Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/c8dRCSobG-LHUr4IYUzVbBt36qI.roa
File: c8dRCSobG-LHUr4IYUzVbBt36qI.roa (raw, json)
Hash identifier: j+PmDv+9rPAjkDidn/xZTpWu7sCaL4enezy8f594gCE=
Subject key identifier: 73:C7:51:09:2A:1B:1B:E2:C7:52:BE:08:61:4C:D5:6C:1B:77:EA:A2
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E984298ABED23A77B1DB90EE52AFBAD90
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/c8dRCSobG-LHUr4IYUzVbBt36qI.roa
Signing time: Mon 01 Apr 2024 06:04:45 +0000
ROA not before: Mon 01 Apr 2024 06:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
2001:67c:64:ffff:0:18e:9842:4fef/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 01 Apr 2024 06:10:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:98:42:98:ab:ed:23:a7:7b:1d:b9:0e:e5:2a:fb:ad:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 1 06:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=73c751092a1b1be2c752be08614cd56c1b77eaa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:4d:f8:a2:a1:70:63:30:56:e2:65:21:d0:7b:
a6:b6:63:6c:29:54:81:9e:06:f6:fb:88:e9:d1:2e:
5b:e2:b4:f8:37:67:cb:dc:95:c0:0e:5a:bb:56:21:
21:a5:7e:ee:d9:3a:ff:62:f0:d4:48:30:c8:e3:d5:
97:d6:a7:62:eb:22:ed:1f:50:c4:f4:8d:e2:be:38:
8d:d8:18:11:82:0f:90:12:e0:8b:e7:f2:f2:04:0b:
03:5f:55:b0:90:33:57:ba:4e:23:09:22:40:f5:aa:
6c:4d:52:08:23:6d:2e:73:e6:ef:0e:81:b3:f3:7e:
be:dc:f9:4f:79:54:7b:17:61:6d:8c:b7:e6:e3:05:
a2:7d:3a:c1:fa:92:32:c0:0b:75:d2:3e:d8:8a:d9:
9c:b2:e0:94:89:a6:5e:b2:36:be:64:e8:ac:1b:bd:
78:76:4c:d4:34:11:2c:c2:a8:2a:2f:39:f1:e4:62:
34:4e:dc:0b:69:9a:27:a6:bc:0d:42:21:fb:b6:21:
a5:c0:3a:79:a3:bf:19:57:e6:f9:3e:b8:c1:bb:b1:
ca:29:cf:cd:69:b6:ef:1a:72:61:90:a6:46:0a:f6:
3b:80:5a:e6:e2:a1:0b:21:83:a1:00:c6:75:af:cf:
c9:c0:41:da:d1:08:a8:08:1a:c6:76:c9:a1:9a:77:
c3:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:C7:51:09:2A:1B:1B:E2:C7:52:BE:08:61:4C:D5:6C:1B:77:EA:A2
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/c8dRCSobG-LHUr4IYUzVbBt36qI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
24:46:69:37:2d:2f:b8:25:35:9f:e7:80:8a:69:a9:cb:d6:cb:
4c:30:7d:b6:4f:d7:cc:d6:c0:57:a2:cb:eb:d2:7e:21:9d:86:
d9:e1:f6:19:aa:81:82:86:2d:67:68:e8:70:cd:80:d4:f8:63:
35:11:6f:87:c8:6f:73:bf:4d:3f:dc:f5:79:80:2a:15:b7:42:
10:b2:b2:59:a8:61:56:8f:e9:75:e1:a6:aa:1b:be:36:9f:ce:
5b:67:03:4f:0e:6d:c4:5b:77:0c:6d:07:39:28:f7:2b:0a:9d:
dd:0a:93:4f:62:82:26:97:31:de:fc:69:23:d6:82:a1:9b:26:
e3:44:c7:41:9f:49:df:73:f6:e4:b5:f5:06:13:61:8f:a6:fb:
ec:7e:9a:07:2c:6c:36:b8:41:90:e5:29:2e:73:39:b8:89:c6:
82:e2:5c:69:fe:d1:bb:d8:e7:f4:39:58:7c:cf:2f:39:0c:e3:
58:db:96:74:77:a7:fb:c9:9b:65:90:9b:4e:3d:78:c4:80:7a:
05:00:a8:31:3c:5b:08:c5:44:ff:1a:ce:c1:46:db:c5:ab:b5:
8a:dd:59:16:c0:73:eb:d9:d5:20:ee:ae:6e:85:21:d3:25:ae:
25:19:79:1f:19:03:a9:d5:f7:a7:04:16:1a:23:90:86:a3:24:
5d:0e:8c:43
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6YQpir7SOnex25DuUq+62QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDAxMDYwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2M3NTEwOTJhMWIxYmUyYzc1MmJlMDg2MTRjZDU2YzFiNzdlYWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkE34oqFwYzBW4mUh0HumtmNsKVSB
ngb2+4jp0S5b4rT4N2fL3JXADlq7ViEhpX7u2Tr/YvDUSDDI49WX1qdi6yLtH1DE
9I3ivjiN2BgRgg+QEuCL5/LyBAsDX1WwkDNXuk4jCSJA9apsTVIII20uc+bvDoGz
836+3PlPeVR7F2FtjLfm4wWifTrB+pIywAt10j7YitmcsuCUiaZesja+ZOisG714
dkzUNBEswqgqLznx5GI0TtwLaZonprwNQiH7tiGlwDp5o78ZV+b5PrjBu7HKKc/N
abbvGnJhkKZGCvY7gFrm4qELIYOhAMZ1r8/JwEHa0QioCBrGdsmhmnfD4wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHPHUQkqGxvix1K+CGFM1Wwbd+qiMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYzhkUkNTb2JHLUxIVXI0SVlVelZiQnQzNnFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACRGaTctL7glNZ/ngIpp
qcvWy0wwfbZP18zWwFeiy+vSfiGdhtnh9hmqgYKGLWdo6HDNgNT4YzURb4fIb3O/
TT/c9XmAKhW3QhCyslmoYVaP6XXhpqobvjafzltnA08ObcRbdwxtBzko9ysKnd0K
k09igiaXMd78aSPWgqGbJuNEx0GfSd9z9uS19QYTYY+m++x+mgcsbDa4QZDlKS5z
ObiJxoLiXGn+0bvY5/Q5WHzPLzkM41jblnR3p/vJm2WQm049eMSAegUAqDE8WwjF
RP8azsFG28WrtYrdWRbAc+vZ1SDurm6FIdMlriUZeR8ZA6nV96cEFhojkIajJF0O
jEM=
-----END CERTIFICATE-----
Generated at Mon Apr 1 11:18:48 2024 by rpki-client on console.sobornost.net