Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/v8oc4V40zbFUcTshvLgxDY0y0ME.roa
File: v8oc4V40zbFUcTshvLgxDY0y0ME.roa (raw, json)
Hash identifier: 4GCfV5RFsEnsDEC82XoDtM9ktvNjeYpGlEOGFpR6GFo=
Subject key identifier: BF:CA:1C:E1:5E:34:CD:B1:54:71:3B:21:BC:B8:31:0D:8D:32:D0:C1
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E15CC672826398CC3D70E8C2A77B64DE3
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/v8oc4V40zbFUcTshvLgxDY0y0ME.roa
Signing time: Wed 06 Mar 2024 22:05:01 +0000
ROA not before: Wed 06 Mar 2024 22:05:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:15cb:daad/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 06 Mar 2024 22:15:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:15:cc:67:28:26:39:8c:c3:d7:0e:8c:2a:77:b6:4d:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 6 22:05:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bfca1ce15e34cdb154713b21bcb8310d8d32d0c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:93:1b:48:48:50:3b:72:03:36:61:8e:b8:2b:
f6:ee:58:43:72:d0:b6:1b:3f:72:86:42:cf:2b:69:
d1:cf:86:1a:9b:f2:8e:ae:38:02:03:80:c2:9d:ab:
37:fc:72:01:56:f0:64:76:30:64:c6:23:e1:ec:b9:
25:e3:fc:05:37:a5:5a:0f:dd:c3:b2:ab:e6:a3:a4:
14:aa:b0:ad:96:0d:85:d4:c5:4b:fa:b6:3b:cb:52:
36:fe:3b:07:36:9b:52:d4:d5:7a:a6:14:f1:6b:8c:
1a:39:ab:a2:5c:7a:07:d3:5c:33:39:4d:4b:6e:b7:
d1:83:18:b3:81:c6:8d:36:c0:18:48:a7:b8:fe:de:
7d:fc:8e:11:47:01:0c:f7:d4:83:15:b9:fe:c2:f0:
b3:fb:11:84:e7:77:3f:09:38:40:d4:86:9a:75:88:
f4:63:c0:80:c7:58:06:4e:dc:56:97:b3:0e:0b:50:
75:5b:3d:4b:ac:45:5e:f6:f8:84:e4:9a:19:59:9c:
37:50:f1:9e:3b:bf:a5:21:ad:4f:83:2a:e5:96:b5:
3e:73:11:4e:3c:26:92:ae:21:94:a8:a0:ab:4f:9e:
dd:33:f5:52:4b:28:fd:69:6e:c4:2b:45:1b:25:e3:
18:87:8e:de:0b:f5:d6:87:2e:3d:e1:2a:bc:94:25:
16:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:CA:1C:E1:5E:34:CD:B1:54:71:3B:21:BC:B8:31:0D:8D:32:D0:C1
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/v8oc4V40zbFUcTshvLgxDY0y0ME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
03:cd:35:a5:9e:d7:e1:e0:f6:09:f1:03:06:9f:4a:21:72:9b:
b9:1e:c9:eb:fd:ac:68:48:3e:ca:cc:e6:e7:f4:a4:7d:89:86:
42:60:8e:5a:87:69:0c:b3:7d:64:22:3f:28:8e:53:45:70:33:
b1:7a:55:56:85:d4:a4:4c:1a:6c:0b:95:85:b2:19:76:a4:0e:
6a:dd:d7:f8:a4:d2:15:e7:2a:23:32:49:35:68:ba:83:42:4c:
37:f1:bb:87:1a:3e:ee:75:0d:2d:19:06:ca:0a:90:f1:b3:15:
9e:f7:be:a7:21:49:a8:12:bc:45:bd:ab:c6:25:4d:b9:ef:8c:
db:26:a1:76:c7:8f:0b:0c:f3:62:0a:ba:ab:b0:f9:4d:bc:56:
44:4a:0d:fb:7c:65:31:98:eb:ef:1f:20:c7:ac:0d:a1:56:57:
37:56:d1:55:16:94:bc:66:f6:02:17:62:29:07:53:71:20:bd:
38:dc:86:55:c9:82:c3:f6:d1:98:2f:83:1e:c5:b8:df:5f:21:
29:49:3d:a2:c8:c3:16:6c:ff:d9:5e:3a:fd:bc:44:73:49:93:
47:23:1a:bc:7f:48:46:08:fb:da:0a:61:a1:2c:9a:6e:45:ce:
b9:b4:d1:d4:c7:52:0c:a4:6a:70:35:95:e2:d7:e7:e4:e0:9d:
80:74:b3:a0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4VzGcoJjmMw9cOjCp3tk3jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA2MjIwNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmNhMWNlMTVlMzRjZGIxNTQ3MTNiMjFiY2I4MzEwZDhkMzJkMGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5MbSEhQO3IDNmGOuCv27lhDctC2
Gz9yhkLPK2nRz4Yam/KOrjgCA4DCnas3/HIBVvBkdjBkxiPh7Lkl4/wFN6VaD93D
sqvmo6QUqrCtlg2F1MVL+rY7y1I2/jsHNptS1NV6phTxa4waOauiXHoH01wzOU1L
brfRgxizgcaNNsAYSKe4/t59/I4RRwEM99SDFbn+wvCz+xGE53c/CThA1IaadYj0
Y8CAx1gGTtxWl7MOC1B1Wz1LrEVe9viE5JoZWZw3UPGeO7+lIa1PgyrllrU+cxFO
PCaSriGUqKCrT57dM/VSSyj9aW7EK0UbJeMYh47eC/XWhy494Sq8lCUWTQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL/KHOFeNM2xVHE7Iby4MQ2NMtDBMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdjhvYzRWNDB6YkZVY1RzaHZMZ3hEWTB5ME1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAPNNaWe1+Hg9gnxAwaf
SiFym7keyev9rGhIPsrM5uf0pH2JhkJgjlqHaQyzfWQiPyiOU0VwM7F6VVaF1KRM
GmwLlYWyGXakDmrd1/ik0hXnKiMySTVouoNCTDfxu4caPu51DS0ZBsoKkPGzFZ73
vqchSagSvEW9q8YlTbnvjNsmoXbHjwsM82IKuquw+U28VkRKDft8ZTGY6+8fIMes
DaFWVzdW0VUWlLxm9gIXYikHU3EgvTjchlXJgsP20Zgvgx7FuN9fISlJPaLIwxZs
/9leOv28RHNJk0cjGrx/SEYI+9oKYaEsmm5Fzrm00dTHUgykanA1leLX5+TgnYB0
s6A=
-----END CERTIFICATE-----
Generated at Thu Mar 7 08:34:29 2024 by rpki-client on console.sobornost.net