Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ZB0tGHWFjADLfnYpEs6M3KzFlHc.roa
File: ZB0tGHWFjADLfnYpEs6M3KzFlHc.roa (raw, json)
Hash identifier: IaAwtxLCHm+8s595zh9FAvONjypBKWwemhG584S5dLM=
Subject key identifier: 64:1D:2D:18:75:85:8C:00:CB:7E:76:29:12:CE:8C:DC:AC:C5:94:77
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E47CB3B67504511C00641A9DC1EE2476A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ZB0tGHWFjADLfnYpEs6M3KzFlHc.roa
Signing time: Sat 16 Mar 2024 15:04:45 +0000
ROA not before: Sat 16 Mar 2024 15:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:47ca:bedc/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 16 Mar 2024 15:09:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:47:cb:3b:67:50:45:11:c0:06:41:a9:dc:1e:e2:47:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 16 15:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=641d2d1875858c00cb7e762912ce8cdcacc59477
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c9:af:32:8d:12:d5:4d:8a:0c:aa:23:73:00:
85:fe:98:c9:1e:70:ea:45:b9:ce:1d:62:ba:04:39:
90:d5:69:cd:97:6e:d3:ab:d2:e3:a7:35:89:06:5e:
7b:23:31:e3:a0:33:ac:1b:57:fb:c0:dd:9c:a2:66:
62:4c:cd:49:2c:e3:5f:db:2a:e2:99:69:91:34:ee:
7b:b8:f3:b7:70:d9:fe:bf:d6:59:db:a9:7d:f8:63:
76:c1:1c:ae:e9:43:83:4d:b8:25:65:a3:4e:fb:a9:
31:cf:6c:9f:b1:a6:a3:be:eb:64:fe:8c:4b:5e:f2:
49:65:d2:11:22:bd:b0:b3:10:47:b2:28:7d:ea:6b:
b5:ea:b6:a6:27:b7:ea:b4:93:31:7a:95:8e:1c:d6:
d7:86:6f:cb:dc:e9:7a:06:3a:6f:7c:f9:69:48:7e:
6d:9c:4d:fc:31:96:a2:57:1b:47:af:ad:fd:99:73:
df:55:b0:6f:4a:20:92:39:9e:6a:f5:1b:60:c1:7a:
c5:1a:12:27:ca:bc:a8:89:05:37:78:ae:09:f1:b8:
6e:98:9f:18:00:95:79:ea:4f:7d:cc:cf:7c:73:5d:
99:67:03:41:73:b0:43:2e:50:1b:bc:a9:e9:9b:6c:
82:b4:31:39:7a:14:e8:b4:2b:90:bd:ee:b7:34:fc:
6f:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:1D:2D:18:75:85:8C:00:CB:7E:76:29:12:CE:8C:DC:AC:C5:94:77
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ZB0tGHWFjADLfnYpEs6M3KzFlHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9e:64:9f:b7:15:63:b8:7a:0c:27:9c:cd:c7:36:7b:21:5f:ff:
a3:28:ee:f8:d0:80:29:49:9f:2e:b3:39:bd:96:52:ed:6a:d0:
24:91:ff:a0:46:03:d8:c2:cd:8f:9b:3d:96:4c:c6:99:a2:23:
2d:6a:0a:97:2a:db:28:ec:3e:3c:a5:9b:00:4e:64:53:f3:c1:
8b:11:ac:c8:6b:13:b6:b9:6e:44:6e:36:1a:85:45:81:9b:81:
1f:df:df:3d:ff:e9:32:06:8f:f2:6e:ce:af:1a:50:bf:64:1d:
ee:45:28:5c:41:75:e7:6b:da:46:b3:96:c9:48:06:39:6b:ef:
f9:79:65:d6:e4:0e:92:fb:3f:df:ba:a1:32:2f:86:80:d7:85:
68:7f:70:0a:2b:ae:34:40:ad:6d:95:c1:5a:3a:ef:7e:06:57:
67:ba:c9:d9:ce:f9:55:3a:fd:89:fa:a9:0a:bd:aa:7e:5f:24:
24:ea:e3:87:ca:e5:6d:6c:1d:72:6e:68:04:58:79:b5:c0:1e:
e1:50:1b:5a:75:4a:26:58:3e:5c:d2:e8:8b:a4:99:65:45:76:
1b:2b:d8:a6:a5:94:a6:b7:38:47:40:c5:32:f3:df:94:f7:c1:
3d:ec:e0:c8:fe:c4:c5:3d:cf:ef:20:59:47:68:3f:83:76:bf:
d7:90:57:1a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5HyztnUEURwAZBqdwe4kdqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE2MTUwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDFkMmQxODc1ODU4YzAwY2I3ZTc2MjkxMmNlOGNkY2FjYzU5NDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocmvMo0S1U2KDKojcwCF/pjJHnDq
RbnOHWK6BDmQ1WnNl27Tq9LjpzWJBl57IzHjoDOsG1f7wN2comZiTM1JLONf2yri
mWmRNO57uPO3cNn+v9ZZ26l9+GN2wRyu6UODTbglZaNO+6kxz2yfsaajvutk/oxL
XvJJZdIRIr2wsxBHsih96mu16ramJ7fqtJMxepWOHNbXhm/L3Ol6BjpvfPlpSH5t
nE38MZaiVxtHr639mXPfVbBvSiCSOZ5q9RtgwXrFGhInyryoiQU3eK4J8bhumJ8Y
AJV56k99zM98c12ZZwNBc7BDLlAbvKnpm2yCtDE5ehTotCuQve63NPxv1wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGQdLRh1hYwAy352KRLOjNysxZR3MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWkIwdEdIV0ZqQURMZm5ZcEVzNk0zS3pGbEhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ5kn7cVY7h6DCeczcc2
eyFf/6Mo7vjQgClJny6zOb2WUu1q0CSR/6BGA9jCzY+bPZZMxpmiIy1qCpcq2yjs
PjylmwBOZFPzwYsRrMhrE7a5bkRuNhqFRYGbgR/f3z3/6TIGj/Juzq8aUL9kHe5F
KFxBdedr2kazlslIBjlr7/l5ZdbkDpL7P9+6oTIvhoDXhWh/cAorrjRArW2VwVo6
734GV2e6ydnO+VU6/Yn6qQq9qn5fJCTq44fK5W1sHXJuaARYebXAHuFQG1p1SiZY
PlzS6IukmWVFdhsr2KallKa3OEdAxTLz35T3wT3s4Mj+xMU9z+8gWUdoP4N2v9eQ
Vxo=
-----END CERTIFICATE-----
Generated at Sat Mar 16 20:08:22 2024 by rpki-client on console.sobornost.net