Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vhco7t9AZyBzQezAftpxhnMXmZw.roa
File: vhco7t9AZyBzQezAftpxhnMXmZw.roa (raw, json)
Hash identifier: UuiSBZAd8mV/B2EwB0iIBgioAxiUzQCSNKFoCUAeYjI=
Subject key identifier: BE:17:28:EE:DF:40:67:20:73:41:EC:C0:7E:DA:71:86:73:17:99:9C
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E4982AFAF2B1E2178A187CDE7AD124ED2
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vhco7t9AZyBzQezAftpxhnMXmZw.roa
Signing time: Sat 16 Mar 2024 23:04:45 +0000
ROA not before: Sat 16 Mar 2024 23:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:4982:52c0/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 16 Mar 2024 23:12:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:49:82:af:af:2b:1e:21:78:a1:87:cd:e7:ad:12:4e:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 16 23:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be1728eedf4067207341ecc07eda71867317999c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:5f:d3:54:7d:40:98:e3:b6:e2:ea:d6:35:c1:
2f:e1:83:e6:e7:fe:13:00:5d:f9:d3:2b:f5:30:88:
07:f0:4f:59:2b:2b:ff:b9:28:ab:f1:34:d3:0f:00:
ca:7d:21:cb:13:6f:b6:66:c9:7d:92:43:cb:dc:6b:
87:aa:4e:62:7e:98:a0:73:fc:90:b3:1c:8b:3f:dd:
2a:5d:72:d3:f5:2c:e9:00:c0:3c:76:0e:61:d7:9d:
80:32:eb:0b:07:57:25:3e:5b:70:9d:91:5c:3a:46:
a0:a1:8c:d6:59:04:cf:fc:7b:34:5a:4f:57:33:3b:
b0:53:25:36:fb:e8:1c:2e:8e:0a:e3:33:e5:57:bd:
2e:2c:78:f5:16:be:3d:9a:d7:c4:5c:a3:be:08:38:
df:ec:ff:4c:99:89:39:9d:c2:97:33:a9:3a:89:85:
83:e5:67:d4:1d:7e:f4:6c:ee:7e:7f:a4:dc:23:14:
c0:94:33:3e:a9:c7:f1:a8:47:90:bc:59:ed:b6:3a:
95:a4:b7:ed:cb:b1:63:dd:a4:29:12:98:66:33:80:
83:f9:b3:bf:73:af:86:b5:84:c4:27:c3:af:61:df:
f3:2f:d4:07:06:0f:03:44:0b:ad:8e:95:56:78:c4:
25:a7:67:26:e5:bc:c4:50:d8:89:2b:98:73:7c:4f:
d6:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:17:28:EE:DF:40:67:20:73:41:EC:C0:7E:DA:71:86:73:17:99:9C
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vhco7t9AZyBzQezAftpxhnMXmZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9e:cc:cf:a3:2b:1b:d6:7a:6b:44:f0:e5:cd:b0:4e:36:1f:4b:
bf:94:53:95:ce:e1:64:08:8c:d3:75:9e:51:45:33:3f:56:05:
18:f9:cb:7f:f2:22:1c:85:84:af:91:3e:96:12:ab:3c:25:f7:
ac:60:5e:fe:b1:f5:6b:22:e6:89:e4:39:05:f0:b8:13:5f:44:
df:05:ab:67:04:89:69:85:f8:43:f4:c0:3f:a1:b5:46:4b:ad:
a1:2b:42:2c:3a:bd:a0:0f:13:36:d7:c0:2f:2c:a6:f5:5c:71:
b0:c1:33:dc:6c:32:9b:69:c1:db:f8:92:b0:7c:3f:76:7f:70:
16:7e:cb:81:f8:99:da:95:62:a2:c9:79:4e:83:2d:53:35:77:
23:d7:16:98:61:48:f2:03:b1:08:89:20:44:23:3d:e6:fc:3b:
1d:3a:4f:c2:42:be:b0:b8:25:1c:08:72:c1:bc:28:83:9a:53:
93:26:77:54:90:1e:89:53:4e:d3:bf:6e:7d:09:70:05:a7:f1:
78:60:1c:21:47:9f:a6:0a:b0:66:be:70:e8:bf:24:bc:f9:a7:
bb:8a:11:f4:b8:5d:fd:d6:33:67:4a:af:c6:b6:a9:14:30:5a:
de:bd:ad:3c:bc:37:0f:9a:84:13:bf:9b:8d:45:8f:4c:9f:3e:
71:19:06:fa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5Jgq+vKx4heKGHzeetEk7SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE2MjMwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTE3MjhlZWRmNDA2NzIwNzM0MWVjYzA3ZWRhNzE4NjczMTc5OTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiF/TVH1AmOO24urWNcEv4YPm5/4T
AF350yv1MIgH8E9ZKyv/uSir8TTTDwDKfSHLE2+2Zsl9kkPL3GuHqk5ifpigc/yQ
sxyLP90qXXLT9SzpAMA8dg5h152AMusLB1clPltwnZFcOkagoYzWWQTP/Hs0Wk9X
MzuwUyU2++gcLo4K4zPlV70uLHj1Fr49mtfEXKO+CDjf7P9MmYk5ncKXM6k6iYWD
5WfUHX70bO5+f6TcIxTAlDM+qcfxqEeQvFnttjqVpLfty7Fj3aQpEphmM4CD+bO/
c6+GtYTEJ8OvYd/zL9QHBg8DRAutjpVWeMQlp2cm5bzEUNiJK5hzfE/WewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL4XKO7fQGcgc0HswH7acYZzF5mcMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdmhjbzd0OUFaeUJ6UWV6QWZ0cHhobk1YbVp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ7Mz6MrG9Z6a0Tw5c2w
TjYfS7+UU5XO4WQIjNN1nlFFMz9WBRj5y3/yIhyFhK+RPpYSqzwl96xgXv6x9Wsi
5onkOQXwuBNfRN8Fq2cEiWmF+EP0wD+htUZLraErQiw6vaAPEzbXwC8spvVccbDB
M9xsMptpwdv4krB8P3Z/cBZ+y4H4mdqVYqLJeU6DLVM1dyPXFphhSPIDsQiJIEQj
Peb8Ox06T8JCvrC4JRwIcsG8KIOaU5Mmd1SQHolTTtO/bn0JcAWn8XhgHCFHn6YK
sGa+cOi/JLz5p7uKEfS4Xf3WM2dKr8a2qRQwWt69rTy8Nw+ahBO/m41Fj0yfPnEZ
Bvo=
-----END CERTIFICATE-----
Generated at Sun Mar 17 10:12:34 2024 by rpki-client on console.sobornost.net