Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YfMOu9RYRiYxt5UC-iMEN58PRIA.roa
File: YfMOu9RYRiYxt5UC-iMEN58PRIA.roa (raw, json)
Hash identifier: cCMSvJ/Jy5WLrChUm/Ez4HTp8DjJMSWEELsXEFW8xno=
Subject key identifier: 61:F3:0E:BB:D4:58:46:26:31:B7:95:02:FA:23:04:37:9F:0F:44:80
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E9E4C029C8EF8E02A4136C61B0A5C5FF7
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YfMOu9RYRiYxt5UC-iMEN58PRIA.roa
Signing time: Tue 02 Apr 2024 10:12:45 +0000
ROA not before: Tue 02 Apr 2024 10:12:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 02 Apr 2024 11:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9e:4c:02:9c:8e:f8:e0:2a:41:36:c6:1b:0a:5c:5f:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 2 10:12:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61f30ebbd458462631b79502fa2304379f0f4480
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b2:63:f9:23:50:fe:f3:e9:43:49:09:4e:a1:
4e:9c:8f:6e:53:13:ab:41:4a:7d:18:33:0a:d3:4a:
20:80:27:d8:67:6d:80:60:49:dc:7f:8e:0c:66:79:
0a:61:f6:c5:5c:67:1a:ee:01:bd:f9:cb:21:12:a7:
0b:9d:25:d5:79:8b:89:6c:37:4e:6a:d3:93:51:cb:
cc:64:44:10:76:b9:c8:a8:e2:26:4a:ed:95:f8:54:
97:41:ad:25:f4:3d:bb:a3:03:6a:ca:ce:b0:f8:1d:
43:9f:ab:17:81:75:1a:8c:15:f3:73:a0:89:f1:4d:
58:c9:dd:85:df:b3:aa:90:2b:cc:46:18:f9:33:14:
95:5d:b8:9b:f4:fb:0f:a5:f9:57:e2:13:65:21:e4:
c2:ab:eb:21:13:f1:44:c9:b6:73:b3:ed:b9:7b:d2:
54:58:4f:7f:04:a7:3b:1e:7b:fa:6b:35:88:77:6a:
0a:81:03:7c:6d:5b:be:2c:80:e7:de:8b:b3:14:70:
39:bd:88:db:ad:82:3c:3b:de:aa:8a:31:90:0b:00:
85:82:ae:ae:32:13:36:d9:ef:c1:e5:f0:57:94:4a:
2c:7e:1c:e8:50:77:00:48:ce:1e:f4:9d:68:9c:cf:
22:7e:eb:9b:31:70:7e:82:3e:86:bf:7c:ab:86:3b:
42:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:F3:0E:BB:D4:58:46:26:31:B7:95:02:FA:23:04:37:9F:0F:44:80
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YfMOu9RYRiYxt5UC-iMEN58PRIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
42:6c:6b:78:97:3a:ea:c7:77:04:5b:ad:84:cc:68:1f:6a:a3:
a0:3d:01:e0:b6:f8:7b:12:85:b1:66:26:2d:8f:56:56:36:f7:
8d:75:e4:63:5a:c9:fe:6b:c2:05:c5:43:66:54:5b:b6:0c:f1:
e5:a6:29:21:06:e9:d1:d1:ba:94:5d:a5:ef:b2:22:47:85:83:
6a:e4:06:b6:83:ff:45:20:10:82:44:35:55:fb:82:ed:79:59:
ed:f1:c8:55:0e:7f:40:a4:e4:39:57:5f:e5:43:a6:e5:1d:b3:
ee:e3:f6:06:a7:af:59:4d:a2:c8:54:99:8d:34:e5:0f:13:cf:
51:99:7a:3b:c0:27:74:da:73:e3:b1:ed:12:3b:b6:22:8c:0e:
a1:e4:df:42:9d:a8:4f:93:65:50:55:27:70:cf:55:39:5b:bb:
fe:54:58:78:e4:c1:b2:68:a9:87:79:d2:f8:f4:f3:9e:00:bf:
fa:04:f8:64:96:05:b6:16:f4:23:4d:22:d7:f0:21:9f:3d:09:
67:42:73:dc:f6:29:f1:89:8b:26:d6:bb:2d:b6:ad:2f:95:2b:
52:76:7a:e8:87:e7:5d:88:ae:ff:39:ee:02:67:8b:c6:66:00:
f3:fb:e9:c2:1a:8d:42:1d:6a:9a:0d:c0:c3:15:0a:dd:47:4d:
a6:47:2d:66
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6eTAKcjvjgKkE2xhsKXF/3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDAyMTAxMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWYzMGViYmQ0NTg0NjI2MzFiNzk1MDJmYTIzMDQzNzlmMGY0NDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbJj+SNQ/vPpQ0kJTqFOnI9uUxOr
QUp9GDMK00oggCfYZ22AYEncf44MZnkKYfbFXGca7gG9+cshEqcLnSXVeYuJbDdO
atOTUcvMZEQQdrnIqOImSu2V+FSXQa0l9D27owNqys6w+B1Dn6sXgXUajBXzc6CJ
8U1Yyd2F37OqkCvMRhj5MxSVXbib9PsPpflX4hNlIeTCq+shE/FEybZzs+25e9JU
WE9/BKc7Hnv6azWId2oKgQN8bVu+LIDn3ouzFHA5vYjbrYI8O96qijGQCwCFgq6u
MhM22e/B5fBXlEosfhzoUHcASM4e9J1onM8ifuubMXB+gj6Gv3yrhjtC7wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGHzDrvUWEYmMbeVAvojBDefD0SAMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWWZNT3U5UllSaVl4dDVVQy1pTUVONThQUklBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEJsa3iXOurHdwRbrYTM
aB9qo6A9AeC2+HsShbFmJi2PVlY294115GNayf5rwgXFQ2ZUW7YM8eWmKSEG6dHR
upRdpe+yIkeFg2rkBraD/0UgEIJENVX7gu15We3xyFUOf0Ck5DlXX+VDpuUds+7j
9ganr1lNoshUmY005Q8Tz1GZejvAJ3Tac+Ox7RI7tiKMDqHk30KdqE+TZVBVJ3DP
VTlbu/5UWHjkwbJoqYd50vj0854Av/oE+GSWBbYW9CNNItfwIZ89CWdCc9z2KfGJ
iybWuy22rS+VK1J2euiH512Irv857gJni8ZmAPP76cIajUIdapoNwMMVCt1HTaZH
LWY=
-----END CERTIFICATE-----
Generated at Tue Apr 2 17:48:36 2024 by rpki-client on console.sobornost.net