Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/uiL1nEmRTgDnNYX3X8mMxM1qV8E.roa
File: uiL1nEmRTgDnNYX3X8mMxM1qV8E.roa (raw, json)
Hash identifier: lI71CDqRO6FAyHUeaVpZdcxsfS+m5LWIBalevw3BLxY=
Subject key identifier: BA:22:F5:9C:49:91:4E:00:E7:35:85:F7:5F:C9:8C:C4:CD:6A:57:C1
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E0884DAE451409F9996FD2DF45A0BCE18
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/uiL1nEmRTgDnNYX3X8mMxM1qV8E.roa
Signing time: Mon 04 Mar 2024 08:11:48 +0000
ROA not before: Mon 04 Mar 2024 08:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 04 Mar 2024 09:04:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:08:84:da:e4:51:40:9f:99:96:fd:2d:f4:5a:0b:ce:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 4 08:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba22f59c49914e00e73585f75fc98cc4cd6a57c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:8c:11:f1:73:5a:5e:02:a0:40:cc:b4:2e:80:
c1:35:ec:42:de:f3:df:dc:9c:11:71:fe:24:4f:45:
01:fc:5e:ab:c1:1d:46:17:40:f0:a7:74:df:32:ba:
eb:06:bc:d5:28:96:73:7f:33:bf:88:4a:8f:57:02:
2a:6d:9d:45:2d:67:7f:89:3c:a2:02:9c:fa:b9:6f:
e6:e1:20:31:d7:6e:7c:06:7b:fd:cf:6d:37:7e:90:
c9:2c:9d:4f:1b:e7:5b:90:cb:7f:79:9b:33:f3:13:
a5:4a:08:dc:87:b4:b8:d3:9b:0f:b5:f9:a0:95:44:
e6:80:29:24:28:73:0e:b1:1d:0f:91:3c:61:c7:d1:
08:a3:db:fa:c6:e5:dc:e7:99:97:3e:4f:2f:ce:5a:
83:d2:1d:d3:cd:5e:57:a7:38:f3:66:72:ca:d2:c7:
cd:d3:b0:7c:46:e4:cb:3a:0b:9d:90:40:7a:4e:84:
c9:e7:13:3a:67:37:e4:ca:c4:9c:9b:4f:9c:e1:83:
93:ad:39:e1:96:1b:cb:7e:76:84:b7:82:c2:03:6d:
73:6e:33:bf:0a:66:31:70:53:9a:e0:76:f7:e8:d0:
4d:78:0a:a1:0b:62:6f:bf:85:57:bd:c4:59:b7:75:
5f:e7:34:dc:26:6c:af:41:59:95:64:04:67:75:45:
85:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:22:F5:9C:49:91:4E:00:E7:35:85:F7:5F:C9:8C:C4:CD:6A:57:C1
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/uiL1nEmRTgDnNYX3X8mMxM1qV8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0d:de:f8:a4:a6:9f:f4:81:00:0f:9e:33:a4:15:8a:31:56:a5:
2c:6f:64:1d:80:04:f7:8d:89:e7:6b:06:4a:14:aa:8b:d8:4d:
7f:b0:cb:f4:97:75:ed:06:0d:fc:3c:03:b0:0b:36:da:81:25:
b7:45:9e:66:b6:1f:1e:70:c0:59:0d:b7:05:25:df:43:f6:98:
42:74:61:a6:c5:9c:ad:bb:29:42:27:a8:e3:8a:40:1d:4c:37:
d0:ea:77:6f:e0:b7:ea:0c:eb:4e:d7:3c:7e:b4:8a:a2:51:fa:
48:f1:76:06:5f:aa:0e:16:52:8a:64:b0:c5:1b:2b:a2:99:ed:
be:78:11:63:2b:e3:df:01:26:6b:05:1e:42:76:d5:46:2f:6f:
3b:e0:3d:c5:d6:cd:5d:72:47:eb:60:3c:6e:1b:fb:06:f9:4b:
24:02:47:38:2a:56:ea:ea:e6:eb:96:35:91:d2:fc:67:52:68:
a4:82:64:cf:71:51:4d:aa:d0:5a:05:4e:ef:ca:30:1b:03:40:
3b:cc:85:7d:85:dd:16:32:7b:64:47:06:d7:b8:66:2e:37:53:
b2:5f:28:3b:40:84:f2:1d:d1:87:f1:91:22:14:84:3f:6d:ea:
f8:1c:d4:b1:7e:d5:9c:f4:66:1d:e6:46:fc:e1:41:97:e8:6c:
cc:f5:66:da
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4IhNrkUUCfmZb9LfRaC84YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA0MDgxMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTIyZjU5YzQ5OTE0ZTAwZTczNTg1Zjc1ZmM5OGNjNGNkNmE1N2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4wR8XNaXgKgQMy0LoDBNexC3vPf
3JwRcf4kT0UB/F6rwR1GF0Dwp3TfMrrrBrzVKJZzfzO/iEqPVwIqbZ1FLWd/iTyi
Apz6uW/m4SAx1258Bnv9z203fpDJLJ1PG+dbkMt/eZsz8xOlSgjch7S405sPtfmg
lUTmgCkkKHMOsR0PkTxhx9EIo9v6xuXc55mXPk8vzlqD0h3TzV5XpzjzZnLK0sfN
07B8RuTLOgudkEB6ToTJ5xM6ZzfkysScm0+c4YOTrTnhlhvLfnaEt4LCA21zbjO/
CmYxcFOa4Hb36NBNeAqhC2Jvv4VXvcRZt3Vf5zTcJmyvQVmVZARndUWFtwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLoi9ZxJkU4A5zWF91/JjMTNalfBMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdWlMMW5FbVJUZ0RuTllYM1g4bU14TTFxVjhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA3e+KSmn/SBAA+eM6QV
ijFWpSxvZB2ABPeNiedrBkoUqovYTX+wy/SXde0GDfw8A7ALNtqBJbdFnma2Hx5w
wFkNtwUl30P2mEJ0YabFnK27KUInqOOKQB1MN9Dqd2/gt+oM607XPH60iqJR+kjx
dgZfqg4WUopksMUbK6KZ7b54EWMr498BJmsFHkJ21UYvbzvgPcXWzV1yR+tgPG4b
+wb5SyQCRzgqVurq5uuWNZHS/GdSaKSCZM9xUU2q0FoFTu/KMBsDQDvMhX2F3RYy
e2RHBte4Zi43U7JfKDtAhPId0YfxkSIUhD9t6vgc1LF+1Zz0Zh3mRvzhQZfobMz1
Zto=
-----END CERTIFICATE-----
Generated at Mon Mar 4 14:44:28 2024 by rpki-client on console.sobornost.net