Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/WElDdSvLoHPfDONjxlhCQVwrmvc.roa
File: WElDdSvLoHPfDONjxlhCQVwrmvc.roa (raw, json)
Hash identifier: 0MAf7IiHzoRkgI7VC1B3Fc/r8jX2d6O255egqWH+xKE=
Subject key identifier: 58:49:43:75:2B:CB:A0:73:DF:0C:E3:63:C6:58:42:41:5C:2B:9A:F7
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DF151D4379FF66565538F4C942AD4E1E5
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/WElDdSvLoHPfDONjxlhCQVwrmvc.roa
Signing time: Wed 28 Feb 2024 20:04:48 +0000
ROA not before: Wed 28 Feb 2024 20:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18d:f151:4c35/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 28 Feb 2024 20:12:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f1:51:d4:37:9f:f6:65:65:53:8f:4c:94:2a:d4:e1:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 28 20:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=584943752bcba073df0ce363c65842415c2b9af7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:f5:3c:2f:56:5e:68:13:54:6a:6c:19:e1:a5:
0a:f4:c3:52:a4:75:e3:c7:61:d2:a6:e5:e7:91:63:
65:75:74:58:85:ac:27:d1:bf:61:10:62:68:94:55:
8b:89:6c:bb:ac:c5:9d:a0:4f:f3:29:36:f9:36:d3:
d8:f7:0b:8f:07:a5:b3:83:68:4a:84:af:a6:79:d3:
a7:a6:66:2d:03:5a:78:37:14:2c:13:73:e7:56:30:
9f:ab:5e:9d:1d:fa:8f:bc:5b:66:eb:21:5a:2e:79:
1a:f7:e8:38:26:50:bb:a3:2d:90:99:ce:e0:75:87:
22:cb:76:f0:ed:62:98:b1:4d:3a:d2:d3:44:da:ac:
02:94:cd:1f:a6:1f:94:7f:6a:41:15:c4:98:cd:81:
db:12:79:3d:e1:78:b8:af:59:93:dd:93:67:51:eb:
c2:bc:2c:35:2d:83:90:69:58:5b:3b:59:f4:a1:58:
41:2d:40:7b:07:75:05:af:8a:6d:25:c1:9a:09:a1:
62:5f:0c:80:e5:52:c1:b5:ce:5c:7f:ea:c4:d3:d1:
2f:96:39:02:31:f5:26:f5:dc:92:e5:09:08:17:68:
7c:7a:07:a9:0e:70:a4:0b:9d:e4:09:e3:15:67:41:
be:41:c0:b0:9c:39:db:59:fa:e6:b3:7b:38:5b:a0:
01:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:49:43:75:2B:CB:A0:73:DF:0C:E3:63:C6:58:42:41:5C:2B:9A:F7
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/WElDdSvLoHPfDONjxlhCQVwrmvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0f:63:ab:ed:51:57:f5:55:c8:67:bd:fe:45:08:bd:1e:15:05:
2e:47:32:06:7c:42:dc:f4:27:99:c1:27:62:c3:64:a7:6b:07:
c3:a2:48:a5:24:a5:49:5b:5e:4b:5c:77:d4:a2:35:88:9d:78:
4c:a4:17:87:ae:d4:f8:3b:f6:7a:3b:00:c9:f5:1d:b2:d8:74:
94:6c:3c:a3:be:e0:44:f8:51:14:03:2f:5b:a8:c7:f1:03:5c:
41:e5:80:f7:0e:6d:92:fe:f1:be:ab:42:9f:86:45:6a:9a:be:
52:1b:25:e6:6b:8c:3d:70:a4:b3:6e:c4:65:a5:2c:d6:7b:7b:
d8:cd:2d:f7:91:49:8a:c4:8e:ce:f0:6b:99:2f:4c:67:1f:7c:
85:5f:be:46:61:62:73:cf:ff:15:33:97:bf:b9:71:ad:28:4c:
61:6c:f8:09:ba:6a:2b:d0:66:b0:11:ee:10:65:ce:e3:ab:0a:
e6:5a:e1:fc:e5:8c:a6:30:24:ef:b6:0a:e7:ce:39:b1:fa:e3:
01:26:88:43:ce:25:1a:32:f3:3d:36:24:23:21:1c:bf:a8:29:
57:ae:b8:f5:49:ca:61:7e:e2:0a:0d:7f:cb:5d:2b:d8:f4:cb:
f1:3a:cd:42:fc:11:04:d0:5f:d6:f5:89:4e:b7:82:a6:24:6a:
54:dc:d0:f8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3xUdQ3n/ZlZVOPTJQq1OHlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI4MjAwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODQ5NDM3NTJiY2JhMDczZGYwY2UzNjNjNjU4NDI0MTVjMmI5YWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfU8L1ZeaBNUamwZ4aUK9MNSpHXj
x2HSpuXnkWNldXRYhawn0b9hEGJolFWLiWy7rMWdoE/zKTb5NtPY9wuPB6Wzg2hK
hK+medOnpmYtA1p4NxQsE3PnVjCfq16dHfqPvFtm6yFaLnka9+g4JlC7oy2Qmc7g
dYciy3bw7WKYsU060tNE2qwClM0fph+Uf2pBFcSYzYHbEnk94Xi4r1mT3ZNnUevC
vCw1LYOQaVhbO1n0oVhBLUB7B3UFr4ptJcGaCaFiXwyA5VLBtc5cf+rE09EvljkC
MfUm9dyS5QkIF2h8egepDnCkC53kCeMVZ0G+QcCwnDnbWfrms3s4W6AB1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFhJQ3Ury6Bz3wzjY8ZYQkFcK5r3MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvV0VsRGRTdkxvSFBmRE9OanhsaENRVndybXZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA9jq+1RV/VVyGe9/kUI
vR4VBS5HMgZ8Qtz0J5nBJ2LDZKdrB8OiSKUkpUlbXktcd9SiNYideEykF4eu1Pg7
9no7AMn1HbLYdJRsPKO+4ET4URQDL1uox/EDXEHlgPcObZL+8b6rQp+GRWqavlIb
JeZrjD1wpLNuxGWlLNZ7e9jNLfeRSYrEjs7wa5kvTGcffIVfvkZhYnPP/xUzl7+5
ca0oTGFs+Am6aivQZrAR7hBlzuOrCuZa4fzljKYwJO+2CufOObH64wEmiEPOJRoy
8z02JCMhHL+oKVeuuPVJymF+4goNf8tdK9j0y/E6zUL8EQTQX9b1iU63gqYkalTc
0Pg=
-----END CERTIFICATE-----
Generated at Thu Feb 29 04:27:57 2024 by rpki-client on console.sobornost.net