Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/m3tpCMM9HZyORQER4VHpnhP7SMg.roa
File: m3tpCMM9HZyORQER4VHpnhP7SMg.roa (raw, json)
Hash identifier: cb5WNzWxexBRTseL6EeBG+ah+vTVgo+zWYvnkbfMz88=
Subject key identifier: 9B:7B:69:08:C3:3D:1D:9C:8E:45:01:11:E1:51:E9:9E:13:FB:48:C8
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E6266C16FDE845465132D828D58E37136
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/m3tpCMM9HZyORQER4VHpnhP7SMg.roa
Signing time: Thu 21 Mar 2024 19:04:45 +0000
ROA not before: Thu 21 Mar 2024 19:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:6266:49c6/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 21 Mar 2024 19:10:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:62:66:c1:6f:de:84:54:65:13:2d:82:8d:58:e3:71:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 21 19:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b7b6908c33d1d9c8e450111e151e99e13fb48c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:7a:0d:07:58:c6:58:4c:e0:e2:ad:50:08:09:
04:7a:25:b5:a6:e2:c0:88:2f:b5:ec:78:37:96:5e:
f0:89:f5:10:ba:dd:c2:1c:ef:3e:21:e8:d5:8d:06:
d2:2f:f7:0c:21:7f:a6:f2:5e:fe:fb:23:e2:48:2a:
80:52:80:44:1d:41:66:97:3f:7f:b7:a6:ba:ba:ae:
87:85:35:af:b6:88:2b:3c:47:d8:4e:af:f1:2b:9c:
5d:6c:10:d4:2e:0f:b7:ac:95:66:5e:de:ba:87:f8:
6d:a2:64:9b:da:95:67:e9:6d:ac:85:62:e5:7f:fc:
8b:15:c9:19:91:d2:ef:80:6e:f8:f6:c1:80:52:ca:
b1:6e:23:c1:95:f2:1d:0e:aa:7e:c0:f8:20:d8:1e:
09:0b:ca:80:65:44:26:da:05:aa:fa:72:88:a1:54:
2a:e6:25:0a:cc:3a:e6:2c:1c:34:c3:77:e3:89:77:
cb:8e:8f:c0:32:d3:23:b3:a7:e7:b1:0a:a4:d3:43:
00:e3:76:44:62:bb:8e:1c:b7:42:24:71:54:17:ed:
bb:ec:f8:17:8d:16:14:2a:10:fc:3e:3e:25:de:56:
b7:fe:2c:2a:4b:bd:97:0b:69:f6:52:49:92:76:a4:
d5:5c:7f:29:f6:f6:99:a1:70:e4:30:5d:44:a3:2a:
09:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:7B:69:08:C3:3D:1D:9C:8E:45:01:11:E1:51:E9:9E:13:FB:48:C8
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/m3tpCMM9HZyORQER4VHpnhP7SMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7e:40:2a:b6:be:40:ae:4c:c7:82:87:9a:21:8f:16:e0:26:09:
43:71:20:36:3f:c3:31:01:9f:32:31:5f:fa:8e:2d:72:f6:19:
4f:a9:40:3a:67:00:eb:68:50:55:96:df:28:fb:ce:1a:6f:ee:
61:81:92:37:f5:17:76:50:8f:45:d1:4d:f5:54:92:34:a2:b3:
c5:39:04:84:4d:30:76:7b:96:c0:8f:db:50:cf:a9:d3:99:f2:
0c:8d:53:0b:5b:7c:84:6a:19:33:74:72:47:ef:5e:a5:6a:48:
04:6c:e9:4c:78:8f:c3:84:f4:8f:b5:61:ac:8b:db:ca:a4:f3:
ac:4d:ca:8f:d9:9b:48:10:be:35:f7:0d:2e:44:71:3d:06:75:
81:ed:e3:f8:3a:a2:5c:0a:78:db:4a:6a:a7:41:5e:3b:e0:22:
8c:94:d4:9b:cb:bd:84:25:84:1c:06:a1:8b:ed:13:11:5b:ee:
f9:e0:59:8d:7f:8f:19:c7:70:ce:16:e1:85:fb:22:84:02:92:
f6:4c:29:56:1b:e3:86:e7:ea:ba:fd:e6:a1:02:ce:30:a9:8b:
c5:2c:b5:6b:92:74:d2:d8:0d:24:01:89:a8:85:ea:b6:85:66:
30:b6:a2:ea:61:f3:35:0a:5b:49:c7:0b:99:54:50:61:51:5d:
88:c6:5f:e0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5iZsFv3oRUZRMtgo1Y43E2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzIxMTkwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjdiNjkwOGMzM2QxZDljOGU0NTAxMTFlMTUxZTk5ZTEzZmI0OGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3oNB1jGWEzg4q1QCAkEeiW1puLA
iC+17Hg3ll7wifUQut3CHO8+IejVjQbSL/cMIX+m8l7++yPiSCqAUoBEHUFmlz9/
t6a6uq6HhTWvtogrPEfYTq/xK5xdbBDULg+3rJVmXt66h/htomSb2pVn6W2shWLl
f/yLFckZkdLvgG749sGAUsqxbiPBlfIdDqp+wPgg2B4JC8qAZUQm2gWq+nKIoVQq
5iUKzDrmLBw0w3fjiXfLjo/AMtMjs6fnsQqk00MA43ZEYruOHLdCJHFUF+277PgX
jRYUKhD8Pj4l3la3/iwqS72XC2n2UkmSdqTVXH8p9vaZoXDkMF1EoyoJGwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJt7aQjDPR2cjkUBEeFR6Z4T+0jIMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbTN0cENNTTlIWnlPUlFFUjRWSHBuaFA3U01nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH5AKra+QK5Mx4KHmiGP
FuAmCUNxIDY/wzEBnzIxX/qOLXL2GU+pQDpnAOtoUFWW3yj7zhpv7mGBkjf1F3ZQ
j0XRTfVUkjSis8U5BIRNMHZ7lsCP21DPqdOZ8gyNUwtbfIRqGTN0ckfvXqVqSARs
6Ux4j8OE9I+1YayL28qk86xNyo/Zm0gQvjX3DS5EcT0GdYHt4/g6olwKeNtKaqdB
XjvgIoyU1JvLvYQlhBwGoYvtExFb7vngWY1/jxnHcM4W4YX7IoQCkvZMKVYb44bn
6rr95qECzjCpi8UstWuSdNLYDSQBiaiF6raFZjC2ouph8zUKW0nHC5lUUGFRXYjG
X+A=
-----END CERTIFICATE-----
Generated at Fri Mar 22 03:27:01 2024 by rpki-client on console.sobornost.net