Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/a4M3_0UwT-waNE0ymzwDm1X1la4.roa
File: a4M3_0UwT-waNE0ymzwDm1X1la4.roa (raw, json)
Hash identifier: LWgHtFJhmM8BV3250kHRVNTjGkSOkR+k/Qs8rkdUy3c=
Subject key identifier: 6B:83:37:FF:45:30:4F:EC:1A:34:4D:32:9B:3C:03:9B:55:F5:95:AE
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E0AAD1CEB458F54EF2F9E533F322E5941
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/a4M3_0UwT-waNE0ymzwDm1X1la4.roa
Signing time: Mon 04 Mar 2024 18:15:01 +0000
ROA not before: Mon 04 Mar 2024 18:15:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 04 Mar 2024 19:05:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0a:ad:1c:eb:45:8f:54:ef:2f:9e:53:3f:32:2e:59:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 4 18:15:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b8337ff45304fec1a344d329b3c039b55f595ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:7a:b3:76:d5:c1:91:9b:00:ac:37:92:a4:a9:
16:36:37:52:1f:72:ca:18:af:7e:d7:95:67:d2:b2:
c7:3f:4a:84:e1:95:24:ea:1f:fa:9d:12:b8:d8:82:
d2:00:6c:1d:fb:52:60:1c:76:d3:11:c7:f5:06:10:
fa:fd:7f:1b:da:da:1d:7b:6f:f6:6e:f4:69:f4:5e:
5f:e3:80:f8:47:6f:54:4c:1e:d7:41:59:0b:77:dc:
9f:05:9d:f0:2e:b0:85:cd:95:f1:35:d1:41:4e:bf:
ae:b2:4a:d3:4c:6f:ca:17:2e:49:3f:9a:ed:6e:9e:
e5:8c:29:b5:24:a6:29:5f:63:ce:66:88:f5:f1:ea:
45:e6:ec:d6:a1:c9:4c:99:34:44:0b:c9:59:e4:4d:
d8:7a:12:fe:43:7e:ba:87:86:c5:4a:31:a6:21:a7:
3a:83:c1:68:26:ae:74:c5:a3:d8:f4:47:b5:78:56:
5a:18:f5:f3:06:0b:85:b7:9a:57:72:8c:90:9e:27:
db:e9:69:d2:b9:ce:04:18:68:45:96:3d:3c:32:82:
41:14:79:13:10:a4:52:9b:26:6a:18:0c:b3:e8:6a:
12:87:2e:34:73:53:e5:09:35:54:01:d6:3a:a2:24:
e3:aa:3e:12:bc:50:32:59:98:e1:ca:29:17:ac:9c:
2a:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:83:37:FF:45:30:4F:EC:1A:34:4D:32:9B:3C:03:9B:55:F5:95:AE
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/a4M3_0UwT-waNE0ymzwDm1X1la4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0c:6e:15:73:ee:b9:56:93:b9:94:57:c5:0a:97:6a:16:e2:af:
cb:a6:a8:c3:41:b6:d4:74:dc:3e:9e:2c:2f:dd:ab:47:b8:cf:
e5:04:6e:49:aa:ad:f0:2c:77:d6:01:7a:bb:41:81:e9:b1:1e:
b8:1f:c0:f0:b4:a1:92:98:19:68:90:1a:a4:66:48:cd:52:ec:
96:0c:f1:7d:b0:9a:a5:d5:2e:4f:a2:3c:b7:6f:9c:44:71:8c:
17:47:3f:83:b1:49:33:75:c6:8c:3a:4d:03:b4:96:1c:ea:7a:
53:a3:b9:60:c0:fd:f9:3a:13:29:3c:72:da:9b:6e:98:fe:12:
ed:c2:7d:39:e6:58:38:9b:a0:72:f1:42:c8:bf:26:2e:a4:8a:
4e:82:da:5d:3c:7c:a3:76:3b:03:1e:68:5e:58:7e:72:aa:9a:
03:11:62:b7:b8:76:cb:11:bd:ba:52:d9:e4:03:34:87:2e:c6:
46:a9:f1:4f:f3:de:41:9c:dc:f4:b8:09:ee:c7:98:d5:a4:ed:
64:fd:4e:57:1f:67:4c:e6:57:7c:f8:6e:ad:5f:bc:ad:cf:46:
21:b9:8c:51:b4:19:d7:cf:03:f1:93:6e:97:d6:22:4d:54:ab:
a3:cc:18:8a:b8:90:18:bf:af:9e:34:04:71:05:09:c1:40:5b:
87:46:4a:fa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4KrRzrRY9U7y+eUz8yLllBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA0MTgxNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjgzMzdmZjQ1MzA0ZmVjMWEzNDRkMzI5YjNjMDM5YjU1ZjU5NWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnqzdtXBkZsArDeSpKkWNjdSH3LK
GK9+15Vn0rLHP0qE4ZUk6h/6nRK42ILSAGwd+1JgHHbTEcf1BhD6/X8b2tode2/2
bvRp9F5f44D4R29UTB7XQVkLd9yfBZ3wLrCFzZXxNdFBTr+uskrTTG/KFy5JP5rt
bp7ljCm1JKYpX2POZoj18epF5uzWoclMmTREC8lZ5E3YehL+Q366h4bFSjGmIac6
g8FoJq50xaPY9Ee1eFZaGPXzBguFt5pXcoyQnifb6WnSuc4EGGhFlj08MoJBFHkT
EKRSmyZqGAyz6GoShy40c1PlCTVUAdY6oiTjqj4SvFAyWZjhyikXrJwqnQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGuDN/9FME/sGjRNMps8A5tV9ZWuMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYTRNM18wVXdULXdhTkUweW16d0RtMVgxbGE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAxuFXPuuVaTuZRXxQqX
ahbir8umqMNBttR03D6eLC/dq0e4z+UEbkmqrfAsd9YBertBgemxHrgfwPC0oZKY
GWiQGqRmSM1S7JYM8X2wmqXVLk+iPLdvnERxjBdHP4OxSTN1xow6TQO0lhzqelOj
uWDA/fk6Eyk8ctqbbpj+Eu3CfTnmWDiboHLxQsi/Ji6kik6C2l08fKN2OwMeaF5Y
fnKqmgMRYre4dssRvbpS2eQDNIcuxkap8U/z3kGc3PS4Ce7HmNWk7WT9TlcfZ0zm
V3z4bq1fvK3PRiG5jFG0GdfPA/GTbpfWIk1Uq6PMGIq4kBi/r540BHEFCcFAW4dG
Svo=
-----END CERTIFICATE-----
Generated at Tue Mar 5 03:04:23 2024 by rpki-client on console.sobornost.net