Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/VvmodvMK_VtfZDRzEpKvB5DmVWc.roa
File: VvmodvMK_VtfZDRzEpKvB5DmVWc.roa (raw, json)
Hash identifier: c+VJIqUM9//DxY5lYr7Xpw0qtUVYaGKie+5R14cnVIc=
Subject key identifier: 56:F9:A8:76:F3:0A:FD:5B:5F:64:34:73:12:92:AF:07:90:E6:55:67
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E69EFC555CF32E093B26CC4FFB1653AF3
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/VvmodvMK_VtfZDRzEpKvB5DmVWc.roa
Signing time: Sat 23 Mar 2024 06:11:45 +0000
ROA not before: Sat 23 Mar 2024 06:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 23 Mar 2024 07:04:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:69:ef:c5:55:cf:32:e0:93:b2:6c:c4:ff:b1:65:3a:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 23 06:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=56f9a876f30afd5b5f6434731292af0790e65567
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a9:b4:47:e7:7e:e8:24:65:a8:58:26:34:72:
b4:e0:a1:02:21:95:6d:4d:3a:06:5e:6f:76:c4:bc:
6c:1d:bc:ec:78:93:78:7e:57:2a:1d:d8:14:01:85:
33:cc:44:1e:48:c1:b6:ca:23:e9:19:12:6c:7d:a5:
79:f2:c4:cb:a6:2a:d4:f1:e1:95:35:c6:62:8c:e3:
2b:a5:21:65:db:c5:a6:9b:fc:6b:c4:ab:1b:a6:da:
15:ee:8a:a1:d7:48:42:90:9f:56:03:53:b3:32:25:
ed:ef:06:03:ed:95:1b:3b:d3:17:de:44:d4:fe:f3:
f7:65:09:f1:bc:da:ed:3f:2d:ad:8e:7d:7d:ff:49:
c0:0e:6a:1f:a9:79:70:e9:05:cc:df:4b:b9:d0:1b:
45:c4:9b:6e:f4:21:ff:15:65:30:f5:fc:1e:ce:62:
79:a1:7d:bf:bf:04:d9:cc:2f:f1:fa:af:26:86:df:
61:d7:b4:56:b4:b2:29:cc:40:9a:8f:4d:8d:85:d9:
b9:6a:bc:09:fd:ba:bb:04:f2:9c:4c:62:28:d6:15:
62:63:ca:c6:d7:b0:af:df:c7:19:78:a9:f1:1b:5e:
94:b9:14:5a:e6:ec:25:7e:68:ec:5d:9c:93:8c:c2:
fa:62:73:05:84:6e:49:fe:8b:bd:03:5a:8e:53:23:
41:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:F9:A8:76:F3:0A:FD:5B:5F:64:34:73:12:92:AF:07:90:E6:55:67
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/VvmodvMK_VtfZDRzEpKvB5DmVWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6b:60:d7:8a:66:28:6c:19:65:86:ef:b0:22:50:6a:8f:77:15:
ef:38:da:05:d3:41:dc:5a:25:58:6e:8c:67:30:38:67:27:3e:
83:6f:fe:6e:dc:ff:5f:a6:2e:e0:22:e3:77:5b:c3:1b:35:f6:
25:eb:3d:e4:90:72:32:5f:ae:1a:02:28:dc:84:a5:59:ab:9f:
31:28:b7:0d:e8:f2:a0:0c:13:50:ce:cc:c3:e8:26:ba:a3:cf:
ee:f9:e9:63:a1:ca:b0:06:51:d4:b9:e8:73:5f:32:86:a1:3d:
e4:9d:71:c5:f0:f4:80:a8:b8:9e:41:4c:59:00:5c:f3:2d:94:
14:ee:05:cb:32:d1:d7:0a:7b:67:78:93:15:93:c2:88:f1:b4:
b2:b4:da:f2:dc:45:35:12:5a:12:c2:de:06:c3:da:2e:23:a6:
df:9c:0c:b2:18:01:80:a4:88:a6:06:ed:e2:7c:5a:89:2a:26:
44:11:f5:52:f3:40:fb:75:3f:e4:b6:40:ee:7d:e5:9d:41:1b:
bc:d0:0d:e2:ca:b8:be:64:c2:83:b5:87:0d:52:62:da:62:03:
9b:06:d7:36:a0:02:17:12:b2:63:da:58:a7:e8:61:e1:c9:b9:
1a:99:77:69:24:fe:8d:3d:d7:9d:16:4b:15:9f:18:d8:3c:c2:
f7:c2:df:19
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5p78VVzzLgk7JsxP+xZTrzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzIzMDYxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmY5YTg3NmYzMGFmZDViNWY2NDM0NzMxMjkyYWYwNzkwZTY1NTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKm0R+d+6CRlqFgmNHK04KECIZVt
TToGXm92xLxsHbzseJN4flcqHdgUAYUzzEQeSMG2yiPpGRJsfaV58sTLpirU8eGV
NcZijOMrpSFl28Wmm/xrxKsbptoV7oqh10hCkJ9WA1OzMiXt7wYD7ZUbO9MX3kTU
/vP3ZQnxvNrtPy2tjn19/0nADmofqXlw6QXM30u50BtFxJtu9CH/FWUw9fwezmJ5
oX2/vwTZzC/x+q8mht9h17RWtLIpzECaj02Nhdm5arwJ/bq7BPKcTGIo1hViY8rG
17Cv38cZeKnxG16UuRRa5uwlfmjsXZyTjML6YnMFhG5J/ou9A1qOUyNBgwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFb5qHbzCv1bX2Q0cxKSrweQ5lVnMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVnZtb2R2TUtfVnRmWkRSekVwS3ZCNURtVldjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGtg14pmKGwZZYbvsCJQ
ao93Fe842gXTQdxaJVhujGcwOGcnPoNv/m7c/1+mLuAi43dbwxs19iXrPeSQcjJf
rhoCKNyEpVmrnzEotw3o8qAME1DOzMPoJrqjz+756WOhyrAGUdS56HNfMoahPeSd
ccXw9ICouJ5BTFkAXPMtlBTuBcsy0dcKe2d4kxWTwojxtLK02vLcRTUSWhLC3gbD
2i4jpt+cDLIYAYCkiKYG7eJ8WokqJkQR9VLzQPt1P+S2QO595Z1BG7zQDeLKuL5k
woO1hw1SYtpiA5sG1zagAhcSsmPaWKfoYeHJuRqZd2kk/o09150WSxWfGNg8wvfC
3xk=
-----END CERTIFICATE-----
Generated at Sat Mar 23 11:09:57 2024 by rpki-client on console.sobornost.net