Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/rnRzBN0rdqbg_zNXYFNKOpI1KKw.roa
File: rnRzBN0rdqbg_zNXYFNKOpI1KKw.roa (raw, json)
Hash identifier: M1TrLlqzw8CJdzT+Bjsml19fchA5jssrhltoXY2d3dQ=
Subject key identifier: AE:74:73:04:DD:2B:76:A6:E0:FF:33:57:60:53:4A:3A:92:35:28:AC
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E83E93E9B715C25F71918323C66DE85EF
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/rnRzBN0rdqbg_zNXYFNKOpI1KKw.roa
Signing time: Thu 28 Mar 2024 07:14:44 +0000
ROA not before: Thu 28 Mar 2024 07:14:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 28 Mar 2024 08:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:83:e9:3e:9b:71:5c:25:f7:19:18:32:3c:66:de:85:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 28 07:14:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae747304dd2b76a6e0ff335760534a3a923528ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:26:40:4e:7a:4d:5f:67:63:64:2b:d2:7d:ea:
3a:80:82:0a:e1:5d:4f:9c:53:e0:df:ce:15:c9:cd:
b9:81:df:8c:b0:01:d8:6e:8f:48:75:06:7e:db:59:
ad:f5:dd:09:d9:dd:5c:e8:f7:21:dc:20:c9:f6:ad:
6f:70:6a:28:2a:25:03:23:fb:e9:27:18:bf:ef:ae:
e8:d1:10:43:7b:b6:0e:9b:74:dc:02:19:84:a5:ff:
1e:ad:f1:27:26:55:6e:02:b0:64:09:f1:c3:e2:b9:
e9:c4:33:b6:2b:cf:16:9c:2e:ad:b9:29:d0:8d:3e:
be:a2:00:72:98:ed:3a:66:03:91:9b:a8:43:d9:70:
78:67:cd:08:aa:7a:b2:c8:ad:c1:92:11:c1:52:37:
bc:99:7d:8a:83:99:4f:d1:11:2a:1d:bf:a5:1b:8f:
b1:8a:e3:b3:97:28:3e:14:59:52:1c:72:87:eb:27:
1a:2c:90:a8:3e:1c:68:4e:28:a1:23:32:45:d9:17:
32:89:ab:31:58:ba:72:bb:8b:b1:fd:ad:57:05:5e:
68:b8:21:de:1a:e2:56:c4:8e:d6:39:05:91:65:3f:
39:99:3d:54:42:f6:e3:0d:3e:8b:4c:5a:a1:97:ca:
89:ac:72:a6:74:9f:2e:22:ce:37:c1:f6:5d:da:3b:
6b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:74:73:04:DD:2B:76:A6:E0:FF:33:57:60:53:4A:3A:92:35:28:AC
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/rnRzBN0rdqbg_zNXYFNKOpI1KKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8c:96:f8:07:6f:dc:9b:6f:59:19:37:fd:55:d9:c2:46:35:e3:
a2:5a:bc:04:9b:dd:23:9b:b9:5a:b7:46:ca:3c:e9:14:23:83:
6b:5c:7b:0b:48:38:2f:b1:51:df:c6:99:f6:30:b7:06:1e:0a:
f2:f7:7e:d9:42:0b:2e:57:13:26:99:0e:03:9d:b7:98:97:3a:
7c:eb:1a:c7:68:9a:d8:c6:aa:87:64:9e:29:a1:cc:6c:17:ce:
9d:21:24:38:8b:bd:f8:a3:fd:5d:1f:ed:a0:98:7f:c9:8b:46:
f5:e7:1b:2c:db:ab:77:73:25:cc:9b:58:ca:64:ae:3b:b6:7b:
5c:fa:9b:f7:7e:0c:fd:ba:83:a2:d3:46:fb:f8:16:9d:50:8e:
eb:6b:f3:04:5c:76:ef:14:eb:3a:1a:9e:92:39:25:87:73:c0:
55:8e:a7:8e:2c:ef:5a:3d:3a:28:6d:39:25:49:2a:69:3e:30:
28:e0:01:b4:12:fa:f3:10:76:23:23:36:9b:d1:00:a6:38:52:
df:87:48:84:91:ce:e9:f2:30:ae:44:b8:b7:4d:38:53:b5:a5:
e8:9a:ed:ab:10:28:47:7a:66:c1:d3:93:a5:76:ce:3d:93:ab:
c9:9f:fb:d3:32:9f:cf:70:95:fe:22:e6:34:21:e3:be:0c:d1:
0b:e6:0d:f5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6D6T6bcVwl9xkYMjxm3oXvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI4MDcxNDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTc0NzMwNGRkMmI3NmE2ZTBmZjMzNTc2MDUzNGEzYTkyMzUyOGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCZATnpNX2djZCvSfeo6gIIK4V1P
nFPg384Vyc25gd+MsAHYbo9IdQZ+21mt9d0J2d1c6Pch3CDJ9q1vcGooKiUDI/vp
Jxi/767o0RBDe7YOm3TcAhmEpf8erfEnJlVuArBkCfHD4rnpxDO2K88WnC6tuSnQ
jT6+ogBymO06ZgORm6hD2XB4Z80IqnqyyK3BkhHBUje8mX2Kg5lP0REqHb+lG4+x
iuOzlyg+FFlSHHKH6ycaLJCoPhxoTiihIzJF2RcyiasxWLpyu4ux/a1XBV5ouCHe
GuJWxI7WOQWRZT85mT1UQvbjDT6LTFqhl8qJrHKmdJ8uIs43wfZd2jtr/wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK50cwTdK3am4P8zV2BTSjqSNSisMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcm5SekJOMHJkcWJnX3pOWFlGTktPcEkxS0t3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIyW+Adv3JtvWRk3/VXZ
wkY146JavASb3SObuVq3Rso86RQjg2tcewtIOC+xUd/GmfYwtwYeCvL3ftlCCy5X
EyaZDgOdt5iXOnzrGsdomtjGqodknimhzGwXzp0hJDiLvfij/V0f7aCYf8mLRvXn
Gyzbq3dzJcybWMpkrju2e1z6m/d+DP26g6LTRvv4Fp1Qjutr8wRcdu8U6zoanpI5
JYdzwFWOp44s71o9OihtOSVJKmk+MCjgAbQS+vMQdiMjNpvRAKY4Ut+HSISRzuny
MK5EuLdNOFO1peia7asQKEd6ZsHTk6V2zj2Tq8mf+9Myn89wlf4i5jQh474M0Qvm
DfU=
-----END CERTIFICATE-----
Generated at Thu Mar 28 14:11:48 2024 by rpki-client on console.sobornost.net