Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/XBB7K16p7j7B4TUtbVCBliDQUUM.roa
File: XBB7K16p7j7B4TUtbVCBliDQUUM.roa (raw, json)
Hash identifier: W4DbHurhodOMBaltIOebSk+Sy2ErssBA7uxHcIikX3g=
Subject key identifier: 5C:10:7B:2B:5E:A9:EE:3E:C1:E1:35:2D:6D:50:81:96:20:D0:51:43
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EA1B39804301EBD6354C36C0EEA1E045B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/XBB7K16p7j7B4TUtbVCBliDQUUM.roa
Signing time: Wed 03 Apr 2024 02:04:45 +0000
ROA not before: Wed 03 Apr 2024 02:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
2001:67c:64:ffff:0:18e:a1b3:1b8c/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 03 Apr 2024 02:09:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a1:b3:98:04:30:1e:bd:63:54:c3:6c:0e:ea:1e:04:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 3 02:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c107b2b5ea9ee3ec1e1352d6d50819620d05143
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:8a:8f:04:ae:b1:f5:58:dc:ea:dc:23:da:e0:
25:7e:86:50:c5:0c:04:29:7f:30:17:10:ea:ea:4a:
87:43:94:e8:6f:b5:c6:dc:d7:6a:e0:6e:8a:21:b2:
11:05:55:3d:9d:12:58:b0:fe:f9:60:08:a7:d1:64:
3f:07:e6:5e:f3:24:e1:b8:1b:93:0e:96:db:21:3d:
3e:a0:01:73:91:17:e5:96:65:d0:f3:58:c1:30:96:
e8:24:90:2d:a7:3f:3d:29:07:f9:39:08:79:b7:cc:
e9:25:cb:23:f0:27:61:85:d1:0b:bc:3e:7d:df:59:
f1:21:ba:35:cc:2a:b9:7c:88:d4:bb:ba:cb:ca:3a:
d5:bd:0d:b7:33:09:c2:4a:94:ff:92:d7:71:a1:70:
31:59:d8:4d:1f:8b:82:38:2a:fe:a9:fc:e0:a7:42:
d1:ea:e3:b7:19:d0:bd:41:8d:3b:e3:fa:77:32:fe:
34:e0:97:a4:ab:cb:b5:a2:e2:d1:ad:71:80:33:d9:
ab:d3:b0:f7:94:3e:c0:0f:20:c4:cf:7f:ba:e8:c2:
00:e2:34:bc:15:34:d4:66:05:0e:4e:f0:8e:8a:c6:
37:6e:a8:c3:de:2f:57:76:d7:3d:c2:18:6b:57:5b:
f9:3e:38:5f:85:91:42:9b:0d:cb:bb:5b:7e:99:5d:
f4:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:10:7B:2B:5E:A9:EE:3E:C1:E1:35:2D:6D:50:81:96:20:D0:51:43
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/XBB7K16p7j7B4TUtbVCBliDQUUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
78:a2:fb:ba:23:00:02:2f:63:99:f1:05:23:25:0c:31:43:a7:
12:c8:78:c1:fd:0b:5d:d0:24:6f:3a:5e:0f:53:4b:16:28:30:
f3:32:f9:56:a9:2c:de:c9:83:95:5e:88:58:e1:ca:a2:23:07:
cd:85:73:0a:df:2a:8b:23:47:9f:05:8d:5e:87:46:ac:95:1b:
bf:3f:2c:86:c0:c7:ef:60:7e:71:65:20:41:d1:08:3c:83:29:
dd:4c:3a:0d:e4:8e:4f:dd:8f:3a:07:c9:25:8b:cd:19:9a:4c:
f7:60:26:89:1f:43:dc:9d:79:b5:6f:71:7e:29:89:6e:e3:eb:
99:34:ce:18:b9:3c:15:e1:a9:85:03:7c:73:8e:77:c5:60:59:
a6:c6:f5:95:a2:09:af:7e:9a:98:56:27:00:f7:fa:9f:15:d3:
72:85:03:76:56:c8:27:b9:9a:fb:1c:61:af:c0:23:11:91:cb:
02:13:6f:44:61:3a:59:41:c5:e3:19:b4:cf:2f:0a:45:f3:db:
84:b4:1e:7d:cd:e1:15:a0:1d:8c:ca:41:2f:a2:3a:e6:25:8f:
f1:5b:c4:e8:71:6c:2b:3e:25:e1:af:79:aa:3c:f2:a1:f6:4b:
68:d1:f9:4a:19:70:f6:88:3d:1b:56:a9:58:5d:9d:26:6b:cf:
78:92:21:d4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6hs5gEMB69Y1TDbA7qHgRbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDAzMDIwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzEwN2IyYjVlYTllZTNlYzFlMTM1MmQ2ZDUwODE5NjIwZDA1MTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYqPBK6x9Vjc6twj2uAlfoZQxQwE
KX8wFxDq6kqHQ5Tob7XG3Ndq4G6KIbIRBVU9nRJYsP75YAin0WQ/B+Ze8yThuBuT
DpbbIT0+oAFzkRfllmXQ81jBMJboJJAtpz89KQf5OQh5t8zpJcsj8CdhhdELvD59
31nxIbo1zCq5fIjUu7rLyjrVvQ23MwnCSpT/ktdxoXAxWdhNH4uCOCr+qfzgp0LR
6uO3GdC9QY074/p3Mv404Jekq8u1ouLRrXGAM9mr07D3lD7ADyDEz3+66MIA4jS8
FTTUZgUOTvCOisY3bqjD3i9Xdtc9whhrV1v5PjhfhZFCmw3Lu1t+mV30gQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFwQeyteqe4+weE1LW1QgZYg0FFDMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWEJCN0sxNnA3ajdCNFRVdGJWQ0JsaURRVVVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHii+7ojAAIvY5nxBSMl
DDFDpxLIeMH9C13QJG86Xg9TSxYoMPMy+VapLN7Jg5VeiFjhyqIjB82FcwrfKosj
R58FjV6HRqyVG78/LIbAx+9gfnFlIEHRCDyDKd1MOg3kjk/djzoHySWLzRmaTPdg
JokfQ9ydebVvcX4piW7j65k0zhi5PBXhqYUDfHOOd8VgWabG9ZWiCa9+mphWJwD3
+p8V03KFA3ZWyCe5mvscYa/AIxGRywITb0RhOllBxeMZtM8vCkXz24S0Hn3N4RWg
HYzKQS+iOuYlj/FbxOhxbCs+JeGveao88qH2S2jR+UoZcPaIPRtWqVhdnSZrz3iS
IdQ=
-----END CERTIFICATE-----
Generated at Wed Apr 3 09:43:27 2024 by rpki-client on console.sobornost.net