:d7:6f:09:0c:57:2d:4c:91:
3b:b6:ef:0f:8f:d3:3a:0f:cf:04:57:64:9e:9a:78:45:07:51:
3a:1f:fa:4c:fa:d4:dc:6b:02:4c:33:0a:1d:a5:38:b3:9a:c8:
b3:ef:c5:5f:f8:84:58:57:e7:e1:3c:2f:14:bd:3a:b6:e6:a2:
28:d5:1b:35:c8:18:3e:e6:ab:40:3f:bf:5e:11:70:9a:f3:4b:
d6:c1:25:95
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5OQoGd2Td5NFrTW8nRa8BhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE3MjExMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjE1MjBhOThjNTA4MTRlNzg1NjhlOTA3ZTA4NjU0MmJmYjYyOTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/23ouO6MWGT6dRBGDn/3moUd8v1
LZNzgvXK2e3W2ComV2WSOR+LPfmi0V9XyemyT4+gj56OUJVTjqRlvKEDaZ1Yfxfn
0VZTG9aQtylivqed8OXrcFsgj+yWO5rWwVAJ290ApfRJzB26kuPg18kqj2iNYrvh
0IDm5PHLMzUaksbW+NZT9HsO1aIsuMswevQq54yZPSnSEwm6ms8iE6V3MIP05/g8
laFc7nGYeQHWR74ukCeXWLIk2eIx3MlAZSsq/c2KyD9WDVLW+MmtBpRz2pE7slqh
jhuvbigjsIw10w0opf7IY/XZi4sEhggFRqJt2xEBDvmRUE3RTVy0A55AuQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFYVIKmMUIFOeFaOkH4IZUK/tikLMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVmhVZ3FZeFFnVTU0Vm82UWZnaGxRci0yS1FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAc5QOLSZIS/lM9R2udC
3TM5i/N8uQ7WPUzCvd+xo4j7hV5jIEjArsPCqbIr3zx4zb9wiSK5BZE7j50tE2FG
/mS8AGF19EuO4xk41M9ffF4LXGd71Jejy8w4L+FbNI4ORrk85PUQ/fJgTDvwYJu7
o4vIby/WIXfL4LTKm5j41gnP3byAj5MZqtYPcoBPHGb2xeGzvh1Afg8Q4WFFLclc
7P/4ZaOvo6pTwVeeq2TXbwkMVy1MkTu27w+P0zoPzwRXZJ6aeEUHUTof+kz61Nxr
AkwzCh2lOLOayLPvxV/4hFhX5+E8LxS9OrbmoijVGzXIGD7mq0A/v14RcJrzS9bB
JZU=
-----END CERTIFICATE-----
Generated at Mon Mar 18 05:23:47 2024 by rpki-client on console.sobornost.net