Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/pm30NiqPyKsbAigSCVt5mR-FeZo.roa
File: pm30NiqPyKsbAigSCVt5mR-FeZo.roa (raw, json)
Hash identifier: uch3zKhbHFArhfGwbCCc3WIwRb23pOeWcsYOfWR5Hh4=
Subject key identifier: A6:6D:F4:36:2A:8F:C8:AB:1B:02:28:12:09:5B:79:99:1F:85:79:9A
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E5707605A9D6216D5016CD747FCC06662
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/pm30NiqPyKsbAigSCVt5mR-FeZo.roa
Signing time: Tue 19 Mar 2024 14:04:44 +0000
ROA not before: Tue 19 Mar 2024 14:04:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:5707:2713/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 19 Mar 2024 14:11:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:57:07:60:5a:9d:62:16:d5:01:6c:d7:47:fc:c0:66:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 19 14:04:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a66df4362a8fc8ab1b022812095b79991f85799a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:be:63:40:c5:9a:78:85:da:5e:fb:53:b9:33:
86:8b:97:6c:78:d5:c6:6c:dd:69:6b:19:51:4f:f8:
57:73:fd:8a:51:99:43:9b:5a:f3:eb:56:0d:f0:53:
bb:82:da:33:19:94:df:2f:ea:84:05:91:59:3c:1c:
2c:36:b1:45:5a:0a:54:a9:76:ea:19:23:61:56:a2:
a5:9a:b8:de:99:54:97:85:ad:5f:42:07:1a:f3:48:
f1:99:e8:fb:6b:ed:7f:f6:9d:1a:03:b5:5a:2c:2a:
f0:5d:98:94:1c:54:50:55:0e:60:9a:76:7f:ae:c0:
fd:46:0e:b2:dc:f2:b7:7c:d9:44:3f:01:6b:02:12:
c8:2f:a2:07:4a:71:29:0a:89:d6:d5:cd:80:54:7a:
62:02:da:3d:db:d4:d3:5d:7c:b8:8d:00:a2:21:98:
36:96:c5:a2:b4:97:d5:31:d2:8c:ba:0e:83:95:44:
19:9e:06:77:60:80:47:eb:3d:d1:e3:0f:71:66:73:
82:c7:13:52:44:c7:42:81:2e:5c:3b:1d:dc:ae:4e:
e6:5b:50:d1:7e:2c:6a:23:6e:69:50:76:1b:30:2f:
76:e1:d0:f0:28:d9:c1:ac:b0:09:77:62:72:1d:b2:
44:92:7b:86:85:b8:8a:ba:67:2d:78:4b:f9:06:20:
ba:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:6D:F4:36:2A:8F:C8:AB:1B:02:28:12:09:5B:79:99:1F:85:79:9A
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/pm30NiqPyKsbAigSCVt5mR-FeZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
73:e6:a4:3a:1f:c5:75:a5:8d:75:3d:f4:36:1a:99:a6:36:2a:
95:dc:7f:6c:0a:8a:dc:18:a7:5f:c0:5b:dc:4a:26:25:74:5d:
15:19:3c:70:26:46:0f:54:71:05:6f:56:e0:97:1a:97:f5:5a:
ad:0d:bc:d8:e3:52:ab:c8:14:99:d8:54:13:70:67:63:27:3d:
f5:aa:c9:60:70:47:cb:38:9c:6d:1c:9c:79:df:11:aa:66:e0:
61:9c:29:1d:81:83:d3:3e:94:69:5c:f2:7e:ce:1e:80:4d:ba:
68:c7:53:e6:55:35:03:a5:1c:87:39:e5:8c:84:83:24:fa:05:
59:1a:65:15:50:cf:89:b5:6b:45:32:a7:a2:42:33:90:af:6a:
32:b6:b7:02:40:ac:7a:c0:8e:ae:c8:71:b9:90:3a:e0:d7:21:
2f:b7:d9:9f:cd:6a:1f:2d:ac:a5:59:bf:a2:36:a2:bc:d6:ad:
98:9e:96:40:bd:70:e4:df:48:57:97:8f:a9:e7:13:84:f4:6e:
72:07:38:e0:21:1b:ec:97:ee:d3:11:c6:0c:b9:5c:cf:30:0c:
bb:76:7e:42:54:ba:d9:57:33:2e:85:ee:53:53:55:8a:f4:0c:
79:1f:15:bc:05:a4:b9:92:0f:a2:87:00:b3:9c:8c:dd:42:95:
37:3d:21:40
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5XB2BanWIW1QFs10f8wGZiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE5MTQwNDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjZkZjQzNjJhOGZjOGFiMWIwMjI4MTIwOTViNzk5OTFmODU3OTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqr5jQMWaeIXaXvtTuTOGi5dseNXG
bN1paxlRT/hXc/2KUZlDm1rz61YN8FO7gtozGZTfL+qEBZFZPBwsNrFFWgpUqXbq
GSNhVqKlmrjemVSXha1fQgca80jxmej7a+1/9p0aA7VaLCrwXZiUHFRQVQ5gmnZ/
rsD9Rg6y3PK3fNlEPwFrAhLIL6IHSnEpConW1c2AVHpiAto929TTXXy4jQCiIZg2
lsWitJfVMdKMug6DlUQZngZ3YIBH6z3R4w9xZnOCxxNSRMdCgS5cOx3crk7mW1DR
fixqI25pUHYbMC924dDwKNnBrLAJd2JyHbJEknuGhbiKumcteEv5BiC6OQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKZt9DYqj8irGwIoEglbeZkfhXmaMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcG0zME5pcVB5S3NiQWlnU0NWdDVtUi1GZVpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHPmpDofxXWljXU99DYa
maY2KpXcf2wKitwYp1/AW9xKJiV0XRUZPHAmRg9UcQVvVuCXGpf1Wq0NvNjjUqvI
FJnYVBNwZ2MnPfWqyWBwR8s4nG0cnHnfEapm4GGcKR2Bg9M+lGlc8n7OHoBNumjH
U+ZVNQOlHIc55YyEgyT6BVkaZRVQz4m1a0Uyp6JCM5CvajK2twJArHrAjq7IcbmQ
OuDXIS+32Z/Nah8trKVZv6I2orzWrZielkC9cOTfSFeXj6nnE4T0bnIHOOAhG+yX
7tMRxgy5XM8wDLt2fkJUutlXMy6F7lNTVYr0DHkfFbwFpLmSD6KHALOcjN1ClTc9
IUA=
-----END CERTIFICATE-----
Generated at Tue Mar 19 20:31:00 2024 by rpki-client on console.sobornost.net