Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hfVUoQocO5N0tvNaeT0uA3sBptw.roa
File: hfVUoQocO5N0tvNaeT0uA3sBptw.roa (raw, json)
Hash identifier: bLto0kIVh2vojTEzIsb+5U6NODSH2GXya5BN01EzcLY=
Subject key identifier: 85:F5:54:A1:0A:1C:3B:93:74:B6:F3:5A:79:3D:2E:03:7B:01:A6:DC
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EA41554DDB2F0F28FBC0D1A191EB2968A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hfVUoQocO5N0tvNaeT0uA3sBptw.roa
Signing time: Wed 03 Apr 2024 13:10:45 +0000
ROA not before: Wed 03 Apr 2024 13:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 03 Apr 2024 14:04:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a4:15:54:dd:b2:f0:f2:8f:bc:0d:1a:19:1e:b2:96:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 3 13:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85f554a10a1c3b9374b6f35a793d2e037b01a6dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a2:b9:90:1e:db:51:8a:e6:1a:7c:71:b6:12:
48:33:0b:d2:af:7c:9e:49:d9:9c:61:96:67:1f:f7:
02:60:c4:18:53:b4:41:e1:90:7d:fc:54:e5:f9:d6:
3b:0f:fc:33:fc:ab:d2:52:7a:c1:27:6a:f5:4e:ef:
0d:7c:1e:89:c2:61:f5:1d:9b:9d:fd:4d:28:d0:c2:
e1:9e:c4:42:c0:c6:ec:ab:53:a2:e7:f9:b7:0d:86:
34:7b:6e:03:04:12:77:06:ec:f3:e3:79:c1:14:b8:
df:38:c8:f8:c3:ac:12:b5:a8:e7:6b:9e:15:19:c1:
60:8e:84:95:f5:24:6d:9f:b4:2e:b8:ec:16:6f:ca:
e7:82:0d:87:12:36:40:c7:20:44:4c:a9:41:d5:bd:
9d:03:e6:06:b3:a8:8c:0c:f6:55:57:26:0b:cd:63:
4e:41:80:c6:70:f1:f9:f3:c0:cc:5b:2d:93:a1:ba:
c8:d9:d1:b5:1c:ba:97:ab:cd:8a:84:9e:2a:f7:30:
1e:8c:31:19:25:50:68:1b:d8:6f:05:72:7b:72:1a:
81:40:85:8a:08:9a:67:5f:2e:bd:72:5c:a2:fb:2b:
52:7d:e6:b3:49:44:a6:45:a8:6f:d1:b2:6a:e8:e6:
20:fc:c9:05:32:7b:67:8d:74:41:38:ab:a3:34:a1:
b2:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:F5:54:A1:0A:1C:3B:93:74:B6:F3:5A:79:3D:2E:03:7B:01:A6:DC
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hfVUoQocO5N0tvNaeT0uA3sBptw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
52:f1:a7:aa:82:ce:d9:d7:86:2b:84:d7:c1:05:dc:30:ad:99:
e7:d1:69:fa:51:76:47:73:58:a4:e9:6f:24:87:fe:39:27:be:
11:da:83:e9:16:d1:6b:b9:da:b6:8d:07:ef:6f:e7:3b:1c:8f:
61:f1:cf:44:5e:36:c6:0a:16:96:f7:2f:78:e6:10:f0:bf:34:
2c:9c:59:5f:d5:95:71:6e:7f:03:38:1a:65:68:cf:0b:ce:1a:
6d:f4:52:d4:06:f6:f0:46:99:2d:fc:e2:38:b9:74:9b:eb:e4:
00:fa:fa:69:41:66:52:ca:11:3b:5a:b7:15:2b:bf:fa:a5:0a:
ca:7f:f2:d6:da:ad:ca:1a:d4:0b:77:a5:4c:ff:6c:2a:04:54:
10:25:4b:93:29:22:1c:98:b9:15:2c:fe:fa:2f:46:78:6e:81:
7e:9e:a0:ed:c5:6e:5e:79:4c:3b:f9:4a:fc:1f:f3:0b:44:c5:
db:46:86:61:2c:4f:ea:97:95:f0:3b:9d:02:c0:78:39:f5:3a:
48:74:b4:f0:a4:96:2c:52:70:8f:eb:d9:0b:03:46:9b:a7:fe:
2c:02:da:14:ae:b4:12:75:2f:c7:96:e2:7a:31:2c:8d:e7:47:
3e:9b:c5:59:80:cd:59:c9:9e:fc:76:fe:6a:8f:af:51:d0:03:
05:6f:08:ac
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6kFVTdsvDyj7wNGhkespaKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDAzMTMxMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWY1NTRhMTBhMWMzYjkzNzRiNmYzNWE3OTNkMmUwMzdiMDFhNmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaK5kB7bUYrmGnxxthJIMwvSr3ye
SdmcYZZnH/cCYMQYU7RB4ZB9/FTl+dY7D/wz/KvSUnrBJ2r1Tu8NfB6JwmH1HZud
/U0o0MLhnsRCwMbsq1Oi5/m3DYY0e24DBBJ3Buzz43nBFLjfOMj4w6wStajna54V
GcFgjoSV9SRtn7QuuOwWb8rngg2HEjZAxyBETKlB1b2dA+YGs6iMDPZVVyYLzWNO
QYDGcPH588DMWy2TobrI2dG1HLqXq82KhJ4q9zAejDEZJVBoG9hvBXJ7chqBQIWK
CJpnXy69clyi+ytSfeazSUSmRahv0bJq6OYg/MkFMntnjXRBOKujNKGyKQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIX1VKEKHDuTdLbzWnk9LgN7AabcMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvaGZWVW9Rb2NPNU4wdHZOYWVUMHVBM3NCcHR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFLxp6qCztnXhiuE18EF
3DCtmefRafpRdkdzWKTpbySH/jknvhHag+kW0Wu52raNB+9v5zscj2Hxz0ReNsYK
Fpb3L3jmEPC/NCycWV/VlXFufwM4GmVozwvOGm30UtQG9vBGmS384ji5dJvr5AD6
+mlBZlLKETtatxUrv/qlCsp/8tbarcoa1At3pUz/bCoEVBAlS5MpIhyYuRUs/vov
RnhugX6eoO3Fbl55TDv5Svwf8wtExdtGhmEsT+qXlfA7nQLAeDn1Okh0tPCklixS
cI/r2QsDRpun/iwC2hSutBJ1L8eW4noxLI3nRz6bxVmAzVnJnvx2/mqPr1HQAwVv
CKw=
-----END CERTIFICATE-----
Generated at Wed Apr 3 20:02:39 2024 by rpki-client on console.sobornost.net