Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vCdJxAnp1ojFYIdHo3vDlLTlz_Y.roa
File: vCdJxAnp1ojFYIdHo3vDlLTlz_Y.roa (raw, json)
Hash identifier: 5nA0YWVKKvzTRqzXwBD2OQqNkK1ynIEepviHJv56nL8=
Subject key identifier: BC:27:49:C4:09:E9:D6:88:C5:60:87:47:A3:7B:C3:94:B4:E5:CF:F6
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EBDD5D9CA61B3A11748B7E4DA6C32C4A4
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vCdJxAnp1ojFYIdHo3vDlLTlz_Y.roa
Signing time: Mon 08 Apr 2024 13:11:32 +0000
ROA not before: Mon 08 Apr 2024 13:11:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 08 Apr 2024 14:04:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:bd:d5:d9:ca:61:b3:a1:17:48:b7:e4:da:6c:32:c4:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 8 13:11:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc2749c409e9d688c5608747a37bc394b4e5cff6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:bd:ab:6e:71:dd:e2:24:45:bb:88:98:d5:d0:
8f:05:09:09:5c:0c:5b:4e:44:29:25:93:24:f4:28:
1d:13:3b:cf:5d:3f:0b:ad:16:06:ac:6a:f4:e2:91:
68:6d:24:c4:a4:c0:81:0a:5c:43:33:dd:97:83:1b:
ae:d9:3f:80:73:bf:5d:7c:15:50:d0:a6:37:5f:37:
3b:ce:3f:9a:3c:49:55:71:0f:97:9a:32:c6:66:54:
0c:e8:da:5c:41:88:c4:2a:ad:47:bf:5b:55:32:77:
02:1d:4a:b1:1c:47:a7:44:81:f5:e8:91:b6:12:ea:
5f:7d:d4:72:94:11:94:43:db:be:75:a1:74:2c:e1:
3b:a0:be:c4:d9:f2:c8:e4:41:dc:24:f9:68:2e:f9:
91:18:2e:fb:15:07:44:59:80:bb:0a:03:89:62:5f:
cb:24:84:4e:4d:4d:51:b9:e4:0d:aa:e0:28:63:e8:
58:47:70:08:1f:04:f7:4a:ef:5a:ff:94:82:57:65:
a0:86:ad:1c:f7:d9:70:e4:80:ee:92:02:89:b5:55:
1c:51:17:21:ee:75:ed:7d:28:07:db:ee:97:73:2a:
e4:88:6d:8d:b0:78:a0:5c:65:04:1f:52:98:99:9f:
1e:95:43:a8:73:6c:b8:b6:5f:1b:20:77:24:c2:81:
77:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:27:49:C4:09:E9:D6:88:C5:60:87:47:A3:7B:C3:94:B4:E5:CF:F6
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vCdJxAnp1ojFYIdHo3vDlLTlz_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6e:c3:19:4a:f0:bb:54:b5:b8:64:c0:67:14:0f:09:bb:55:b2:
2e:6c:37:ff:cf:4d:f5:62:78:7b:bc:0f:d7:72:bb:fc:cd:f8:
dd:c8:ef:9d:93:aa:1e:ca:0b:c0:4d:89:4c:3c:42:69:53:f6:
c9:59:04:13:19:93:96:c0:5a:8d:16:6f:71:7f:b1:18:67:7e:
16:bc:95:d4:c7:51:e8:f6:bb:b6:bf:26:56:ac:28:17:7b:5b:
c7:65:51:ca:4d:98:36:9f:f1:fb:c4:00:79:80:be:d4:70:ae:
31:77:f2:77:f2:a8:1f:ae:3f:3b:91:d5:b1:70:50:15:2b:d3:
22:a1:8f:b1:7e:6b:52:31:c6:47:5d:35:52:a5:bc:28:e3:66:
a0:85:69:28:ea:4c:9b:7e:37:29:87:ae:f0:a5:90:4d:ab:4d:
a5:08:0e:72:0e:bc:3c:cf:5f:ac:7f:11:f5:b2:8d:2f:b6:8d:
d9:7d:c1:9a:65:92:51:e5:e8:d8:5e:fe:db:ea:05:85:79:89:
09:ec:3d:39:d4:c2:36:9e:c7:b6:97:36:d7:59:c4:b9:c5:e7:
3c:43:71:5a:4b:77:9d:b3:2e:7b:9b:93:89:33:39:5d:ea:53:
f9:96:cc:35:7f:4e:c1:bf:e7:30:82:cf:3d:55:1e:ae:31:0f:
89:8b:8d:1a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY691dnKYbOhF0i35NpsMsSkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA4MTMxMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzI3NDljNDA5ZTlkNjg4YzU2MDg3NDdhMzdiYzM5NGI0ZTVjZmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwb2rbnHd4iRFu4iY1dCPBQkJXAxb
TkQpJZMk9CgdEzvPXT8LrRYGrGr04pFobSTEpMCBClxDM92Xgxuu2T+Ac79dfBVQ
0KY3Xzc7zj+aPElVcQ+XmjLGZlQM6NpcQYjEKq1Hv1tVMncCHUqxHEenRIH16JG2
EupffdRylBGUQ9u+daF0LOE7oL7E2fLI5EHcJPloLvmRGC77FQdEWYC7CgOJYl/L
JIROTU1RueQNquAoY+hYR3AIHwT3Su9a/5SCV2Wghq0c99lw5IDukgKJtVUcURch
7nXtfSgH2+6XcyrkiG2NsHigXGUEH1KYmZ8elUOoc2y4tl8bIHckwoF3HQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLwnScQJ6daIxWCHR6N7w5S05c/2MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdkNkSnhBbnAxb2pGWUlkSG8zdkRsTFRsel9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG7DGUrwu1S1uGTAZxQP
CbtVsi5sN//PTfVieHu8D9dyu/zN+N3I752Tqh7KC8BNiUw8QmlT9slZBBMZk5bA
Wo0Wb3F/sRhnfha8ldTHUej2u7a/JlasKBd7W8dlUcpNmDaf8fvEAHmAvtRwrjF3
8nfyqB+uPzuR1bFwUBUr0yKhj7F+a1IxxkddNVKlvCjjZqCFaSjqTJt+NymHrvCl
kE2rTaUIDnIOvDzPX6x/EfWyjS+2jdl9wZplklHl6Nhe/tvqBYV5iQnsPTnUwjae
x7aXNtdZxLnF5zxDcVpLd52zLnubk4kzOV3qU/mWzDV/TsG/5zCCzz1VHq4xD4mL
jRo=
-----END CERTIFICATE-----
Generated at Mon Apr 8 20:06:40 2024 by rpki-client on console.sobornost.net