Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/rALdw4HFbP1zGpIxkE4gZ3xh2qE.roa
File: rALdw4HFbP1zGpIxkE4gZ3xh2qE.roa (raw, json)
Hash identifier: hWelcuk7f7AQa9OmAuga9nC6RIOwQkCN1sOUbugb8fY=
Subject key identifier: AC:02:DD:C3:81:C5:6C:FD:73:1A:92:31:90:4E:20:67:7C:61:DA:A1
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E0B87ED30EC89A3B19C59D8DCEFDB1E3B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/rALdw4HFbP1zGpIxkE4gZ3xh2qE.roa
Signing time: Mon 04 Mar 2024 22:14:01 +0000
ROA not before: Mon 04 Mar 2024 22:14:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 04 Mar 2024 23:05:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0b:87:ed:30:ec:89:a3:b1:9c:59:d8:dc:ef:db:1e:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 4 22:14:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac02ddc381c56cfd731a9231904e20677c61daa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:93:9a:0a:be:84:e5:e9:56:32:38:0d:85:52:
5f:72:35:d1:77:fa:fd:53:a7:c4:3d:6e:1f:68:6d:
50:61:e0:4f:08:ba:ea:5f:c5:e5:f1:d1:39:d5:d1:
b8:ff:7b:56:24:93:dd:96:3a:d9:a5:4f:25:ea:a2:
21:2e:e1:14:69:4a:9c:04:43:10:33:61:5e:52:fc:
5e:fe:f1:f1:62:87:cf:b1:a2:f7:b1:d6:97:ac:e8:
59:0f:6d:69:8c:81:2e:e4:76:08:2e:c3:e6:dc:e8:
21:69:c9:8a:8a:ec:e9:d9:3d:f8:b4:19:13:3a:1d:
1e:44:fe:ee:f1:42:63:40:4a:70:9c:fe:37:4d:3c:
b8:e7:bb:85:6f:a1:d9:53:ad:bb:de:09:7d:29:cf:
87:03:d5:12:45:b5:58:28:2b:92:2c:6c:cd:fb:12:
b7:e5:7e:0b:36:05:5d:89:2e:3c:a6:a9:f6:d2:35:
12:75:d1:12:e7:1b:5a:d1:18:39:f7:22:a3:ef:23:
46:18:97:70:44:6e:83:83:4f:38:45:1e:29:4c:2b:
bf:97:17:f5:43:08:7f:91:fa:55:88:77:cc:63:84:
35:f2:cb:d8:85:93:c7:03:9a:0a:ed:77:25:3b:af:
d6:26:e4:87:54:05:fc:e7:65:94:6a:0f:be:59:3b:
06:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:02:DD:C3:81:C5:6C:FD:73:1A:92:31:90:4E:20:67:7C:61:DA:A1
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/rALdw4HFbP1zGpIxkE4gZ3xh2qE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
80:89:89:32:50:05:b8:4e:76:fd:90:50:9c:a6:f7:e5:b5:eb:
c5:a6:9d:b0:7b:c2:34:50:cd:a5:95:81:e7:c6:a0:cc:3e:14:
63:a1:e1:35:91:91:af:ea:04:92:cb:28:90:28:b8:bb:be:de:
70:2f:3e:10:54:6d:b1:0a:0a:ab:7d:fb:1f:1c:a7:b0:fd:2d:
15:40:91:3e:bb:12:2a:c8:73:d4:3c:c5:8c:bd:a3:b3:12:0b:
3b:8d:65:4b:99:75:b9:9e:ae:03:dc:4d:c6:34:0e:be:72:bf:
65:c3:cf:fd:23:64:26:9d:91:ac:5f:89:58:70:d2:4c:3c:ba:
fe:6b:59:6b:9f:87:e9:4a:17:c4:a7:92:7e:82:d0:89:89:27:
9a:f8:70:33:98:9d:c1:c4:75:a5:d0:e5:0f:a0:e2:67:11:b3:
7c:9b:29:2c:77:1d:88:b6:10:3e:db:14:7a:d3:8b:81:74:73:
72:2d:f0:12:98:64:a7:2b:84:db:d4:32:d7:5a:4c:1d:11:9c:
60:fc:3f:4b:a7:5b:88:a7:14:2b:35:2d:f0:84:c5:a2:f1:df:
5a:3c:df:b1:c6:55:0d:37:45:3b:d5:c1:e5:f6:f1:05:6d:92:
74:8b:e1:6a:69:1e:a4:45:fc:ec:1b:9d:ed:bb:73:05:fa:02:
ea:19:c5:b3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4Lh+0w7ImjsZxZ2Nzv2x47MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA0MjIxNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzAyZGRjMzgxYzU2Y2ZkNzMxYTkyMzE5MDRlMjA2NzdjNjFkYWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZOaCr6E5elWMjgNhVJfcjXRd/r9
U6fEPW4faG1QYeBPCLrqX8Xl8dE51dG4/3tWJJPdljrZpU8l6qIhLuEUaUqcBEMQ
M2FeUvxe/vHxYofPsaL3sdaXrOhZD21pjIEu5HYILsPm3OghacmKiuzp2T34tBkT
Oh0eRP7u8UJjQEpwnP43TTy457uFb6HZU6273gl9Kc+HA9USRbVYKCuSLGzN+xK3
5X4LNgVdiS48pqn20jUSddES5xta0Rg59yKj7yNGGJdwRG6Dg084RR4pTCu/lxf1
Qwh/kfpViHfMY4Q18svYhZPHA5oK7XclO6/WJuSHVAX852WUag++WTsG+wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKwC3cOBxWz9cxqSMZBOIGd8YdqhMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvckFMZHc0SEZiUDF6R3BJeGtFNGdaM3hoMnFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAICJiTJQBbhOdv2QUJym
9+W168WmnbB7wjRQzaWVgefGoMw+FGOh4TWRka/qBJLLKJAouLu+3nAvPhBUbbEK
Cqt9+x8cp7D9LRVAkT67EirIc9Q8xYy9o7MSCzuNZUuZdbmergPcTcY0Dr5yv2XD
z/0jZCadkaxfiVhw0kw8uv5rWWufh+lKF8Snkn6C0ImJJ5r4cDOYncHEdaXQ5Q+g
4mcRs3ybKSx3HYi2ED7bFHrTi4F0c3It8BKYZKcrhNvUMtdaTB0RnGD8P0unW4in
FCs1LfCExaLx31o837HGVQ03RTvVweX28QVtknSL4WppHqRF/Owbne27cwX6AuoZ
xbM=
-----END CERTIFICATE-----
Generated at Tue Mar 5 08:56:08 2024 by rpki-client on console.sobornost.net