Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/aTaF1uJU3RWHecNL3luDLmj0lTw.roa
File: aTaF1uJU3RWHecNL3luDLmj0lTw.roa (raw, json)
Hash identifier: IUbLaJd03h89oE1fKSyilYGXNG5q0vcgfgCZQ7/uEv8=
Subject key identifier: 69:36:85:D6:E2:54:DD:15:87:79:C3:4B:DE:5B:83:2E:68:F4:95:3C
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E0DDBEEACBBFC8208EB8C2B161C918746
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/aTaF1uJU3RWHecNL3luDLmj0lTw.roa
Signing time: Tue 05 Mar 2024 09:05:01 +0000
ROA not before: Tue 05 Mar 2024 09:05:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:ddb:4856/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 05 Mar 2024 09:16:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0d:db:ee:ac:bb:fc:82:08:eb:8c:2b:16:1c:91:87:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 5 09:05:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=693685d6e254dd158779c34bde5b832e68f4953c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f3:21:cd:0f:81:e0:20:ac:ce:47:ec:b3:07:
f9:48:e5:52:27:33:9e:a0:61:42:74:7d:d4:c6:04:
dc:e7:00:d2:8b:52:78:88:dd:3b:14:12:bb:34:2d:
f9:21:5c:10:e4:37:b5:8e:f2:f0:e4:8e:25:f6:17:
b1:81:ac:ac:bc:47:5e:bf:87:fd:ea:33:b9:cc:59:
6d:4a:64:3c:48:5f:92:9c:04:ca:3e:82:53:2c:d5:
ff:29:8f:55:93:49:6c:73:2d:4a:49:0f:53:bb:9c:
25:87:7f:b5:66:8f:84:78:55:e1:88:26:6b:92:76:
40:ce:bd:9b:af:8e:96:a3:8d:92:aa:1b:f0:aa:df:
ac:28:0d:01:a3:25:c7:2e:0f:d4:2e:ec:9e:18:3f:
69:39:fb:c0:21:0a:14:d0:fe:3e:69:1b:b4:44:99:
d5:63:ae:9f:6f:b5:cb:61:0e:b3:d5:bf:b5:cd:69:
9f:e4:8c:e3:81:8d:22:93:1f:91:5d:70:b7:71:be:
2b:d7:4f:10:5f:9a:1f:c7:99:59:d2:1d:46:fd:42:
f0:2e:79:97:14:f7:8b:e9:a5:1d:9d:fa:bb:ef:67:
69:58:2e:64:00:77:96:56:ee:6f:79:f2:92:8d:18:
be:4a:2d:1b:63:e0:a0:0b:53:27:a0:8c:04:52:82:
fe:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:36:85:D6:E2:54:DD:15:87:79:C3:4B:DE:5B:83:2E:68:F4:95:3C
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/aTaF1uJU3RWHecNL3luDLmj0lTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
02:2c:a9:40:53:a5:d1:f9:46:e5:0a:c3:cc:b5:35:79:b0:75:
98:5d:6d:ce:4c:34:96:21:6c:f6:5a:cb:f1:10:c2:e8:2b:db:
78:9e:cd:11:dc:5e:75:7e:c0:8f:e4:bc:82:1e:96:4b:41:f0:
84:5a:ca:e8:f4:9d:13:12:60:c8:1b:d9:72:37:06:9e:98:2a:
94:18:a3:6b:e8:13:83:71:94:61:71:5f:14:0c:71:e0:d0:33:
38:7e:d1:bd:6f:75:16:6d:24:6f:31:19:12:b7:d9:dc:26:61:
98:fc:3c:e1:20:bd:3d:0b:f9:04:52:5d:15:06:b5:09:78:59:
82:7b:1c:13:83:ed:ba:1f:de:64:20:9a:fc:3c:37:41:84:b2:
13:bf:62:a7:f9:ad:81:28:03:73:a2:33:4c:e0:02:b0:d7:2c:
0a:e6:9c:19:d5:a0:bf:85:77:40:c3:65:c8:13:ed:f9:ce:c5:
d1:6e:06:de:20:07:42:40:88:57:f8:bc:3b:ed:41:a9:4d:5f:
c6:1d:8e:1b:21:c3:4c:48:18:a5:a5:79:8f:bb:aa:58:c4:64:
06:e9:3f:5d:5d:d7:f6:05:a5:de:35:6b:b5:05:eb:a9:f6:88:
a5:34:6e:aa:05:5c:ca:90:74:7c:cf:20:08:d1:9a:50:a1:43:
53:36:7b:b0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4N2+6su/yCCOuMKxYckYdGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA1MDkwNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTM2ODVkNmUyNTRkZDE1ODc3OWMzNGJkZTViODMyZTY4ZjQ5NTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvMhzQ+B4CCszkfsswf5SOVSJzOe
oGFCdH3UxgTc5wDSi1J4iN07FBK7NC35IVwQ5De1jvLw5I4l9hexgaysvEdev4f9
6jO5zFltSmQ8SF+SnATKPoJTLNX/KY9Vk0lscy1KSQ9Tu5wlh3+1Zo+EeFXhiCZr
knZAzr2br46Wo42Sqhvwqt+sKA0BoyXHLg/ULuyeGD9pOfvAIQoU0P4+aRu0RJnV
Y66fb7XLYQ6z1b+1zWmf5IzjgY0ikx+RXXC3cb4r108QX5ofx5lZ0h1G/ULwLnmX
FPeL6aUdnfq772dpWC5kAHeWVu5vefKSjRi+Si0bY+CgC1MnoIwEUoL+1wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGk2hdbiVN0Vh3nDS95bgy5o9JU8MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYVRhRjF1SlUzUldIZWNOTDNsdURMbWowbFR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAIsqUBTpdH5RuUKw8y1
NXmwdZhdbc5MNJYhbPZay/EQwugr23iezRHcXnV+wI/kvIIelktB8IRayuj0nRMS
YMgb2XI3Bp6YKpQYo2voE4NxlGFxXxQMceDQMzh+0b1vdRZtJG8xGRK32dwmYZj8
POEgvT0L+QRSXRUGtQl4WYJ7HBOD7bof3mQgmvw8N0GEshO/Yqf5rYEoA3OiM0zg
ArDXLArmnBnVoL+Fd0DDZcgT7fnOxdFuBt4gB0JAiFf4vDvtQalNX8Ydjhshw0xI
GKWleY+7qljEZAbpP11d1/YFpd41a7UF66n2iKU0bqoFXMqQdHzPIAjRmlChQ1M2
e7A=
-----END CERTIFICATE-----
Generated at Tue Mar 5 15:38:40 2024 by rpki-client on console.sobornost.net