Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/kjnDPDZUedKojbDDtbnxV8M6zUE.roa
File: kjnDPDZUedKojbDDtbnxV8M6zUE.roa (raw, json)
Hash identifier: hfUWxcMYwzbvxXrE9HKHMTcyxaihLz7iXe4RwVXlGiM=
Subject key identifier: 92:39:C3:3C:36:54:79:D2:A8:8D:B0:C3:B5:B9:F1:57:C3:3A:CD:41
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E75F3F191A8BA61F24575FA2F746480F0
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/kjnDPDZUedKojbDDtbnxV8M6zUE.roa
Signing time: Mon 25 Mar 2024 14:11:45 +0000
ROA not before: Mon 25 Mar 2024 14:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 25 Mar 2024 15:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:75:f3:f1:91:a8:ba:61:f2:45:75:fa:2f:74:64:80:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 25 14:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9239c33c365479d2a88db0c3b5b9f157c33acd41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:53:6c:2f:25:29:19:a1:88:5c:32:4f:0b:22:
30:56:5e:cd:ba:3d:7a:5a:0c:d4:e4:b8:1f:d5:f1:
44:b8:7f:32:fe:58:01:16:ff:fe:f5:53:5b:6f:ee:
e8:45:0d:15:44:ce:60:48:67:c3:63:32:9c:48:af:
c0:06:1f:a7:e4:29:fa:72:b1:bd:28:a1:e0:e1:9e:
ff:b0:d0:13:77:b1:f8:c4:0f:58:96:af:c9:bc:9c:
19:50:a9:54:39:42:a0:79:6c:97:1f:10:3c:2e:bc:
fe:d0:55:90:ef:87:37:23:17:3b:1f:8f:1e:cc:88:
5f:0d:dc:0d:64:f0:a5:05:ce:af:a4:07:77:cf:1d:
a6:46:72:30:81:4d:97:d6:2f:91:db:9c:7d:42:0c:
db:ed:6a:e8:d3:07:39:03:0b:6e:a4:ee:47:e0:85:
cc:e6:15:bd:5e:1b:d9:27:98:3b:cb:b1:19:64:71:
c3:1b:85:f4:b6:56:9f:00:0f:b0:88:a9:09:11:8f:
c3:cd:af:67:8a:8b:ea:6e:e2:c2:23:32:b5:e9:a2:
e5:ad:b3:71:72:5c:90:10:52:fb:9b:24:45:6e:63:
19:35:c1:8d:d8:f8:6e:75:b5:42:7f:e6:78:32:ea:
19:ce:1b:ff:08:61:bb:fe:64:ee:71:17:eb:ee:b3:
0a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:39:C3:3C:36:54:79:D2:A8:8D:B0:C3:B5:B9:F1:57:C3:3A:CD:41
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/kjnDPDZUedKojbDDtbnxV8M6zUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
30:07:02:fb:f5:dc:8d:46:fc:ce:96:e3:58:ee:cd:45:b2:19:
47:d7:15:e6:07:5a:56:99:64:d3:78:3f:e3:50:1f:f8:09:67:
78:9d:c7:ff:12:0c:7e:b8:8f:95:78:34:91:43:a5:f5:92:20:
b8:d1:a1:57:4e:91:bf:fc:81:e9:da:c1:ba:3a:78:45:ac:c8:
af:7c:07:bf:b1:6b:07:d8:20:1a:0d:52:3f:43:3c:af:6d:e2:
d8:08:ad:34:5c:34:83:0b:82:15:18:46:93:8d:ee:9e:58:b3:
2c:b5:08:70:43:d3:bc:71:ea:57:c4:08:1f:26:4e:83:52:92:
db:38:09:db:bc:bf:d3:75:f1:a1:7c:45:91:59:6f:8a:5c:36:
e4:de:ca:af:fb:ab:e0:a5:3d:8b:18:f9:1e:b6:e8:50:05:d9:
0c:66:16:9c:f5:dd:8a:a6:9b:77:27:c7:5b:93:6e:52:cf:ec:
a9:43:d1:26:e1:07:87:e6:15:66:34:2b:92:b5:b5:e9:7d:0a:
44:7a:17:c1:5b:ff:67:0d:e5:29:be:8a:51:98:3c:7f:ed:53:
ff:9f:af:6c:3b:13:48:af:60:b6:fa:77:75:ec:34:95:72:be:
85:8e:08:1a:5a:a7:74:10:25:15:9f:9d:12:a0:cf:5a:7a:e3:
26:dd:2d:ed
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY518/GRqLph8kV1+i90ZIDwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI1MTQxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjM5YzMzYzM2NTQ3OWQyYTg4ZGIwYzNiNWI5ZjE1N2MzM2FjZDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVNsLyUpGaGIXDJPCyIwVl7Nuj16
WgzU5Lgf1fFEuH8y/lgBFv/+9VNbb+7oRQ0VRM5gSGfDYzKcSK/ABh+n5Cn6crG9
KKHg4Z7/sNATd7H4xA9Ylq/JvJwZUKlUOUKgeWyXHxA8Lrz+0FWQ74c3Ixc7H48e
zIhfDdwNZPClBc6vpAd3zx2mRnIwgU2X1i+R25x9Qgzb7Wro0wc5AwtupO5H4IXM
5hW9XhvZJ5g7y7EZZHHDG4X0tlafAA+wiKkJEY/Dza9niovqbuLCIzK16aLlrbNx
clyQEFL7myRFbmMZNcGN2PhudbVCf+Z4MuoZzhv/CGG7/mTucRfr7rMKtQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJI5wzw2VHnSqI2ww7W58VfDOs1BMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEva2puRFBEWlVlZEtvamJERHRibnhWOE02elVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADAHAvv13I1G/M6W41ju
zUWyGUfXFeYHWlaZZNN4P+NQH/gJZ3idx/8SDH64j5V4NJFDpfWSILjRoVdOkb/8
genawbo6eEWsyK98B7+xawfYIBoNUj9DPK9t4tgIrTRcNIMLghUYRpON7p5Ysyy1
CHBD07xx6lfECB8mToNSkts4Cdu8v9N18aF8RZFZb4pcNuTeyq/7q+ClPYsY+R62
6FAF2QxmFpz13Yqmm3cnx1uTblLP7KlD0SbhB4fmFWY0K5K1tel9CkR6F8Fb/2cN
5Sm+ilGYPH/tU/+fr2w7E0ivYLb6d3XsNJVyvoWOCBpap3QQJRWfnRKgz1p64ybd
Le0=
-----END CERTIFICATE-----
Generated at Mon Mar 25 20:55:02 2024 by rpki-client on console.sobornost.net