Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/v2gfebzXqW1qxaIHENkPGZ5GhQ4.roa
File: v2gfebzXqW1qxaIHENkPGZ5GhQ4.roa (raw, json)
Hash identifier: Y6dgvBvTF2rGb+OOnKRdc6m1oRbfCIT2dZRLjswDmKg=
Subject key identifier: BF:68:1F:79:BC:D7:A9:6D:6A:C5:A2:07:10:D9:0F:19:9E:46:85:0E
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E0A093B91C97CF0252C0D5B020EC37D81
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/v2gfebzXqW1qxaIHENkPGZ5GhQ4.roa
Signing time: Mon 04 Mar 2024 15:16:01 +0000
ROA not before: Mon 04 Mar 2024 15:16:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 04 Mar 2024 16:05:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0a:09:3b:91:c9:7c:f0:25:2c:0d:5b:02:0e:c3:7d:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 4 15:16:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf681f79bcd7a96d6ac5a20710d90f199e46850e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:1c:87:2a:80:a1:2f:98:86:b2:82:1e:77:15:
af:33:e2:cf:2e:d3:e2:54:f2:26:fc:d6:5e:20:9f:
25:e0:eb:fd:d1:33:cc:08:61:f0:1c:f3:75:b3:87:
0d:5d:33:7c:d5:f6:03:49:06:2c:79:1b:ce:ae:b7:
e3:4d:e0:a3:1d:6e:80:24:dd:dd:17:bd:75:30:c1:
e9:16:0a:96:95:e9:0d:71:68:ef:44:9f:d7:e7:e2:
af:b1:d7:90:fd:f2:de:93:b2:a0:40:68:39:1c:be:
58:8f:cb:ba:60:5d:2d:13:b1:11:6b:27:f0:0b:82:
fe:19:54:03:78:66:1d:c7:dc:84:2e:15:29:46:c2:
6a:73:a0:a2:fc:d0:4b:d1:1b:59:13:d0:3f:bb:2e:
97:18:f2:6c:4c:20:22:96:f8:8b:6f:c1:70:a6:91:
2c:8c:ff:3d:8e:8b:25:1f:6f:89:e9:5f:c1:06:22:
09:31:67:19:ee:fc:2d:96:cf:e2:ab:94:9f:01:9e:
6d:f3:af:a0:0b:64:03:3c:0d:61:d8:ed:4c:0d:9a:
ed:00:4b:76:91:6d:3b:65:fb:37:7d:f6:33:3f:06:
58:25:6b:a5:e7:64:7e:68:c8:d7:05:c5:05:38:40:
8e:55:ae:f7:af:9e:bc:0e:2e:21:0d:97:9c:ce:8b:
e4:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:68:1F:79:BC:D7:A9:6D:6A:C5:A2:07:10:D9:0F:19:9E:46:85:0E
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/v2gfebzXqW1qxaIHENkPGZ5GhQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
12:e3:07:46:96:6f:af:08:3d:41:05:15:33:8a:e7:34:b2:58:
5e:43:8f:57:8f:07:a4:c8:2c:6e:ec:63:16:b6:12:5d:b6:6a:
90:4a:c8:f0:14:5a:84:e3:4b:f3:f5:bd:e1:37:76:1c:8f:63:
71:56:96:9e:88:c7:f3:cb:45:fa:e8:b4:cb:b1:2b:0b:02:4a:
36:39:f3:b3:1d:32:25:79:cb:9c:ff:22:e6:e3:a5:ad:e4:6b:
16:40:2f:36:f9:50:d1:4d:9d:57:12:47:f2:09:38:22:d0:68:
93:cb:a2:bc:91:23:c2:a3:a2:e0:4e:73:2a:21:be:82:87:1a:
9e:65:4f:e4:36:d8:a2:7e:c7:e4:bb:da:c8:4a:87:01:a2:1d:
84:ea:4f:70:2e:38:03:e7:6c:d9:e1:4b:18:72:88:be:91:b6:
07:81:de:2d:6f:70:3f:b9:c8:6f:5f:43:b6:cd:b8:3c:7c:97:
40:25:d6:cb:0c:94:fc:a5:0d:9f:a4:a9:16:1e:3a:44:70:05:
a6:06:86:b9:f2:b3:c3:41:46:af:07:da:80:72:86:49:7b:67:
1c:45:b3:62:af:28:7b:fc:c0:5f:7b:e7:ec:a8:c4:8b:91:7c:
63:98:7e:14:68:a4:a6:b8:e0:ce:87:ad:80:35:fd:75:01:16:
0e:b3:0d:7c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4KCTuRyXzwJSwNWwIOw32BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA0MTUxNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjY4MWY3OWJjZDdhOTZkNmFjNWEyMDcxMGQ5MGYxOTllNDY4NTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhyHKoChL5iGsoIedxWvM+LPLtPi
VPIm/NZeIJ8l4Ov90TPMCGHwHPN1s4cNXTN81fYDSQYseRvOrrfjTeCjHW6AJN3d
F711MMHpFgqWlekNcWjvRJ/X5+KvsdeQ/fLek7KgQGg5HL5Yj8u6YF0tE7ERayfw
C4L+GVQDeGYdx9yELhUpRsJqc6Ci/NBL0RtZE9A/uy6XGPJsTCAilviLb8FwppEs
jP89joslH2+J6V/BBiIJMWcZ7vwtls/iq5SfAZ5t86+gC2QDPA1h2O1MDZrtAEt2
kW07Zfs3ffYzPwZYJWul52R+aMjXBcUFOECOVa73r568Di4hDZeczovkqwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL9oH3m816ltasWiBxDZDxmeRoUOMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdjJnZmVielhxVzFxeGFJSEVOa1BHWjVHaFE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABLjB0aWb68IPUEFFTOK
5zSyWF5Dj1ePB6TILG7sYxa2El22apBKyPAUWoTjS/P1veE3dhyPY3FWlp6Ix/PL
RfrotMuxKwsCSjY587MdMiV5y5z/Iubjpa3kaxZALzb5UNFNnVcSR/IJOCLQaJPL
oryRI8KjouBOcyohvoKHGp5lT+Q22KJ+x+S72shKhwGiHYTqT3AuOAPnbNnhSxhy
iL6RtgeB3i1vcD+5yG9fQ7bNuDx8l0Al1ssMlPylDZ+kqRYeOkRwBaYGhrnys8NB
Rq8H2oByhkl7ZxxFs2KvKHv8wF975+yoxIuRfGOYfhRopKa44M6HrYA1/XUBFg6z
DXw=
-----END CERTIFICATE-----
Generated at Mon Mar 4 21:56:36 2024 by rpki-client on console.sobornost.net