Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vM7dTo0uJ7eJkl3XkqHrU43VUMc.roa
File: vM7dTo0uJ7eJkl3XkqHrU43VUMc.roa (raw, json)
Hash identifier: QgkWCT71B5swQhQhMWyp9W1Xcq/v0sAL9FIBsf6Hs6E=
Subject key identifier: BC:CE:DD:4E:8D:2E:27:B7:89:92:5D:D7:92:A1:EB:53:8D:D5:50:C7
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E3E5A3CF94D9A28D1D896107291253E03
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vM7dTo0uJ7eJkl3XkqHrU43VUMc.roa
Signing time: Thu 14 Mar 2024 19:04:44 +0000
ROA not before: Thu 14 Mar 2024 19:04:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:3e59:d9e4/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 14 Mar 2024 19:11:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3e:5a:3c:f9:4d:9a:28:d1:d8:96:10:72:91:25:3e:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 14 19:04:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bccedd4e8d2e27b789925dd792a1eb538dd550c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ac:4d:65:18:67:97:f0:e0:e2:d9:d2:3e:40:
62:09:ad:88:78:25:35:a8:78:5e:35:e6:21:b3:f7:
bf:5b:43:7b:80:a1:34:65:fa:fe:26:5b:a9:c9:e4:
3b:46:0f:e0:e3:9b:ad:89:9d:4d:59:4c:18:64:5f:
05:b2:57:ab:71:a0:a0:24:c9:e0:b5:c5:60:ca:6d:
c7:c2:7b:9c:33:fb:f6:55:dd:a5:7f:c7:54:83:18:
f8:9a:0d:47:5a:c3:b0:f5:cb:74:2e:67:ea:f3:45:
94:a8:6f:82:27:b1:9a:c0:b2:eb:49:22:5d:32:23:
13:53:cc:94:67:95:b4:5f:6f:75:e3:76:94:95:a2:
ca:08:ae:94:45:22:f8:77:05:fc:6f:20:29:4a:94:
82:e4:6a:2b:ee:74:26:94:fb:ec:d9:f7:f3:6b:50:
6e:62:b3:56:ba:b9:f9:62:b1:e9:dd:a5:48:3a:55:
e7:b8:96:66:ae:9c:db:d3:b6:ac:18:6c:1e:ec:87:
f9:41:87:7b:7d:cc:15:d6:37:c6:10:22:d5:be:8d:
87:30:3f:c9:12:a6:99:a1:7b:6e:54:67:63:f6:87:
ab:de:79:db:da:2f:e6:40:7f:63:93:68:be:de:fe:
cf:00:6d:f1:d3:d1:7b:c5:83:43:08:9a:20:61:68:
e6:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:CE:DD:4E:8D:2E:27:B7:89:92:5D:D7:92:A1:EB:53:8D:D5:50:C7
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vM7dTo0uJ7eJkl3XkqHrU43VUMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
89:d1:29:33:d9:3d:5b:ea:f5:1d:b8:de:88:39:db:b8:6f:43:
09:15:41:2f:30:f2:a0:5b:34:5d:09:b0:72:8b:61:79:ed:10:
75:e1:77:80:ca:f7:bf:d1:41:e1:66:c5:78:44:c8:a6:90:46:
27:36:10:9b:38:e1:32:59:1f:63:2f:bb:11:d0:09:05:8d:c6:
c3:c2:07:84:a0:1f:3b:2a:93:f1:c4:29:2a:c4:e0:d6:24:dc:
c2:58:2c:00:7a:94:09:c4:97:e5:4a:78:a1:c8:aa:f9:c2:04:
ef:1c:a9:e2:24:5a:3f:80:e3:54:67:f1:16:22:94:3c:8c:4c:
a4:4d:d9:d6:4b:a0:f6:fe:8d:b2:97:35:e5:a0:56:52:03:56:
a4:b2:3d:89:7d:e1:cf:3d:93:d9:2c:60:b8:c6:49:70:60:09:
17:5c:df:64:38:d2:ae:71:cc:14:15:ca:25:a5:e7:db:a1:05:
4b:b3:f4:08:64:d9:f7:70:7d:fe:c5:de:6a:7b:f0:e8:30:f7:
df:3f:23:71:e0:a5:dc:f3:51:29:48:23:5e:ba:83:f9:49:bb:
d0:14:6f:d1:c2:69:83:13:f0:88:86:0e:d0:c4:00:6f:1d:0b:
30:00:d1:39:66:9b:10:92:ce:91:be:06:06:ef:d4:6f:e3:f7:
f6:51:8c:93
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4+Wjz5TZoo0diWEHKRJT4DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE0MTkwNDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2NlZGQ0ZThkMmUyN2I3ODk5MjVkZDc5MmExZWI1MzhkZDU1MGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqxNZRhnl/Dg4tnSPkBiCa2IeCU1
qHheNeYhs/e/W0N7gKE0Zfr+JlupyeQ7Rg/g45utiZ1NWUwYZF8FslercaCgJMng
tcVgym3HwnucM/v2Vd2lf8dUgxj4mg1HWsOw9ct0Lmfq80WUqG+CJ7GawLLrSSJd
MiMTU8yUZ5W0X29143aUlaLKCK6URSL4dwX8byApSpSC5Gor7nQmlPvs2ffza1Bu
YrNWurn5YrHp3aVIOlXnuJZmrpzb07asGGwe7If5QYd7fcwV1jfGECLVvo2HMD/J
EqaZoXtuVGdj9oer3nnb2i/mQH9jk2i+3v7PAG3x09F7xYNDCJogYWjmDwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLzO3U6NLie3iZJd15Kh61ON1VDHMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdk03ZFRvMHVKN2VKa2wzWGtxSHJVNDNWVU1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAInRKTPZPVvq9R243og5
27hvQwkVQS8w8qBbNF0JsHKLYXntEHXhd4DK97/RQeFmxXhEyKaQRic2EJs44TJZ
H2MvuxHQCQWNxsPCB4SgHzsqk/HEKSrE4NYk3MJYLAB6lAnEl+VKeKHIqvnCBO8c
qeIkWj+A41Rn8RYilDyMTKRN2dZLoPb+jbKXNeWgVlIDVqSyPYl94c89k9ksYLjG
SXBgCRdc32Q40q5xzBQVyiWl59uhBUuz9Ahk2fdwff7F3mp78Ogw998/I3Hgpdzz
USlII166g/lJu9AUb9HCaYMT8IiGDtDEAG8dCzAA0TlmmxCSzpG+Bgbv1G/j9/ZR
jJM=
-----END CERTIFICATE-----
Generated at Fri Mar 15 04:36:42 2024 by rpki-client on console.sobornost.net