Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/fgtsmPzACYCRcSX0QvEdRpZ7TNY.roa
File: fgtsmPzACYCRcSX0QvEdRpZ7TNY.roa (raw, json)
Hash identifier: NnbI19VTA+sK/AFWFSU2qc+ik5L6IzB2nmoDdgqL63Q=
Subject key identifier: 7E:0B:6C:98:FC:C0:09:80:91:71:25:F4:42:F1:1D:46:96:7B:4C:D6
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018ED94E8A3A12B4901D151FB76D4AE2B894
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/fgtsmPzACYCRcSX0QvEdRpZ7TNY.roa
Signing time: Sat 13 Apr 2024 21:13:06 +0000
ROA not before: Sat 13 Apr 2024 21:13:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 13 Apr 2024 22:05:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d9:4e:8a:3a:12:b4:90:1d:15:1f:b7:6d:4a:e2:b8:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 13 21:13:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e0b6c98fcc00980917125f442f11d46967b4cd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:61:29:4d:b4:e1:3f:6c:26:19:44:0e:a0:7f:
6d:60:bb:49:90:bd:a4:e8:f5:14:9d:43:b2:c4:2e:
5a:84:16:73:5e:35:43:7f:9d:90:be:46:b4:a8:15:
40:48:3a:42:a6:a9:c9:20:d4:00:f6:d0:2e:ea:7e:
3b:ce:c1:05:a3:39:7a:e4:c2:b0:f6:36:19:1a:33:
29:49:69:39:7f:fb:65:32:59:60:3b:5a:5f:6e:2a:
46:b2:c7:cf:28:18:51:f4:92:32:c2:97:86:d9:f7:
ae:ac:92:91:a9:ad:18:88:b5:61:67:ed:bd:8b:7c:
92:8e:72:8d:44:69:25:4e:f8:a5:30:c8:a4:64:5d:
b5:a4:ad:28:f3:75:22:f7:db:65:ff:63:69:4c:8c:
3d:3a:bd:76:01:6c:c5:78:6b:53:46:e5:e3:0e:35:
92:a1:a0:f3:c8:8b:0b:d2:6b:91:85:0a:5c:2d:0f:
53:d5:e9:4a:b5:46:81:2f:81:66:8b:82:5a:12:e8:
e4:03:a1:ec:1c:6f:22:50:ec:d1:ca:c9:7a:92:11:
7e:d1:c4:f4:fe:9f:2b:5e:c4:50:e8:41:c8:9d:26:
5d:85:4c:ff:5e:ea:16:c0:c9:fa:0d:c4:a5:dc:fe:
97:85:a1:ce:10:be:df:46:98:8d:9e:3c:d8:62:dd:
da:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:0B:6C:98:FC:C0:09:80:91:71:25:F4:42:F1:1D:46:96:7B:4C:D6
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/fgtsmPzACYCRcSX0QvEdRpZ7TNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2e:db:c2:7e:a8:f5:6e:00:68:07:3e:5f:e2:3e:bd:5b:d3:9b:
26:ee:9c:0f:9f:a0:bc:2e:68:d7:80:e8:b9:d6:fa:33:bd:4d:
51:12:43:9c:5c:74:e1:4d:d0:b9:5b:a1:bb:78:86:c4:51:b3:
eb:7a:81:74:1b:2c:55:54:93:c0:4f:90:b2:8f:20:cf:0b:cb:
a7:35:41:8f:1b:e5:f9:11:0a:67:af:1e:f5:31:32:e0:8f:db:
a7:25:89:de:61:8c:04:ef:14:a4:70:42:42:ec:6f:25:47:7b:
c0:e6:2c:fc:ab:b2:28:8d:29:a3:19:85:9e:a1:8b:f1:67:87:
64:1a:47:13:4d:2c:8e:7a:a6:84:a5:d9:f6:5b:fe:46:17:b5:
2f:01:a7:75:af:90:21:73:f6:65:ac:8b:0f:a3:f0:4e:21:78:
f2:09:63:43:73:35:46:b4:23:dc:5d:3f:8e:b6:3f:35:cc:57:
78:a2:e3:ec:ac:61:46:28:03:64:57:e4:a8:8e:b9:64:3c:1a:
de:66:ac:8e:d2:57:f9:a2:90:29:f6:b9:53:ae:3a:19:0c:22:
6e:33:33:af:9c:6a:13:01:a3:48:64:7e:e8:39:29:c2:53:a2:
67:2f:f0:e7:74:32:44:ac:3e:02:1c:de:ab:e3:46:f4:5c:55:
39:7a:e5:40
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7ZToo6ErSQHRUft21K4riUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDEzMjExMzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTBiNmM5OGZjYzAwOTgwOTE3MTI1ZjQ0MmYxMWQ0Njk2N2I0Y2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWEpTbThP2wmGUQOoH9tYLtJkL2k
6PUUnUOyxC5ahBZzXjVDf52Qvka0qBVASDpCpqnJINQA9tAu6n47zsEFozl65MKw
9jYZGjMpSWk5f/tlMllgO1pfbipGssfPKBhR9JIywpeG2feurJKRqa0YiLVhZ+29
i3ySjnKNRGklTvilMMikZF21pK0o83Ui99tl/2NpTIw9Or12AWzFeGtTRuXjDjWS
oaDzyIsL0muRhQpcLQ9T1elKtUaBL4Fmi4JaEujkA6HsHG8iUOzRysl6khF+0cT0
/p8rXsRQ6EHInSZdhUz/XuoWwMn6DcSl3P6XhaHOEL7fRpiNnjzYYt3aBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH4LbJj8wAmAkXEl9ELxHUaWe0zWMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZmd0c21QekFDWUNSY1NYMFF2RWRScFo3VE5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC7bwn6o9W4AaAc+X+I+
vVvTmybunA+foLwuaNeA6LnW+jO9TVESQ5xcdOFN0Llbobt4hsRRs+t6gXQbLFVU
k8BPkLKPIM8Ly6c1QY8b5fkRCmevHvUxMuCP26clid5hjATvFKRwQkLsbyVHe8Dm
LPyrsiiNKaMZhZ6hi/Fnh2QaRxNNLI56poSl2fZb/kYXtS8Bp3WvkCFz9mWsiw+j
8E4hePIJY0NzNUa0I9xdP462PzXMV3ii4+ysYUYoA2RX5KiOuWQ8Gt5mrI7SV/mi
kCn2uVOuOhkMIm4zM6+cahMBo0hkfug5KcJTomcv8Od0MkSsPgIc3qvjRvRcVTl6
5UA=
Generated at Sun Apr 14 06:02:48 2024 by rpki-client on console.sobornost.net