Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/X9w5qh2KLD5-xSA5QnNFGpCx2IQ.roa
File: X9w5qh2KLD5-xSA5QnNFGpCx2IQ.roa (raw, json)
Hash identifier: Zz0HW/AM3cF/RWfqu/sxtKij0x0uxe92THnlwmL2+0Y=
Subject key identifier: 5F:DC:39:AA:1D:8A:2C:3E:7E:C5:20:39:42:73:45:1A:90:B1:D8:84
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DF29B6C8E6AECDA1A77FAAC4D73F94181
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/X9w5qh2KLD5-xSA5QnNFGpCx2IQ.roa
Signing time: Thu 29 Feb 2024 02:04:48 +0000
ROA not before: Thu 29 Feb 2024 02:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18d:f29a:dca2/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 29 Feb 2024 02:11:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f2:9b:6c:8e:6a:ec:da:1a:77:fa:ac:4d:73:f9:41:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 29 02:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5fdc39aa1d8a2c3e7ec520394273451a90b1d884
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:bf:10:b6:2a:f2:79:5f:0c:fe:27:fe:3e:da:
b5:c4:5a:42:06:a9:02:06:64:0a:72:71:91:ef:da:
10:81:03:53:4f:fe:ae:02:f3:93:fb:d3:a5:9a:37:
87:ba:bd:63:40:24:df:fc:a9:88:96:f4:d1:e5:44:
26:d7:5a:6b:64:b7:c2:ca:f9:8e:a0:22:60:5b:a7:
7a:c0:07:83:00:c7:c9:f7:4b:b3:e5:7d:fc:a7:d9:
9f:a5:65:5d:04:5f:f7:a6:a1:51:2a:17:93:9a:d1:
58:59:ee:bf:af:95:e9:af:04:68:2b:75:d3:c1:03:
8b:19:a3:d6:bd:a2:06:e7:74:53:96:38:27:c1:70:
52:14:6d:16:e5:ae:b3:f6:53:08:b7:14:ef:ab:c1:
db:44:e1:1f:cf:a1:74:92:7a:d9:2e:4e:a3:f7:65:
83:c8:39:ef:ab:ce:d7:ac:11:3e:98:87:bf:63:8c:
4b:ea:f0:00:ed:e3:b5:01:de:e0:49:b8:b9:99:10:
f4:00:e3:85:db:a1:74:0d:e8:d9:53:44:48:5e:d1:
92:2e:b7:81:96:8c:90:44:3c:0d:c6:d1:2e:29:f8:
d9:b3:e5:8e:30:b0:79:2f:53:2e:16:e8:82:33:dd:
95:79:a0:83:13:fe:58:16:7c:66:c1:7e:ae:a0:c8:
1f:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:DC:39:AA:1D:8A:2C:3E:7E:C5:20:39:42:73:45:1A:90:B1:D8:84
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/X9w5qh2KLD5-xSA5QnNFGpCx2IQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
80:f7:c2:61:bf:e7:4a:d6:ef:80:71:a9:ec:7d:ba:22:d8:7b:
2d:ac:52:fe:0a:70:a5:15:53:7a:fa:bd:e3:11:8b:bf:a9:20:
c8:26:80:46:f8:6d:07:be:48:3f:17:ea:c4:3a:6d:fa:14:80:
5d:11:a2:54:89:ea:60:13:20:42:1a:d8:17:9f:a7:43:ff:61:
e2:3a:7b:51:c5:55:83:36:6d:47:21:5d:dc:61:37:f9:b2:4d:
d6:74:c1:79:ee:33:ef:30:e5:68:d5:e9:5c:c1:b7:af:8f:3b:
67:b8:00:b1:05:23:c0:ce:23:5f:2a:19:5a:7e:ac:b8:60:10:
ee:f3:a1:cd:af:db:b3:7d:19:7e:64:de:c4:79:7a:97:31:06:
47:ee:c0:ee:2a:b0:2d:51:aa:f2:69:75:59:ee:1a:31:eb:d7:
82:dd:6c:3c:dd:ff:14:b6:d4:13:a9:b5:28:6b:ca:8a:8e:06:
bd:71:25:df:be:7b:1a:87:dc:2f:92:6c:cc:42:53:6a:02:5e:
7b:ce:bd:ac:aa:2f:74:78:0f:22:74:36:df:c9:c5:93:dc:ad:
c6:77:2a:e9:75:8d:c1:43:97:a2:b8:ae:bb:f7:00:9e:40:2d:
f8:32:b6:ea:73:96:10:43:c3:78:40:34:cb:39:19:e3:5b:88:
d7:73:8d:ae
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3ym2yOauzaGnf6rE1z+UGBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI5MDIwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmRjMzlhYTFkOGEyYzNlN2VjNTIwMzk0MjczNDUxYTkwYjFkODg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnr8QtiryeV8M/if+Ptq1xFpCBqkC
BmQKcnGR79oQgQNTT/6uAvOT+9OlmjeHur1jQCTf/KmIlvTR5UQm11prZLfCyvmO
oCJgW6d6wAeDAMfJ90uz5X38p9mfpWVdBF/3pqFRKheTmtFYWe6/r5XprwRoK3XT
wQOLGaPWvaIG53RTljgnwXBSFG0W5a6z9lMItxTvq8HbROEfz6F0knrZLk6j92WD
yDnvq87XrBE+mIe/Y4xL6vAA7eO1Ad7gSbi5mRD0AOOF26F0DejZU0RIXtGSLreB
loyQRDwNxtEuKfjZs+WOMLB5L1MuFuiCM92VeaCDE/5YFnxmwX6uoMgfewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF/cOaodiiw+fsUgOUJzRRqQsdiEMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWDl3NXFoMktMRDUteFNBNVFuTkZHcEN4MklRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAID3wmG/50rW74Bxqex9
uiLYey2sUv4KcKUVU3r6veMRi7+pIMgmgEb4bQe+SD8X6sQ6bfoUgF0RolSJ6mAT
IEIa2Befp0P/YeI6e1HFVYM2bUchXdxhN/myTdZ0wXnuM+8w5WjV6VzBt6+PO2e4
ALEFI8DOI18qGVp+rLhgEO7zoc2v27N9GX5k3sR5epcxBkfuwO4qsC1RqvJpdVnu
GjHr14LdbDzd/xS21BOptShryoqOBr1xJd++exqH3C+SbMxCU2oCXnvOvayqL3R4
DyJ0Nt/JxZPcrcZ3Kul1jcFDl6K4rrv3AJ5ALfgytupzlhBDw3hANMs5GeNbiNdz
ja4=
-----END CERTIFICATE-----
Generated at Thu Feb 29 07:58:47 2024 by rpki-client on console.sobornost.net