Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ZCjo4OVh8ZfQndoXcvvFid4MIOY.roa
File: ZCjo4OVh8ZfQndoXcvvFid4MIOY.roa (raw, json)
Hash identifier: jRuiqDeHyU9MkV6i8yK0UQqJS1x4WSNUZhQVqiiilRE=
Subject key identifier: 64:28:E8:E0:E5:61:F1:97:D0:9D:DA:17:72:FB:C5:89:DE:0C:20:E6
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E6EA844764A5F48620DCC55E325B434D2
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ZCjo4OVh8ZfQndoXcvvFid4MIOY.roa
Signing time: Sun 24 Mar 2024 04:11:45 +0000
ROA not before: Sun 24 Mar 2024 04:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 24 Mar 2024 05:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:6e:a8:44:76:4a:5f:48:62:0d:cc:55:e3:25:b4:34:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 24 04:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6428e8e0e561f197d09dda1772fbc589de0c20e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:09:fe:92:7e:08:66:0a:32:ba:52:36:32:2e:
6c:53:e5:47:3e:be:dd:8a:26:62:3b:8e:bf:81:6d:
cd:35:3e:89:fb:f3:ce:d4:ee:4b:d9:3e:73:a1:55:
70:69:77:f5:40:b6:3c:84:db:cf:6d:5a:d7:67:84:
7a:3f:bd:f9:61:93:33:fe:b0:08:b4:25:ab:96:e7:
2f:a5:62:f5:f7:33:2c:68:5d:de:a4:07:3c:4b:92:
c6:b3:5c:c7:e7:53:18:ab:48:72:df:b5:3e:74:2d:
b3:3a:a1:6b:3c:a5:e3:93:7c:bd:24:87:dd:8f:2a:
e8:de:ea:b5:ee:22:58:7d:34:64:d0:e8:35:ff:89:
c5:71:a2:23:64:d9:e2:43:76:b7:4e:2c:2d:71:dc:
52:da:bc:2e:04:9b:f9:f9:8f:03:e4:a3:aa:2b:0c:
a9:d8:76:0e:40:23:ac:6c:c7:06:80:c6:c8:c5:73:
5f:66:f1:d7:bc:2e:d8:b9:1c:d4:97:01:41:9e:e6:
6c:28:50:91:4d:bc:5e:9c:88:93:eb:80:1d:39:27:
32:98:99:f8:1c:6f:5c:35:15:94:01:7e:54:c3:2b:
9c:14:47:a0:81:13:02:6f:ed:fd:97:4f:f1:84:ff:
7e:07:60:b3:5a:19:9f:8b:15:cc:75:81:ea:4f:f1:
7e:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:28:E8:E0:E5:61:F1:97:D0:9D:DA:17:72:FB:C5:89:DE:0C:20:E6
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ZCjo4OVh8ZfQndoXcvvFid4MIOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
44:88:6d:0b:cb:d4:41:b1:a4:8b:c3:36:19:d2:e3:32:cd:6e:
5c:59:cc:2c:c4:ae:8c:76:a7:46:82:2b:94:7e:a2:7d:39:2d:
04:e5:f6:c3:da:7b:07:e6:c3:e9:b0:14:bc:fc:4b:2d:e3:0b:
d7:83:f0:47:b3:5d:90:c5:8c:65:53:3d:2c:ee:2a:db:92:76:
42:03:02:7a:7e:d1:1b:5b:33:03:04:51:f4:6b:f9:dd:23:b3:
f5:cd:64:e9:cb:0f:29:06:80:02:f3:c9:3f:9d:6d:50:2b:7c:
7c:45:37:82:90:c6:f2:3e:6d:f6:6a:08:f2:ed:af:b7:84:fb:
63:7d:65:b8:ca:ce:10:92:8b:a6:56:20:6f:42:b7:ca:17:d5:
84:a8:58:ce:2f:c6:f0:52:ce:0f:c3:98:31:ad:3d:02:c4:85:
0a:df:cc:70:a9:62:0d:dd:51:77:8f:d0:22:d9:ee:a5:56:d2:
15:76:49:29:07:53:9b:bf:46:b4:02:f6:ef:f5:b7:c1:27:5d:
c2:aa:ef:83:dd:e7:cc:19:23:a4:54:a2:2d:0e:2a:e4:d7:e0:
bc:2d:cc:d7:7b:da:0d:08:87:8f:ec:ae:3b:dd:fc:12:56:f8:
5d:89:a2:09:e1:30:52:42:d4:08:59:70:fc:f9:25:21:a1:25:
68:df:6d:98
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5uqER2Sl9IYg3MVeMltDTSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI0MDQxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDI4ZThlMGU1NjFmMTk3ZDA5ZGRhMTc3MmZiYzU4OWRlMGMyMGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugn+kn4IZgoyulI2Mi5sU+VHPr7d
iiZiO46/gW3NNT6J+/PO1O5L2T5zoVVwaXf1QLY8hNvPbVrXZ4R6P735YZMz/rAI
tCWrlucvpWL19zMsaF3epAc8S5LGs1zH51MYq0hy37U+dC2zOqFrPKXjk3y9JIfd
jyro3uq17iJYfTRk0Og1/4nFcaIjZNniQ3a3TiwtcdxS2rwuBJv5+Y8D5KOqKwyp
2HYOQCOsbMcGgMbIxXNfZvHXvC7YuRzUlwFBnuZsKFCRTbxenIiT64AdOScymJn4
HG9cNRWUAX5UwyucFEeggRMCb+39l0/xhP9+B2CzWhmfixXMdYHqT/F+PQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGQo6ODlYfGX0J3aF3L7xYneDCDmMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWkNqbzRPVmg4WmZRbmRvWGN2dkZpZDRNSU9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAESIbQvL1EGxpIvDNhnS
4zLNblxZzCzErox2p0aCK5R+on05LQTl9sPaewfmw+mwFLz8Sy3jC9eD8EezXZDF
jGVTPSzuKtuSdkIDAnp+0RtbMwMEUfRr+d0js/XNZOnLDykGgALzyT+dbVArfHxF
N4KQxvI+bfZqCPLtr7eE+2N9ZbjKzhCSi6ZWIG9Ct8oX1YSoWM4vxvBSzg/DmDGt
PQLEhQrfzHCpYg3dUXeP0CLZ7qVW0hV2SSkHU5u/RrQC9u/1t8EnXcKq74Pd58wZ
I6RUoi0OKuTX4LwtzNd72g0Ih4/srjvd/BJW+F2JognhMFJC1AhZcPz5JSGhJWjf
bZg=
-----END CERTIFICATE-----
Generated at Sun Mar 24 11:22:10 2024 by rpki-client on console.sobornost.net