Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ZDl7UJ6GY8Nd7Agtg57aV_K2AGU.roa
File: ZDl7UJ6GY8Nd7Agtg57aV_K2AGU.roa (raw, json)
Hash identifier: yMbnL2RyCp87KN2lSXxxd48LwqDpTutVWaDsBTK3geE=
Subject key identifier: 64:39:7B:50:9E:86:63:C3:5D:EC:08:2D:83:9E:DA:57:F2:B6:00:65
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EB8410A7B9105AD2DAC1DF96083F48D86
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ZDl7UJ6GY8Nd7Agtg57aV_K2AGU.roa
Signing time: Sun 07 Apr 2024 11:10:54 +0000
ROA not before: Sun 07 Apr 2024 11:10:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 07 Apr 2024 12:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:b8:41:0a:7b:91:05:ad:2d:ac:1d:f9:60:83:f4:8d:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 7 11:10:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=64397b509e8663c35dec082d839eda57f2b60065
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:45:98:68:c8:9b:e5:dc:18:34:65:42:cd:7c:
b3:a2:8e:00:12:38:08:19:bc:36:c1:e1:63:5d:c3:
27:56:64:d0:57:91:02:42:47:fe:40:86:44:69:ca:
68:69:f4:e6:5d:92:7f:96:d2:bf:ec:25:8d:b3:aa:
54:be:eb:21:4d:0e:f9:79:33:21:c1:ca:2b:e4:d9:
e5:ef:7d:c5:9f:ff:5e:fc:93:40:1c:41:e8:1b:08:
2e:32:c1:8a:f5:ba:08:b5:33:c1:e7:f9:74:c0:bd:
2f:79:0d:cf:0e:9a:c0:69:e9:fd:b7:ed:34:fb:1d:
6e:9f:50:a4:2d:c5:cc:01:bd:1e:4f:b4:7c:49:87:
5b:1c:0a:54:7d:34:cb:8c:eb:d3:cf:7a:15:ee:b0:
c6:d4:84:a0:3b:13:ff:73:70:4d:eb:2c:a6:4d:0c:
d4:08:f9:2c:e3:b0:c4:bf:07:67:ad:c4:a3:9c:9d:
12:c5:a6:94:c1:1b:45:eb:57:ff:34:9e:7c:9b:e1:
23:46:08:b9:7c:31:69:fe:f6:c9:91:85:f8:05:6b:
ea:7e:2e:2b:9a:7d:72:79:bd:e0:63:17:f1:a5:4a:
f6:76:33:d8:6b:24:7f:1f:ed:4c:b6:aa:33:8c:a6:
fa:22:00:79:33:0e:5f:3d:98:a7:f8:58:b0:da:71:
e5:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:39:7B:50:9E:86:63:C3:5D:EC:08:2D:83:9E:DA:57:F2:B6:00:65
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ZDl7UJ6GY8Nd7Agtg57aV_K2AGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7f:14:2c:ce:71:91:1b:4c:0f:91:ca:9c:ef:90:f1:29:7c:5c:
37:53:84:16:37:c8:fb:6d:13:9d:b8:d7:5e:97:23:87:e1:94:
2c:89:4c:4f:f4:0a:26:bc:6b:c8:b2:36:14:fd:2c:22:b6:e9:
4e:37:b0:32:f6:74:a0:9f:59:a3:b2:6f:23:39:f5:95:38:a5:
6d:f6:ee:d6:77:ca:23:d1:1b:f6:8f:4c:b9:7d:d7:0c:42:88:
43:b6:01:a8:cf:bc:0d:47:a6:03:f8:7f:6d:5a:41:6a:b8:53:
03:51:6a:61:be:68:93:ac:78:5a:17:0c:47:33:45:e4:6e:26:
a0:04:7c:e5:70:05:04:1f:5e:ce:a8:22:3d:1b:bf:f2:8e:8f:
0c:4d:f0:98:f8:c0:e9:e4:af:d8:0c:83:00:a4:b5:8f:a7:ad:
7c:c3:35:b9:ba:32:cd:dc:a7:af:0a:66:98:b3:73:c3:c4:8b:
9b:2a:31:df:d5:d3:b8:78:c8:48:d5:f2:07:3a:f9:f7:5d:75:
91:e0:e2:8e:8c:3f:ab:24:04:1c:1c:4b:b5:d7:95:f9:cb:78:
7d:b5:25:cc:34:1f:c4:77:ba:2f:d4:8f:c4:91:9b:0d:2d:a1:
14:92:f2:d3:09:f9:90:50:e1:05:2a:91:0d:da:cc:bc:35:d5:
5e:c2:23:02
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY64QQp7kQWtLawd+WCD9I2GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA3MTExMDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDM5N2I1MDllODY2M2MzNWRlYzA4MmQ4MzllZGE1N2YyYjYwMDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAikWYaMib5dwYNGVCzXyzoo4AEjgI
Gbw2weFjXcMnVmTQV5ECQkf+QIZEacpoafTmXZJ/ltK/7CWNs6pUvushTQ75eTMh
wcor5Nnl733Fn/9e/JNAHEHoGwguMsGK9boItTPB5/l0wL0veQ3PDprAaen9t+00
+x1un1CkLcXMAb0eT7R8SYdbHApUfTTLjOvTz3oV7rDG1ISgOxP/c3BN6yymTQzU
CPks47DEvwdnrcSjnJ0SxaaUwRtF61f/NJ58m+EjRgi5fDFp/vbJkYX4BWvqfi4r
mn1yeb3gYxfxpUr2djPYayR/H+1MtqozjKb6IgB5Mw5fPZin+Fiw2nHlVwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGQ5e1CehmPDXewILYOe2lfytgBlMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWkRsN1VKNkdZOE5kN0FndGc1N2FWX0syQUdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH8ULM5xkRtMD5HKnO+Q
8Sl8XDdThBY3yPttE524116XI4fhlCyJTE/0Cia8a8iyNhT9LCK26U43sDL2dKCf
WaOybyM59ZU4pW327tZ3yiPRG/aPTLl91wxCiEO2AajPvA1HpgP4f21aQWq4UwNR
amG+aJOseFoXDEczReRuJqAEfOVwBQQfXs6oIj0bv/KOjwxN8Jj4wOnkr9gMgwCk
tY+nrXzDNbm6Ms3cp68KZpizc8PEi5sqMd/V07h4yEjV8gc6+fdddZHg4o6MP6sk
BBwcS7XXlfnLeH21Jcw0H8R3ui/Uj8SRmw0toRSS8tMJ+ZBQ4QUqkQ3azLw11V7C
IwI=
-----END CERTIFICATE-----
Generated at Sun Apr 7 16:27:18 2024 by rpki-client on console.sobornost.net