Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bWpCc9OoOx2qwzjmqofZqMbpLDo.roa
File: bWpCc9OoOx2qwzjmqofZqMbpLDo.roa (raw, json)
Hash identifier: Zo9C4Kl3yrCLjvGY677qqwjUY+d4d7dXOP3Awd6++4I=
Subject key identifier: 6D:6A:42:73:D3:A8:3B:1D:AA:C3:38:E6:AA:87:D9:A8:C6:E9:2C:3A
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E8568DA3D9A1CB7B6ADF9F30B363F4B0A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bWpCc9OoOx2qwzjmqofZqMbpLDo.roa
Signing time: Thu 28 Mar 2024 14:13:44 +0000
ROA not before: Thu 28 Mar 2024 14:13:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 28 Mar 2024 15:05:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:85:68:da:3d:9a:1c:b7:b6:ad:f9:f3:0b:36:3f:4b:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 28 14:13:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d6a4273d3a83b1daac338e6aa87d9a8c6e92c3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ac:eb:95:e8:0a:30:12:49:ce:29:86:f8:a8:
ce:e7:5f:7b:8e:d8:24:ee:04:bc:93:de:27:b5:2d:
5e:35:e5:05:f2:12:cb:ed:2a:53:42:c7:57:0a:33:
7a:0a:86:f3:25:7f:96:1a:5a:3d:9a:bb:ef:14:69:
06:80:1c:2c:60:28:ee:91:12:55:fa:b8:45:05:11:
e7:1e:ce:31:64:8b:cb:bf:78:a9:40:49:db:ee:99:
90:60:e7:b9:b0:7c:d3:52:3f:a1:58:d3:13:49:72:
71:29:7f:59:6a:e5:49:f0:1d:22:12:02:03:7e:47:
fd:7e:c6:0e:a7:06:70:bb:93:0e:3e:5b:9c:81:06:
72:4a:8e:a5:d3:5d:6b:1c:dc:68:e4:25:bf:ff:dc:
27:bd:e1:ab:0b:0f:c4:fd:a7:2d:2f:28:6f:82:98:
82:0e:3e:7f:35:00:12:80:53:c4:bf:57:2b:ec:b9:
e1:20:28:67:36:3b:ee:8f:10:c1:6e:fa:70:8a:b0:
39:7c:eb:f7:be:f9:35:64:38:8b:0e:cd:00:0e:f8:
3a:b7:51:fb:5f:7c:d3:fa:08:57:59:f3:96:a1:00:
69:62:c5:9e:b7:ed:b9:a0:07:16:ea:26:8b:55:75:
a5:98:35:85:54:ad:1b:fd:d4:1d:ff:14:dd:c9:97:
6b:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:6A:42:73:D3:A8:3B:1D:AA:C3:38:E6:AA:87:D9:A8:C6:E9:2C:3A
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bWpCc9OoOx2qwzjmqofZqMbpLDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
80:e6:ec:d6:95:ab:0d:2d:be:f3:35:16:f7:93:c1:3b:52:ab:
52:97:bc:ff:34:4e:9e:79:c5:2c:ce:9a:04:1f:4c:36:70:74:
44:46:0f:d2:cc:58:65:b4:98:db:ff:49:38:c0:57:c9:34:a2:
e8:f7:f0:d8:b2:48:6c:84:09:87:ad:f8:e6:c7:8e:cb:41:e0:
69:35:b0:ee:00:22:bf:1e:3f:37:ad:bf:87:eb:24:35:f2:4b:
29:47:88:e4:bd:12:3c:67:5c:99:3f:b8:ea:ba:33:36:4d:78:
10:cd:e0:26:14:c2:b4:db:63:eb:23:0c:74:4c:a4:ed:6c:64:
f7:31:10:66:e4:bd:c9:96:68:9c:03:0f:93:dd:5c:79:0c:3c:
e4:2f:53:75:00:61:3d:3b:8a:3f:10:e1:da:09:a4:2e:96:da:
f8:df:d1:fb:ba:c9:1c:84:f8:91:85:ff:6d:eb:93:55:85:65:
4a:da:12:a1:90:ce:c2:cd:f6:ff:5d:bf:9c:a6:24:95:65:7a:
2c:36:e0:6c:13:a2:13:3f:41:45:5b:96:1f:4b:06:80:65:bc:
d9:d3:9c:31:9a:32:11:f0:bc:20:eb:03:62:a8:3b:78:65:f5:
45:dc:ce:1c:5e:91:82:96:18:3e:88:81:0a:72:8b:46:e7:63:
97:08:ea:00
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6FaNo9mhy3tq358ws2P0sKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI4MTQxMzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDZhNDI3M2QzYTgzYjFkYWFjMzM4ZTZhYTg3ZDlhOGM2ZTkyYzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6zrlegKMBJJzimG+KjO5197jtgk
7gS8k94ntS1eNeUF8hLL7SpTQsdXCjN6CobzJX+WGlo9mrvvFGkGgBwsYCjukRJV
+rhFBRHnHs4xZIvLv3ipQEnb7pmQYOe5sHzTUj+hWNMTSXJxKX9ZauVJ8B0iEgID
fkf9fsYOpwZwu5MOPlucgQZySo6l011rHNxo5CW//9wnveGrCw/E/actLyhvgpiC
Dj5/NQASgFPEv1cr7LnhIChnNjvujxDBbvpwirA5fOv3vvk1ZDiLDs0ADvg6t1H7
X3zT+ghXWfOWoQBpYsWet+25oAcW6iaLVXWlmDWFVK0b/dQd/xTdyZdrJQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG1qQnPTqDsdqsM45qqH2ajG6Sw6MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYldwQ2M5T29PeDJxd3pqbXFvZlpxTWJwTERvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIDm7NaVqw0tvvM1FveT
wTtSq1KXvP80Tp55xSzOmgQfTDZwdERGD9LMWGW0mNv/STjAV8k0ouj38NiySGyE
CYet+ObHjstB4Gk1sO4AIr8ePzetv4frJDXySylHiOS9EjxnXJk/uOq6MzZNeBDN
4CYUwrTbY+sjDHRMpO1sZPcxEGbkvcmWaJwDD5PdXHkMPOQvU3UAYT07ij8Q4doJ
pC6W2vjf0fu6yRyE+JGF/23rk1WFZUraEqGQzsLN9v9dv5ymJJVleiw24GwTohM/
QUVblh9LBoBlvNnTnDGaMhHwvCDrA2KoO3hl9UXczhxekYKWGD6IgQpyi0bnY5cI
6gA=
-----END CERTIFICATE-----
Generated at Thu Mar 28 21:02:50 2024 by rpki-client on console.sobornost.net