Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/mpYkBgKCV2gaEaiBJsnI8GmrqOQ.roa
File: mpYkBgKCV2gaEaiBJsnI8GmrqOQ.roa (raw, json)
Hash identifier: GYox4Nz9tZWvQ52vIs3l4ztj1TiL4DZGje+NHNv7IuY=
Subject key identifier: 9A:96:24:06:02:82:57:68:1A:11:A8:81:26:C9:C8:F0:69:AB:A8:E4
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E51E104CCDD1F03383F94ABC3E9C4E786
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/mpYkBgKCV2gaEaiBJsnI8GmrqOQ.roa
Signing time: Mon 18 Mar 2024 14:04:45 +0000
ROA not before: Mon 18 Mar 2024 14:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:51e0:b0cd/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 18 Mar 2024 14:13:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:51:e1:04:cc:dd:1f:03:38:3f:94:ab:c3:e9:c4:e7:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 18 14:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a962406028257681a11a88126c9c8f069aba8e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:be:34:39:09:f7:13:d4:3a:25:27:e1:0d:92:
b6:be:ec:2e:39:0c:f1:30:c3:82:9e:8f:22:4b:ad:
84:04:16:79:59:ab:94:20:c8:a3:8e:cf:d2:ed:27:
3d:2d:e0:a6:10:f8:56:9e:7d:21:98:6d:4c:32:eb:
92:ba:b1:53:27:fb:44:72:59:f1:fd:ad:55:0e:75:
23:13:18:ac:6c:f0:f5:88:87:ed:c9:02:4e:7e:13:
b9:50:36:9a:2b:90:f3:8b:5a:ed:54:b1:59:e1:2c:
0a:e4:2c:07:d9:64:f6:93:16:83:46:fd:78:66:ae:
6a:7a:09:56:45:3b:aa:24:44:4a:6f:14:80:3a:e8:
6a:fa:77:3f:63:90:c7:3e:4a:fa:17:06:df:9b:92:
12:5b:88:2f:95:46:4b:13:dc:e5:39:09:1e:6e:a7:
f1:c3:66:17:5a:98:2a:94:44:9b:15:29:b3:c3:f8:
14:c6:f9:d2:f8:41:3d:c0:13:07:0e:6c:1c:bf:26:
10:73:18:13:28:30:de:61:34:ed:f9:3b:b6:1e:1a:
bf:45:b3:4d:55:e2:16:00:65:91:7b:93:8c:d2:be:
2c:2b:5a:f3:21:a8:73:8f:96:73:40:9e:2c:35:41:
1b:b1:fe:61:bb:07:32:c6:ca:c5:ae:a0:5f:49:15:
63:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:96:24:06:02:82:57:68:1A:11:A8:81:26:C9:C8:F0:69:AB:A8:E4
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/mpYkBgKCV2gaEaiBJsnI8GmrqOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6f:37:b1:9f:2a:be:63:05:5f:73:a0:99:b1:c5:8e:41:a8:2d:
c8:4f:f1:ae:a2:15:b2:4a:35:5f:66:64:25:df:ad:30:05:d0:
9c:44:9c:c8:1a:86:33:3a:53:2b:5c:9e:24:2b:5f:35:a0:bf:
25:00:21:10:82:c3:5f:a1:bc:c8:6e:68:bd:ec:87:75:f4:4c:
da:f3:f5:56:38:e7:bc:3d:d0:93:e4:b4:d3:1d:4e:b5:37:28:
cc:0a:32:03:42:b9:5a:6d:77:0f:d5:9b:ec:83:65:2a:eb:50:
71:bc:47:04:6e:02:ae:ef:c3:53:66:25:c4:bd:5c:c6:5c:3e:
c3:28:c6:da:3f:1a:ed:ea:bf:b1:25:78:81:75:6c:af:ca:13:
18:60:c6:41:ed:f7:89:76:f4:14:a8:00:76:32:7f:62:37:6e:
87:f4:0b:65:0d:26:a7:eb:1d:cc:fc:a4:3a:5c:96:c5:a2:a8:
fd:33:b5:54:7a:1d:bd:84:88:ce:9e:3c:52:0b:cb:18:67:c1:
72:8f:23:bb:ae:5d:67:41:05:df:9b:7a:61:dc:ee:05:fe:55:
a5:f1:bf:87:16:e0:42:3e:e1:68:e0:2a:bd:45:a5:af:dd:6d:
ae:72:be:79:ff:da:f9:fe:c1:e1:a3:a7:3f:79:76:25:f7:85:
3c:bd:c6:07
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5R4QTM3R8DOD+Uq8PpxOeGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE4MTQwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTk2MjQwNjAyODI1NzY4MWExMWE4ODEyNmM5YzhmMDY5YWJhOGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3r40OQn3E9Q6JSfhDZK2vuwuOQzx
MMOCno8iS62EBBZ5WauUIMijjs/S7Sc9LeCmEPhWnn0hmG1MMuuSurFTJ/tEclnx
/a1VDnUjExisbPD1iIftyQJOfhO5UDaaK5Dzi1rtVLFZ4SwK5CwH2WT2kxaDRv14
Zq5qeglWRTuqJERKbxSAOuhq+nc/Y5DHPkr6Fwbfm5ISW4gvlUZLE9zlOQkebqfx
w2YXWpgqlESbFSmzw/gUxvnS+EE9wBMHDmwcvyYQcxgTKDDeYTTt+Tu2Hhq/RbNN
VeIWAGWRe5OM0r4sK1rzIahzj5ZzQJ4sNUEbsf5huwcyxsrFrqBfSRVjgwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJqWJAYCgldoGhGogSbJyPBpq6jkMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbXBZa0JnS0NWMmdhRWFpQkpzbkk4R21ycU9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG83sZ8qvmMFX3OgmbHF
jkGoLchP8a6iFbJKNV9mZCXfrTAF0JxEnMgahjM6UytcniQrXzWgvyUAIRCCw1+h
vMhuaL3sh3X0TNrz9VY457w90JPktNMdTrU3KMwKMgNCuVptdw/Vm+yDZSrrUHG8
RwRuAq7vw1NmJcS9XMZcPsMoxto/Gu3qv7EleIF1bK/KExhgxkHt94l29BSoAHYy
f2I3bof0C2UNJqfrHcz8pDpclsWiqP0ztVR6Hb2EiM6ePFILyxhnwXKPI7uuXWdB
Bd+bemHc7gX+VaXxv4cW4EI+4WjgKr1Fpa/dba5yvnn/2vn+weGjpz95diX3hTy9
xgc=
-----END CERTIFICATE-----
Generated at Mon Mar 18 21:08:13 2024 by rpki-client on console.sobornost.net