Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/jHMkQri8Oy5lOupFnHzpgl0KPZA.roa
File: jHMkQri8Oy5lOupFnHzpgl0KPZA.roa (raw, json)
Hash identifier: tdNvGhABZ56hY1uVinQAdZtdAAdAR9fxG9r+wM5IhxA=
Subject key identifier: 8C:73:24:42:B8:BC:3B:2E:65:3A:EA:45:9C:7C:E9:82:5D:0A:3D:90
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EA936559E68174BA91D288E919C993E81
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/jHMkQri8Oy5lOupFnHzpgl0KPZA.roa
Signing time: Thu 04 Apr 2024 13:04:54 +0000
ROA not before: Thu 04 Apr 2024 13:04:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18e:a935:c9fc/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 04 Apr 2024 13:13:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a9:36:55:9e:68:17:4b:a9:1d:28:8e:91:9c:99:3e:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 4 13:04:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c732442b8bc3b2e653aea459c7ce9825d0a3d90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:cc:f6:a1:94:2e:f4:87:1e:1f:96:07:c8:7f:
00:30:72:d6:d7:94:56:15:c6:50:43:f6:28:2d:8c:
fd:83:02:20:dd:d2:73:37:f7:34:0b:10:7c:8b:96:
bd:41:8d:4c:c5:e7:2c:e2:67:ab:da:2d:a9:7d:bf:
d7:10:21:38:28:ac:8e:cf:5d:89:bb:34:11:df:8c:
7e:e9:9d:f3:e2:af:0e:0b:86:49:68:8b:29:2e:ac:
f5:af:5a:99:7d:bd:01:c6:dc:eb:f9:8f:fb:90:9d:
57:b8:7c:6f:e0:d6:17:55:ab:bd:3f:25:24:3c:5a:
05:c5:60:12:74:54:20:1f:cd:a5:91:02:dc:e0:37:
7f:c2:d9:0f:09:0d:ac:28:41:87:55:87:99:3a:bf:
c3:ac:af:17:62:8d:55:97:65:15:f2:df:07:7c:26:
df:07:9f:d5:1c:46:50:da:96:a8:47:4b:6c:6a:bb:
be:3e:40:a0:de:80:6c:67:ca:b7:20:0f:82:1f:3a:
e2:bd:14:98:a4:07:99:9f:a3:5c:b5:55:23:f3:c9:
9f:ae:6f:13:f6:a0:56:7d:76:d4:34:9b:66:3d:2c:
75:43:5b:9a:34:89:77:c6:22:bf:b1:e3:50:94:ae:
67:92:50:6c:24:a0:8e:11:4b:50:d8:37:c5:69:af:
4c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:73:24:42:B8:BC:3B:2E:65:3A:EA:45:9C:7C:E9:82:5D:0A:3D:90
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/jHMkQri8Oy5lOupFnHzpgl0KPZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9c:51:07:bb:59:ba:46:9b:b3:90:81:8b:0e:19:b5:d8:84:0b:
e6:19:28:b3:b0:fb:e9:83:34:92:00:32:96:b7:b5:f3:85:93:
2d:b9:a5:bd:c2:0e:1b:d4:fc:0c:c0:36:e4:f7:02:da:44:85:
fa:d9:63:8d:e8:9e:b4:18:82:fa:31:5e:65:6c:fd:6d:b6:9b:
1c:b8:cc:a4:4c:86:fd:00:88:24:92:75:ea:9a:74:d8:83:a6:
22:1c:fe:bc:01:67:ba:45:f5:db:bd:c3:f6:b1:52:0c:b7:2a:
6b:e9:e1:cc:8a:2c:3b:7e:d6:44:e6:a7:aa:6e:0a:a2:18:ad:
b6:3e:c2:b8:88:71:29:c4:27:e3:76:d3:0a:08:5d:2b:eb:ce:
81:1e:1f:01:36:a1:7c:a0:fa:36:33:6f:36:b9:9c:40:61:2e:
ea:cf:fe:e2:95:22:05:e7:f9:01:de:b9:2d:12:31:22:ba:60:
2a:38:57:52:a6:19:a9:12:f6:61:9f:3c:9a:63:07:99:12:33:
d0:a8:52:f1:06:c7:aa:c8:a9:9b:3e:bb:99:75:12:37:fd:35:
d7:5f:55:31:26:55:38:0d:8f:40:8a:13:c9:06:16:54:ac:3d:
a8:ca:18:c1:27:f0:7c:44:10:05:5b:75:2b:f2:1e:d5:ee:c8:
03:9d:32:72
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6pNlWeaBdLqR0ojpGcmT6BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA0MTMwNDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzczMjQ0MmI4YmMzYjJlNjUzYWVhNDU5YzdjZTk4MjVkMGEzZDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcz2oZQu9IceH5YHyH8AMHLW15RW
FcZQQ/YoLYz9gwIg3dJzN/c0CxB8i5a9QY1Mxecs4mer2i2pfb/XECE4KKyOz12J
uzQR34x+6Z3z4q8OC4ZJaIspLqz1r1qZfb0Bxtzr+Y/7kJ1XuHxv4NYXVau9PyUk
PFoFxWASdFQgH82lkQLc4Dd/wtkPCQ2sKEGHVYeZOr/DrK8XYo1Vl2UV8t8HfCbf
B5/VHEZQ2paoR0tsaru+PkCg3oBsZ8q3IA+CHzrivRSYpAeZn6NctVUj88mfrm8T
9qBWfXbUNJtmPSx1Q1uaNIl3xiK/seNQlK5nklBsJKCOEUtQ2DfFaa9MqwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIxzJEK4vDsuZTrqRZx86YJdCj2QMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvakhNa1FyaThPeTVsT3VwRm5IenBnbDBLUFpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJxRB7tZukabs5CBiw4Z
tdiEC+YZKLOw++mDNJIAMpa3tfOFky25pb3CDhvU/AzANuT3AtpEhfrZY43onrQY
gvoxXmVs/W22mxy4zKRMhv0AiCSSdeqadNiDpiIc/rwBZ7pF9du9w/axUgy3Kmvp
4cyKLDt+1kTmp6puCqIYrbY+wriIcSnEJ+N20woIXSvrzoEeHwE2oXyg+jYzbza5
nEBhLurP/uKVIgXn+QHeuS0SMSK6YCo4V1KmGakS9mGfPJpjB5kSM9CoUvEGx6rI
qZs+u5l1Ejf9NddfVTEmVTgNj0CKE8kGFlSsPajKGMEn8HxEEAVbdSvyHtXuyAOd
MnI=
-----END CERTIFICATE-----
Generated at Thu Apr 4 19:57:53 2024 by rpki-client on console.sobornost.net