Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/kiJFILzmu-B7hF51njKgZ_EX9BY.roa
File: kiJFILzmu-B7hF51njKgZ_EX9BY.roa (raw, json)
Hash identifier: EyJ270WdBNi6dVU6DQkz/re0uZVGHfDGMqS5Wdm+uFE=
Subject key identifier: 92:22:45:20:BC:E6:BB:E0:7B:84:5E:75:9E:32:A0:67:F1:17:F4:16
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E6B0183DECB13789321FB3CC499CCA5E1
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/kiJFILzmu-B7hF51njKgZ_EX9BY.roa
Signing time: Sat 23 Mar 2024 11:10:45 +0000
ROA not before: Sat 23 Mar 2024 11:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 23 Mar 2024 12:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:6b:01:83:de:cb:13:78:93:21:fb:3c:c4:99:cc:a5:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 23 11:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92224520bce6bbe07b845e759e32a067f117f416
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:92:91:54:8f:fd:29:40:a7:39:f4:1b:f8:a8:
e8:0b:e6:aa:05:e0:8c:bb:6d:b3:1d:a6:48:8a:5e:
8d:88:19:45:37:e1:c6:1e:d2:c5:25:b6:49:64:fa:
81:20:be:24:2f:29:e6:38:44:18:81:00:c1:e0:3d:
53:40:a1:47:49:8b:b5:84:86:a7:90:30:b6:de:ab:
8b:a5:50:ca:c6:a1:a4:d5:d2:01:75:2a:11:bb:51:
21:e8:e7:5a:3a:f1:8c:63:86:b1:cb:15:08:98:a6:
33:3a:28:33:f0:cd:10:61:49:34:d9:c0:0c:d4:9e:
03:e3:08:94:e8:cf:84:8a:eb:6e:5b:ba:55:a2:e6:
95:d8:80:c8:ea:fa:b4:a9:cd:a9:4e:df:19:d9:c7:
7a:43:55:0a:ba:08:2e:83:49:dc:63:4b:68:8d:02:
d6:f0:8a:07:c5:1e:e5:5e:07:6e:a4:c6:56:0d:b9:
96:9a:ca:0b:c4:6b:cb:04:11:56:ce:de:73:fb:44:
3f:c6:f8:42:0b:d5:ee:3a:f8:f8:82:5d:6f:0c:c1:
98:df:aa:66:41:1a:79:05:f2:e0:99:82:36:e0:b4:
63:f2:c1:5d:cb:69:74:bd:da:cb:d5:d7:40:68:8d:
d6:4d:3e:a1:36:36:1d:0c:f0:a3:59:c6:54:8c:ef:
b2:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:22:45:20:BC:E6:BB:E0:7B:84:5E:75:9E:32:A0:67:F1:17:F4:16
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/kiJFILzmu-B7hF51njKgZ_EX9BY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a5:89:8a:e3:f4:86:e2:b9:bf:c6:21:9f:44:f6:1f:ae:c6:6d:
c1:e3:a3:7e:9b:76:b3:8c:a6:3e:f8:4f:da:2f:86:85:4a:f2:
31:1d:b9:e8:36:37:d9:c3:45:24:bf:eb:0c:c0:f0:ae:b3:14:
c6:8f:a8:06:84:35:85:39:85:a9:63:38:20:b7:54:b8:f3:16:
79:ae:c2:10:36:5a:4d:aa:28:0e:30:f5:57:fd:4c:88:eb:6b:
dd:64:92:43:2b:38:9b:bf:7e:7f:89:b6:e2:5f:1c:d1:8f:e5:
c4:d1:f2:c2:f6:b6:f2:d5:47:0c:91:7c:cf:91:7c:45:20:f3:
31:74:93:97:03:01:be:90:1f:e0:bc:89:dc:61:9b:75:09:04:
ae:a2:b3:d3:0e:bb:c5:40:0d:12:14:5b:fe:31:15:5a:27:47:
8e:0e:89:7b:53:58:7a:1c:de:50:ee:6e:e5:37:78:3c:b5:c5:
d7:69:5b:59:4e:75:71:28:9a:8e:76:88:8c:0c:4e:6a:b8:38:
1f:d6:9b:36:69:95:44:4c:9f:6f:a9:d0:81:ea:b0:0d:9a:93:
86:93:18:0d:96:7d:60:8a:2d:44:aa:1d:f1:3b:9a:32:d0:25:
64:ca:70:1d:a9:74:8d:33:a7:2c:30:ad:2e:9e:c0:1f:cf:18:
ee:fa:f8:c2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5rAYPeyxN4kyH7PMSZzKXhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzIzMTExMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjIyNDUyMGJjZTZiYmUwN2I4NDVlNzU5ZTMyYTA2N2YxMTdmNDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15KRVI/9KUCnOfQb+KjoC+aqBeCM
u22zHaZIil6NiBlFN+HGHtLFJbZJZPqBIL4kLynmOEQYgQDB4D1TQKFHSYu1hIan
kDC23quLpVDKxqGk1dIBdSoRu1Eh6OdaOvGMY4axyxUImKYzOigz8M0QYUk02cAM
1J4D4wiU6M+EiutuW7pVouaV2IDI6vq0qc2pTt8Z2cd6Q1UKuggug0ncY0tojQLW
8IoHxR7lXgdupMZWDbmWmsoLxGvLBBFWzt5z+0Q/xvhCC9XuOvj4gl1vDMGY36pm
QRp5BfLgmYI24LRj8sFdy2l0vdrL1ddAaI3WTT6hNjYdDPCjWcZUjO+y/wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJIiRSC85rvge4RedZ4yoGfxF/QWMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEva2lKRklMem11LUI3aEY1MW5qS2daX0VYOUJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKWJiuP0huK5v8Yhn0T2
H67GbcHjo36bdrOMpj74T9ovhoVK8jEdueg2N9nDRSS/6wzA8K6zFMaPqAaENYU5
haljOCC3VLjzFnmuwhA2Wk2qKA4w9Vf9TIjra91kkkMrOJu/fn+JtuJfHNGP5cTR
8sL2tvLVRwyRfM+RfEUg8zF0k5cDAb6QH+C8idxhm3UJBK6is9MOu8VADRIUW/4x
FVonR44OiXtTWHoc3lDubuU3eDy1xddpW1lOdXEomo52iIwMTmq4OB/WmzZplURM
n2+p0IHqsA2ak4aTGA2WfWCKLUSqHfE7mjLQJWTKcB2pdI0zpywwrS6ewB/PGO76
+MI=
-----END CERTIFICATE-----
Generated at Sat Mar 23 17:51:02 2024 by rpki-client on console.sobornost.net