Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/m6iX3Aj8W1_xaKPwSPz9HyKEvnA.roa
File: m6iX3Aj8W1_xaKPwSPz9HyKEvnA.roa (raw, json)
Hash identifier: 7d9BOgpk3Z/YEsB+Q3EG/VNy1aHPrcMp/DAsxKDjnfg=
Subject key identifier: 9B:A8:97:DC:08:FC:5B:5F:F1:68:A3:F0:48:FC:FD:1F:22:84:BE:70
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EAF017D43B3D8A4B2ED0E503AECD1E577
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/m6iX3Aj8W1_xaKPwSPz9HyKEvnA.roa
Signing time: Fri 05 Apr 2024 16:04:54 +0000
ROA not before: Fri 05 Apr 2024 16:04:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18e:af00:e08c/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 05 Apr 2024 16:14:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:af:01:7d:43:b3:d8:a4:b2:ed:0e:50:3a:ec:d1:e5:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 5 16:04:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ba897dc08fc5b5ff168a3f048fcfd1f2284be70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:79:eb:22:d8:38:08:47:09:a8:f6:9b:5b:93:
0f:3f:63:ba:3a:bb:92:7c:6b:7d:26:d0:ee:44:15:
8f:0d:b0:5f:d4:56:ef:e2:b3:62:0a:52:18:7f:2b:
f8:84:0c:50:a4:a2:28:b0:43:b9:51:03:63:a4:ad:
8a:e2:61:28:44:7f:db:9e:a3:91:d7:22:a7:0e:d6:
36:9b:d5:a0:9c:38:d3:ea:71:62:d1:43:4d:90:b2:
6f:5c:2c:7d:fb:c5:a6:a6:5d:7d:a8:12:99:66:95:
f3:37:cb:11:58:b6:f5:90:bb:4f:aa:17:e1:6e:cc:
50:ab:57:ee:7b:9b:6f:4c:76:38:85:b0:23:0d:ff:
3f:11:c7:1a:b0:f9:71:1d:d9:8f:5a:0a:af:09:3e:
a9:55:0b:2c:b1:d0:2f:12:0f:32:8b:84:8b:3f:20:
ec:55:09:f3:e8:10:27:20:b2:2f:af:6f:c1:80:79:
2a:4c:6e:56:06:db:90:89:13:db:96:5e:d9:38:a9:
6d:cd:61:c5:b4:42:80:95:14:b5:d7:ea:82:24:18:
ed:4c:7d:c9:5d:17:1e:bc:0e:38:cc:81:c9:46:5d:
ad:71:3d:11:f2:e0:87:f9:67:8a:9b:81:39:62:38:
df:e9:16:a6:47:5f:70:12:1a:0f:60:c7:e3:32:13:
e8:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:A8:97:DC:08:FC:5B:5F:F1:68:A3:F0:48:FC:FD:1F:22:84:BE:70
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/m6iX3Aj8W1_xaKPwSPz9HyKEvnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
56:51:1a:f1:d9:d0:d7:fe:e4:58:17:cd:a5:28:c8:cd:ef:b3:
66:d5:a9:6b:37:1c:2c:5a:10:2f:30:75:8c:98:9d:7c:a8:f4:
77:90:ea:a8:d9:06:e3:3e:80:c8:fb:eb:a3:18:ff:5f:9a:07:
0d:94:23:0e:96:29:e6:b8:72:90:fd:96:28:a6:d6:57:e0:45:
e0:2f:5c:e9:e5:84:c4:cf:fc:7a:a6:4e:5e:83:21:4d:21:e3:
1d:33:48:b1:19:72:c1:88:7c:7f:20:da:55:56:ab:74:8b:d4:
04:de:51:64:05:97:a3:34:29:f8:b9:9b:18:7c:ce:11:9a:82:
1e:04:18:24:c9:0d:fe:79:b2:e0:36:26:7b:a8:1c:d6:f2:31:
7a:fb:b4:a7:72:6b:0a:c5:77:8e:af:35:45:21:e9:d9:bd:5d:
9e:27:5d:72:e3:29:58:a7:4b:d8:0d:7f:b9:e7:51:f9:34:63:
60:bb:c7:2f:f4:b8:6d:bf:88:9b:ea:a4:44:83:c4:12:c3:f2:
e4:38:5e:c6:95:2f:88:a7:c9:43:9d:ea:de:5d:a7:55:55:3a:
d9:24:f4:5b:e2:d1:d9:3b:bc:cd:bc:29:fb:5c:50:f8:fd:58:
8a:55:65:91:ee:52:13:88:cd:1d:e8:a6:ea:a4:1f:0a:5c:a7:
57:a7:7b:ea
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6vAX1Ds9iksu0OUDrs0eV3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA1MTYwNDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmE4OTdkYzA4ZmM1YjVmZjE2OGEzZjA0OGZjZmQxZjIyODRiZTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2HnrItg4CEcJqPabW5MPP2O6OruS
fGt9JtDuRBWPDbBf1Fbv4rNiClIYfyv4hAxQpKIosEO5UQNjpK2K4mEoRH/bnqOR
1yKnDtY2m9WgnDjT6nFi0UNNkLJvXCx9+8Wmpl19qBKZZpXzN8sRWLb1kLtPqhfh
bsxQq1fue5tvTHY4hbAjDf8/EccasPlxHdmPWgqvCT6pVQsssdAvEg8yi4SLPyDs
VQnz6BAnILIvr2/BgHkqTG5WBtuQiRPbll7ZOKltzWHFtEKAlRS11+qCJBjtTH3J
XRcevA44zIHJRl2tcT0R8uCH+WeKm4E5Yjjf6RamR19wEhoPYMfjMhPo7wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJuol9wI/Ftf8Wij8Ej8/R8ihL5wMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbTZpWDNBajhXMV94YUtQd1NQejlIeUtFdm5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFZRGvHZ0Nf+5FgXzaUo
yM3vs2bVqWs3HCxaEC8wdYyYnXyo9HeQ6qjZBuM+gMj766MY/1+aBw2UIw6WKea4
cpD9liim1lfgReAvXOnlhMTP/HqmTl6DIU0h4x0zSLEZcsGIfH8g2lVWq3SL1ATe
UWQFl6M0Kfi5mxh8zhGagh4EGCTJDf55suA2JnuoHNbyMXr7tKdyawrFd46vNUUh
6dm9XZ4nXXLjKVinS9gNf7nnUfk0Y2C7xy/0uG2/iJvqpESDxBLD8uQ4XsaVL4in
yUOd6t5dp1VVOtkk9Fvi0dk7vM28KftcUPj9WIpVZZHuUhOIzR3opuqkHwpcp1en
e+o=
-----END CERTIFICATE-----
Generated at Fri Apr 5 23:09:44 2024 by rpki-client on console.sobornost.net