Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/sUgIvW5_XFM0YzhzC7O_ZrBxj1s.roa
File: sUgIvW5_XFM0YzhzC7O_ZrBxj1s.roa (raw, json)
Hash identifier: lKxd2fzUHbDSTsVCke5AvKS0E6wjTaUHAlpAU1zOtjk=
Subject key identifier: B1:48:08:BD:6E:7F:5C:53:34:63:38:73:0B:B3:BF:66:B0:71:8F:5B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E333749E8F000604B1B446EBF629976B6
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/sUgIvW5_XFM0YzhzC7O_ZrBxj1s.roa
Signing time: Tue 12 Mar 2024 15:10:45 +0000
ROA not before: Tue 12 Mar 2024 15:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 12 Mar 2024 16:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:33:37:49:e8:f0:00:60:4b:1b:44:6e:bf:62:99:76:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 12 15:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b14808bd6e7f5c53346338730bb3bf66b0718f5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ec:c1:93:bb:20:10:27:14:cf:b0:a3:b1:d1:
05:42:7b:cb:50:99:3d:a2:8a:88:60:16:63:7f:80:
42:65:2c:be:97:da:9d:c0:d1:ae:24:2c:e3:d5:37:
09:56:41:af:2c:11:3e:20:01:f9:1e:d0:fa:3c:7b:
8d:87:26:61:6b:48:ec:09:cf:7e:11:65:11:a7:9f:
1f:e7:f5:0d:20:15:19:94:4a:99:21:e2:f3:11:49:
91:eb:f6:1b:4a:ac:60:d9:d5:89:6d:22:ec:41:69:
35:83:25:4d:86:d8:4a:1e:84:a8:96:2d:bc:84:3a:
21:9a:78:05:83:d3:ce:bf:23:bd:16:b6:4f:5e:31:
6e:65:1a:0e:fd:b7:80:ff:f3:ec:11:41:5c:a3:28:
d6:78:fe:9c:81:7d:cb:f2:12:d7:26:89:1b:65:36:
da:00:f5:8c:f4:f8:9c:73:7c:22:04:38:97:99:de:
54:fd:5a:d8:c6:b9:f2:02:e3:1c:d1:47:b4:ba:52:
e4:98:8d:f5:71:b4:15:65:c5:6e:2b:20:d3:32:91:
e1:f0:ef:4d:9b:46:94:97:72:fd:9d:fd:c1:a4:99:
2c:7e:cf:53:6c:f7:df:7e:02:e0:01:78:17:6f:cc:
48:7f:47:23:30:77:d8:00:8b:3f:25:a5:e0:67:11:
c2:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:48:08:BD:6E:7F:5C:53:34:63:38:73:0B:B3:BF:66:B0:71:8F:5B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/sUgIvW5_XFM0YzhzC7O_ZrBxj1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
11:06:53:1b:37:85:85:56:20:61:8b:76:ab:a6:71:ac:b5:95:
ab:e5:67:7c:f2:81:f5:c3:31:87:c4:7d:14:4c:60:cc:d5:6b:
85:70:62:0d:bf:f0:b6:45:e4:b3:5d:39:6a:25:c1:80:b6:25:
a6:1a:76:b5:3c:bc:23:f1:94:c6:46:e9:9b:91:c0:d3:74:8c:
be:5e:81:38:92:c0:6a:32:34:d2:01:3c:d4:50:a3:9a:58:99:
40:d2:9e:1f:d1:55:76:23:34:78:fe:ca:08:61:70:b4:f2:c9:
ae:ab:ad:21:3a:1d:eb:90:89:41:47:fe:9a:8f:8d:65:24:1f:
e6:b5:1a:c6:16:79:cf:04:80:b9:28:85:98:17:fb:43:15:c1:
30:61:85:47:b2:81:d3:f3:f3:64:3f:31:21:10:16:d3:9d:a3:
ce:23:e9:9e:80:3f:b4:c3:07:af:a9:c3:ab:0e:a8:0c:3c:10:
e9:7f:55:27:7b:29:eb:cd:5a:de:a5:9f:a8:45:84:14:54:6c:
3c:14:50:e7:85:07:56:e0:ca:73:6d:a1:3c:b1:eb:af:3b:5a:
7e:bc:ef:0a:c5:39:e7:b0:ce:41:58:89:04:91:1b:3f:81:8e:
a7:96:8f:fe:bd:9f:11:fb:f4:ea:5d:b0:09:5c:24:0b:f4:a3:
d4:6f:d3:f6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4zN0no8ABgSxtEbr9imXa2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzEyMTUxMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTQ4MDhiZDZlN2Y1YzUzMzQ2MzM4NzMwYmIzYmY2NmIwNzE4ZjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+zBk7sgECcUz7CjsdEFQnvLUJk9
ooqIYBZjf4BCZSy+l9qdwNGuJCzj1TcJVkGvLBE+IAH5HtD6PHuNhyZha0jsCc9+
EWURp58f5/UNIBUZlEqZIeLzEUmR6/YbSqxg2dWJbSLsQWk1gyVNhthKHoSoli28
hDohmngFg9POvyO9FrZPXjFuZRoO/beA//PsEUFcoyjWeP6cgX3L8hLXJokbZTba
APWM9Picc3wiBDiXmd5U/VrYxrnyAuMc0Ue0ulLkmI31cbQVZcVuKyDTMpHh8O9N
m0aUl3L9nf3BpJksfs9TbPfffgLgAXgXb8xIf0cjMHfYAIs/JaXgZxHC2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLFICL1uf1xTNGM4cwuzv2awcY9bMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvc1VnSXZXNV9YRk0wWXpoekM3T19ackJ4ajFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABEGUxs3hYVWIGGLdqum
cay1lavlZ3zygfXDMYfEfRRMYMzVa4VwYg2/8LZF5LNdOWolwYC2JaYadrU8vCPx
lMZG6ZuRwNN0jL5egTiSwGoyNNIBPNRQo5pYmUDSnh/RVXYjNHj+yghhcLTyya6r
rSE6HeuQiUFH/pqPjWUkH+a1GsYWec8EgLkohZgX+0MVwTBhhUeygdPz82Q/MSEQ
FtOdo84j6Z6AP7TDB6+pw6sOqAw8EOl/VSd7KevNWt6ln6hFhBRUbDwUUOeFB1bg
ynNtoTyx6687Wn687wrFOeewzkFYiQSRGz+BjqeWj/69nxH79OpdsAlcJAv0o9Rv
0/Y=
-----END CERTIFICATE-----
Generated at Tue Mar 12 23:02:59 2024 by rpki-client on console.sobornost.net