Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Vx1Vn55V6BTmV_t2jtJ2bqwVKCI.roa
File: Vx1Vn55V6BTmV_t2jtJ2bqwVKCI.roa (raw, json)
Hash identifier: 0pzg9HlknCC8rSIQ0OsxV3Y0ilQtIdUeEHSa0Pq3rRE=
Subject key identifier: 57:1D:55:9F:9E:55:E8:14:E6:57:FB:76:8E:D2:76:6E:AC:15:28:22
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DF3EA80ECA2816391E71C4BB37D483E7A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Vx1Vn55V6BTmV_t2jtJ2bqwVKCI.roa
Signing time: Thu 29 Feb 2024 08:10:48 +0000
ROA not before: Thu 29 Feb 2024 08:10:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 29 Feb 2024 09:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f3:ea:80:ec:a2:81:63:91:e7:1c:4b:b3:7d:48:3e:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 29 08:10:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=571d559f9e55e814e657fb768ed2766eac152822
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:8b:15:3a:14:42:24:b1:98:2e:a4:3a:16:bf:
57:59:9d:ef:02:2a:01:4f:be:7c:49:ee:5e:ff:d0:
fe:32:e6:93:d0:cd:e8:21:a1:b7:2d:b0:0b:7d:b1:
c0:5a:d8:9a:df:d7:d0:fc:12:ee:52:2c:ac:41:b9:
c8:65:44:91:ae:59:71:4d:cb:61:b4:a2:b5:4d:8b:
5b:d3:ca:6c:47:f3:78:53:14:37:51:88:df:09:c9:
de:a2:38:8b:ee:e2:e8:cf:87:57:89:d5:83:fa:0a:
62:fe:d6:fb:83:e9:37:a4:2b:13:97:e5:91:27:aa:
7c:ca:16:4a:dd:1a:2f:31:84:43:db:71:3b:f4:c9:
02:66:bd:44:f3:b4:e3:f5:44:cf:64:e1:bb:cd:ca:
d9:9f:a0:70:36:2c:c6:c7:e9:a9:c9:c0:d7:d9:40:
6d:b4:e4:57:f0:c9:54:74:47:57:81:10:de:4c:a6:
9f:2d:f0:0c:d0:44:51:7f:b6:a3:a7:10:2f:e3:b9:
b0:ed:03:26:08:75:4e:29:f9:9e:bb:53:58:a8:e4:
c6:ec:85:9a:e9:d9:a1:4f:56:09:90:31:77:29:3e:
40:ff:ec:bf:1f:64:c5:9c:84:a4:d6:3f:ac:ad:a5:
fd:ce:ab:99:eb:f1:14:0c:59:dd:4c:3a:22:a2:57:
cd:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:1D:55:9F:9E:55:E8:14:E6:57:FB:76:8E:D2:76:6E:AC:15:28:22
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Vx1Vn55V6BTmV_t2jtJ2bqwVKCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5b:1c:cd:ec:d5:4f:9c:04:38:47:01:f2:f6:99:80:0f:e2:8d:
2f:16:91:02:1f:8c:f6:ae:25:88:26:4f:66:7d:54:90:33:17:
5d:b6:53:1e:48:d8:1d:33:48:92:f6:71:e8:4c:b1:e4:66:c2:
43:08:ac:aa:9f:e6:cb:25:65:9e:ab:a0:30:7a:99:96:2f:1e:
6a:de:1d:98:df:1f:c3:60:81:59:a8:fb:2b:c6:3a:b1:6a:b5:
ce:a2:59:e0:5a:fa:bf:ee:b6:dc:f6:df:86:23:42:8e:15:7a:
ed:88:7c:48:83:64:64:68:6a:68:59:96:84:a9:b3:7c:79:0a:
d6:41:4b:37:65:fa:6d:e8:e1:e7:b5:58:cf:ba:c3:32:db:a4:
93:e5:61:3b:9f:51:d5:22:02:eb:4d:e2:17:bc:ba:2f:c2:88:
a5:b9:6b:fd:f4:55:94:d0:24:76:b8:61:7a:45:80:17:02:c8:
65:7d:9a:b8:53:61:e3:ca:db:46:e6:e8:e0:35:b2:2e:b8:f7:
4e:dd:65:21:6d:30:30:a7:a6:0a:59:df:98:49:b3:e2:e1:ad:
7d:41:db:09:be:1a:ff:7e:ce:7e:7e:fe:1a:b3:87:7a:4c:69:
f0:9b:d6:a6:24:99:df:e4:c3:01:73:1c:24:71:5a:6c:e8:8c:
27:39:ff:5d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3z6oDsooFjkeccS7N9SD56MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI5MDgxMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzFkNTU5ZjllNTVlODE0ZTY1N2ZiNzY4ZWQyNzY2ZWFjMTUyODIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzIsVOhRCJLGYLqQ6Fr9XWZ3vAioB
T758Se5e/9D+MuaT0M3oIaG3LbALfbHAWtia39fQ/BLuUiysQbnIZUSRrllxTcth
tKK1TYtb08psR/N4UxQ3UYjfCcneojiL7uLoz4dXidWD+gpi/tb7g+k3pCsTl+WR
J6p8yhZK3RovMYRD23E79MkCZr1E87Tj9UTPZOG7zcrZn6BwNizGx+mpycDX2UBt
tORX8MlUdEdXgRDeTKafLfAM0ERRf7ajpxAv47mw7QMmCHVOKfmeu1NYqOTG7IWa
6dmhT1YJkDF3KT5A/+y/H2TFnISk1j+sraX9zquZ6/EUDFndTDoiolfNtwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFcdVZ+eVegU5lf7do7Sdm6sFSgiMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVngxVm41NVY2QlRtVl90Mmp0SjJicXdWS0NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFsczezVT5wEOEcB8vaZ
gA/ijS8WkQIfjPauJYgmT2Z9VJAzF122Ux5I2B0zSJL2cehMseRmwkMIrKqf5ssl
ZZ6roDB6mZYvHmreHZjfH8NggVmo+yvGOrFqtc6iWeBa+r/uttz234YjQo4Veu2I
fEiDZGRoamhZloSps3x5CtZBSzdl+m3o4ee1WM+6wzLbpJPlYTufUdUiAutN4he8
ui/CiKW5a/30VZTQJHa4YXpFgBcCyGV9mrhTYePK20bm6OA1si64907dZSFtMDCn
pgpZ35hJs+LhrX1B2wm+Gv9+zn5+/hqzh3pMafCb1qYkmd/kwwFzHCRxWmzojCc5
/10=
-----END CERTIFICATE-----
Generated at Thu Feb 29 14:16:45 2024 by rpki-client on console.sobornost.net