Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/tym4X_lxcKnRBmF8RH6sZ5RxduY.roa
File: tym4X_lxcKnRBmF8RH6sZ5RxduY.roa (raw, json)
Hash identifier: ycBNCEzANHJGmJDdI3+575/E1vTd9szfBiXStLNz16s=
Subject key identifier: B7:29:B8:5F:F9:71:70:A9:D1:06:61:7C:44:7E:AC:67:94:71:76:E6
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DF07C83604B486A488A4E760DD9941DC2
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/tym4X_lxcKnRBmF8RH6sZ5RxduY.roa
Signing time: Wed 28 Feb 2024 16:11:48 +0000
ROA not before: Wed 28 Feb 2024 16:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 28 Feb 2024 17:04:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f0:7c:83:60:4b:48:6a:48:8a:4e:76:0d:d9:94:1d:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 28 16:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b729b85ff97170a9d106617c447eac67947176e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:2a:d9:ed:5a:40:f7:a5:3f:f2:77:55:2b:70:
86:48:a6:8c:11:20:a5:8c:58:b5:c8:5b:2c:ec:69:
54:d4:cf:43:7d:e2:c1:af:2a:c3:f5:d6:de:6f:b0:
74:c4:55:ff:f7:9e:a7:9c:ec:c1:b9:23:52:c8:0f:
62:7e:9a:b9:c5:a0:0b:4f:f3:09:97:b1:db:b6:81:
fc:14:3e:7f:a8:18:8a:7f:48:00:e5:36:92:23:2f:
62:80:24:49:7f:64:d3:18:2c:76:ce:d7:4f:0a:24:
44:59:13:a7:49:5c:d4:09:eb:3a:04:9a:bb:e6:93:
99:2f:16:bf:53:34:6a:fc:4f:26:0e:d9:cc:86:ce:
db:25:38:f3:e9:3e:96:6f:c9:11:ce:a9:cb:f9:bd:
ff:c6:94:5d:34:1c:c4:86:a4:b7:a4:17:1b:6a:3d:
6f:63:c4:e4:dd:be:25:db:07:68:91:a9:53:07:7b:
8a:c0:b8:72:8c:f6:19:64:d3:a8:2e:30:39:38:d4:
d2:5b:e7:de:ec:49:07:99:a2:8a:6a:70:2c:43:4e:
18:84:e6:bf:75:92:39:8d:70:d6:fb:9c:d4:c6:4a:
ed:98:2e:7b:c0:fa:2d:5a:15:53:a7:61:3c:53:9a:
86:00:e8:9d:c3:67:1a:a0:61:c7:5d:b1:fa:c5:5d:
15:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:29:B8:5F:F9:71:70:A9:D1:06:61:7C:44:7E:AC:67:94:71:76:E6
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/tym4X_lxcKnRBmF8RH6sZ5RxduY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4e:1e:c1:45:88:f9:b1:1d:b7:56:91:e0:28:9a:57:06:c9:a2:
27:97:fe:12:db:1f:fa:2b:f3:9c:14:13:7d:04:4d:f0:da:54:
1b:e6:4c:e8:f3:f9:07:8f:45:21:22:f2:2b:60:39:a1:3b:59:
a1:9c:c4:06:93:a9:18:44:96:e2:4f:f2:b1:d5:82:15:38:46:
4d:b2:f7:ef:ed:61:99:95:7e:10:71:3c:35:61:1f:1c:1e:9e:
e6:8f:97:9b:ee:02:ec:1d:c9:da:61:dd:2b:34:3d:66:35:84:
a4:f3:c9:e1:cb:25:75:d5:d6:89:1d:77:0e:66:cd:6d:b0:8e:
54:16:84:ad:d6:52:34:d1:18:1d:da:c7:7a:59:76:4a:b0:5f:
fc:2f:bb:54:96:e7:d0:7a:86:08:80:d7:93:f2:6a:d8:df:47:
8c:28:5e:7f:ce:55:5c:12:2a:f8:db:0b:56:30:03:1d:b0:76:
8b:e2:11:48:30:77:bc:ac:62:7c:40:ab:c1:72:92:48:6f:5d:
39:c3:e6:c1:7d:88:e3:fb:0c:eb:fc:af:68:f1:2d:2b:ce:70:
bb:37:45:dd:fa:c7:2f:c5:4b:c5:52:6c:c4:2e:ca:13:a7:db:
45:cb:d8:cf:60:ca:48:e8:a6:3e:50:2c:ee:2b:0f:9f:62:ba:
9c:10:d2:3d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3wfINgS0hqSIpOdg3ZlB3CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI4MTYxMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzI5Yjg1ZmY5NzE3MGE5ZDEwNjYxN2M0NDdlYWM2Nzk0NzE3NmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCrZ7VpA96U/8ndVK3CGSKaMESCl
jFi1yFss7GlU1M9DfeLBryrD9dbeb7B0xFX/956nnOzBuSNSyA9ifpq5xaALT/MJ
l7HbtoH8FD5/qBiKf0gA5TaSIy9igCRJf2TTGCx2ztdPCiREWROnSVzUCes6BJq7
5pOZLxa/UzRq/E8mDtnMhs7bJTjz6T6Wb8kRzqnL+b3/xpRdNBzEhqS3pBcbaj1v
Y8Tk3b4l2wdokalTB3uKwLhyjPYZZNOoLjA5ONTSW+fe7EkHmaKKanAsQ04YhOa/
dZI5jXDW+5zUxkrtmC57wPotWhVTp2E8U5qGAOidw2caoGHHXbH6xV0VJwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLcpuF/5cXCp0QZhfER+rGeUcXbmMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdHltNFhfbHhjS25SQm1GOFJINnNaNVJ4ZHVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE4ewUWI+bEdt1aR4Cia
VwbJoieX/hLbH/or85wUE30ETfDaVBvmTOjz+QePRSEi8itgOaE7WaGcxAaTqRhE
luJP8rHVghU4Rk2y9+/tYZmVfhBxPDVhHxwenuaPl5vuAuwdydph3Ss0PWY1hKTz
yeHLJXXV1okddw5mzW2wjlQWhK3WUjTRGB3ax3pZdkqwX/wvu1SW59B6hgiA15Py
atjfR4woXn/OVVwSKvjbC1YwAx2wdoviEUgwd7ysYnxAq8FykkhvXTnD5sF9iOP7
DOv8r2jxLSvOcLs3Rd36xy/FS8VSbMQuyhOn20XL2M9gykjopj5QLO4rD59iupwQ
0j0=
-----END CERTIFICATE-----
Generated at Wed Feb 28 23:21:27 2024 by rpki-client on console.sobornost.net