Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/dQ4Y7uzlnfZc4aXbRaFjW6_9mlU.roa
File: dQ4Y7uzlnfZc4aXbRaFjW6_9mlU.roa (raw, json)
Hash identifier: 0P0NiZ+bfBrRJj1MOTMRwdxDop6IwMTY873enuOzhkM=
Subject key identifier: 75:0E:18:EE:EC:E5:9D:F6:5C:E1:A5:DB:45:A1:63:5B:AF:FD:9A:55
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E94A2403AF83EA8890B3B26938AAE3D3F
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/dQ4Y7uzlnfZc4aXbRaFjW6_9mlU.roa
Signing time: Sun 31 Mar 2024 13:10:44 +0000
ROA not before: Sun 31 Mar 2024 13:10:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, certificate revoked on Sun 31 Mar 2024 14:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:94:a2:40:3a:f8:3e:a8:89:0b:3b:26:93:8a:ae:3d:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 31 13:10:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=750e18eeece59df65ce1a5db45a1635baffd9a55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:0b:57:8c:b7:3a:2e:e7:76:7b:c1:7b:d8:b6:
3a:a4:2c:9b:d4:f4:0b:d5:0a:b3:81:03:65:51:ba:
e1:4b:ce:46:bb:40:ba:72:ff:bc:31:24:47:f3:e7:
42:da:2e:d2:a7:72:b7:4c:40:a4:09:e2:b6:09:ff:
75:ca:6f:61:7e:55:77:5e:6c:88:c0:ee:88:b4:66:
b3:2c:ac:51:09:1e:f2:f3:0b:0e:be:04:db:81:39:
24:a5:3b:25:4f:92:f7:9d:95:60:68:64:8d:34:85:
0b:e1:72:8a:cc:b6:0a:49:94:eb:1b:86:c7:f7:aa:
87:d0:50:3d:1b:04:11:d1:23:25:ea:7b:9b:72:69:
0d:ce:37:7c:4c:27:32:45:d5:aa:2d:6f:b9:07:1f:
93:73:d7:fa:5b:0e:f6:d2:28:25:6d:dd:9e:9d:3e:
1a:09:23:83:b4:2e:79:27:9f:e4:2b:91:f3:4a:f0:
79:a7:4c:36:02:27:e7:41:5b:fe:65:39:c5:e9:20:
aa:13:01:a2:68:e8:53:37:45:f5:a0:ad:21:fc:6b:
57:56:b4:96:c3:6a:f6:36:cb:b0:d8:31:09:7b:96:
83:95:4d:5e:76:0c:b6:48:7e:cb:12:8c:76:c0:79:
f2:e0:29:b4:8a:cf:a3:34:d6:86:82:1d:ff:47:11:
46:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:0E:18:EE:EC:E5:9D:F6:5C:E1:A5:DB:45:A1:63:5B:AF:FD:9A:55
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/dQ4Y7uzlnfZc4aXbRaFjW6_9mlU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9a:65:20:82:03:3c:bb:6c:66:aa:f9:29:50:7b:2d:10:36:6a:
2a:26:60:41:74:5b:59:ec:4a:35:55:ba:1f:a7:60:7e:5b:bc:
25:0c:72:0b:34:3e:6a:4b:b3:9b:a3:1f:a3:92:00:11:b9:a7:
82:4c:3c:d1:26:be:0d:88:ac:57:00:c0:66:ea:d8:12:b2:3c:
c3:06:57:98:29:82:8f:ee:29:ab:7d:85:f2:1e:84:23:4e:8a:
66:95:53:93:b3:fb:a6:3f:73:fb:61:ac:97:5f:fa:9d:19:50:
d9:0d:73:ea:e2:21:fb:78:86:1d:c1:cc:c0:4c:7b:8f:67:fb:
97:a7:db:00:c8:8a:0d:4a:9b:bf:69:4a:2e:03:f2:9d:b3:d8:
52:9e:17:24:1e:eb:f4:be:4c:ac:af:46:d6:10:a2:9d:07:11:
a0:be:4c:a9:84:10:30:1b:3e:d0:2f:4c:cb:a5:29:88:03:31:
b8:10:78:1c:7e:77:3d:ed:4c:98:f7:32:31:87:98:6f:c1:ca:
b3:fe:d6:71:32:20:f0:81:5b:68:6c:85:d4:98:ec:df:36:a4:
37:aa:2c:b2:a7:24:20:1e:dc:29:f4:19:9f:1e:22:42:80:fa:
99:39:56:98:5b:14:43:e1:55:8c:fe:01:92:fd:b5:f4:7c:a4:
14:12:cd:10
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6UokA6+D6oiQs7JpOKrj0/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzMxMTMxMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTBlMThlZWVjZTU5ZGY2NWNlMWE1ZGI0NWExNjM1YmFmZmQ5YTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgtXjLc6Lud2e8F72LY6pCyb1PQL
1QqzgQNlUbrhS85Gu0C6cv+8MSRH8+dC2i7Sp3K3TECkCeK2Cf91ym9hflV3XmyI
wO6ItGazLKxRCR7y8wsOvgTbgTkkpTslT5L3nZVgaGSNNIUL4XKKzLYKSZTrG4bH
96qH0FA9GwQR0SMl6nubcmkNzjd8TCcyRdWqLW+5Bx+Tc9f6Ww720iglbd2enT4a
CSODtC55J5/kK5HzSvB5p0w2AifnQVv+ZTnF6SCqEwGiaOhTN0X1oK0h/GtXVrSW
w2r2Nsuw2DEJe5aDlU1edgy2SH7LEox2wHny4Cm0is+jNNaGgh3/RxFG+QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHUOGO7s5Z32XOGl20WhY1uv/ZpVMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZFE0WTd1emxuZlpjNGFYYlJhRmpXNl85bWxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJplIIIDPLtsZqr5KVB7
LRA2aiomYEF0W1nsSjVVuh+nYH5bvCUMcgs0PmpLs5ujH6OSABG5p4JMPNEmvg2I
rFcAwGbq2BKyPMMGV5gpgo/uKat9hfIehCNOimaVU5Oz+6Y/c/thrJdf+p0ZUNkN
c+riIft4hh3BzMBMe49n+5en2wDIig1Km79pSi4D8p2z2FKeFyQe6/S+TKyvRtYQ
op0HEaC+TKmEEDAbPtAvTMulKYgDMbgQeBx+dz3tTJj3MjGHmG/ByrP+1nEyIPCB
W2hshdSY7N82pDeqLLKnJCAe3Cn0GZ8eIkKA+pk5VphbFEPhVYz+AZL9tfR8pBQS
zRA=
-----END CERTIFICATE-----
Generated at Sun Mar 31 20:32:19 2024 by rpki-client on console.sobornost.net