Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vt28ncdWXqoD9tfmf7jJvt7cvAM.roa
File: vt28ncdWXqoD9tfmf7jJvt7cvAM.roa (raw, json)
Hash identifier: yDgASj/+x4RwiLB+T9krtz+QvIdiXE0VgerVm+o4GGY=
Subject key identifier: BE:DD:BC:9D:C7:56:5E:AA:03:F6:D7:E6:7F:B8:C9:BE:DE:DC:BC:03
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EE24FD6837ED57C0F98B5838E69067F2A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vt28ncdWXqoD9tfmf7jJvt7cvAM.roa
Signing time: Mon 15 Apr 2024 15:11:06 +0000
ROA not before: Mon 15 Apr 2024 15:11:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 15 Apr 2024 16:05:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e2:4f:d6:83:7e:d5:7c:0f:98:b5:83:8e:69:06:7f:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 15 15:11:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=beddbc9dc7565eaa03f6d7e67fb8c9bededcbc03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e6:27:31:3d:26:55:81:ca:25:97:b7:7a:d2:
bd:71:1b:b4:80:c2:e6:84:fe:82:6b:46:0c:51:ad:
b6:44:7b:d3:f5:c3:ee:7f:eb:63:36:9a:09:35:81:
aa:c0:2b:f7:e5:b3:58:f8:c8:46:d0:93:08:a7:b3:
69:3b:a8:ef:98:dd:8b:e5:86:fc:8a:bf:22:a0:79:
61:17:32:e6:07:d7:6a:90:22:f1:50:10:a2:9a:59:
a3:3d:80:66:a3:63:2d:19:0f:f1:cf:b9:2c:8b:b5:
e7:ea:40:f3:17:7e:d6:e7:73:48:a6:14:29:c9:a7:
db:89:a4:e8:d0:2f:21:fa:cf:41:eb:a8:59:69:e3:
89:88:29:9b:a5:22:df:a9:99:7a:9f:13:97:01:57:
0f:fd:c8:bc:1d:fd:e1:d4:3b:e7:31:55:5d:f2:d4:
1b:f0:13:be:7d:e2:d7:17:9e:57:73:74:22:69:9b:
70:e1:5c:57:e3:83:55:2c:43:9e:13:8c:25:9b:78:
4c:d5:30:4e:84:56:b0:af:d6:e2:57:5b:7a:da:b4:
53:6a:b9:96:b2:c9:b2:78:5d:70:34:31:74:38:75:
21:23:7d:f9:ca:45:33:ba:b8:53:8c:ca:4c:b9:eb:
9b:08:94:e3:49:83:09:83:94:3f:c6:50:bd:c8:05:
57:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:DD:BC:9D:C7:56:5E:AA:03:F6:D7:E6:7F:B8:C9:BE:DE:DC:BC:03
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vt28ncdWXqoD9tfmf7jJvt7cvAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
33:da:18:6e:65:be:13:49:55:ea:b5:f9:42:43:c4:f2:8e:f0:
62:c0:d7:cb:88:95:51:5a:ad:03:5c:90:51:b7:99:4a:a9:b3:
88:39:93:fd:6b:4b:a9:6d:19:0e:25:b2:40:d2:bd:c0:11:a1:
21:76:5e:64:5a:8f:38:94:f5:11:15:76:8a:5e:5e:21:ef:6c:
2d:dd:40:b7:de:b5:20:e1:d8:0d:9c:b4:52:f4:f3:e7:85:1d:
fd:a5:5b:e0:ae:16:b5:56:b2:4b:eb:62:93:8f:22:ed:26:57:
6a:47:01:99:19:be:3c:7d:79:65:33:ca:bc:a4:ca:6f:32:38:
e2:b2:31:54:34:4e:cd:78:3c:08:e3:0a:82:86:a9:89:ad:ee:
17:bb:81:23:ee:79:93:3c:ef:69:cf:cd:c0:62:32:d5:cc:e1:
c5:4f:3e:25:8d:40:19:93:a7:94:25:50:27:2c:98:70:c4:6f:
3d:cb:24:81:e8:fa:eb:a3:19:9e:97:fd:0e:6a:a3:c4:ef:f8:
0c:fa:6d:f8:29:79:96:16:19:ce:db:64:69:2f:f4:cc:3c:51:
af:af:e7:b8:66:a6:97:44:4e:81:27:07:e2:17:77:7c:b3:47:
07:d2:4c:41:a0:26:32:e1:f2:0e:f6:c3:bc:bf:03:b0:1e:e5:
47:86:5c:32
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7iT9aDftV8D5i1g45pBn8qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDE1MTUxMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWRkYmM5ZGM3NTY1ZWFhMDNmNmQ3ZTY3ZmI4YzliZWRlZGNiYzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuYnMT0mVYHKJZe3etK9cRu0gMLm
hP6Ca0YMUa22RHvT9cPuf+tjNpoJNYGqwCv35bNY+MhG0JMIp7NpO6jvmN2L5Yb8
ir8ioHlhFzLmB9dqkCLxUBCimlmjPYBmo2MtGQ/xz7ksi7Xn6kDzF37W53NIphQp
yafbiaTo0C8h+s9B66hZaeOJiCmbpSLfqZl6nxOXAVcP/ci8Hf3h1DvnMVVd8tQb
8BO+feLXF55Xc3QiaZtw4VxX44NVLEOeE4wlm3hM1TBOhFawr9biV1t62rRTarmW
ssmyeF1wNDF0OHUhI335ykUzurhTjMpMueubCJTjSYMJg5Q/xlC9yAVXtwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL7dvJ3HVl6qA/bX5n+4yb7e3LwDMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdnQyOG5jZFdYcW9EOXRmbWY3akp2dDdjdkFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADPaGG5lvhNJVeq1+UJD
xPKO8GLA18uIlVFarQNckFG3mUqps4g5k/1rS6ltGQ4lskDSvcARoSF2XmRajziU
9REVdopeXiHvbC3dQLfetSDh2A2ctFL08+eFHf2lW+CuFrVWskvrYpOPIu0mV2pH
AZkZvjx9eWUzyrykym8yOOKyMVQ0Ts14PAjjCoKGqYmt7he7gSPueZM872nPzcBi
MtXM4cVPPiWNQBmTp5QlUCcsmHDEbz3LJIHo+uujGZ6X/Q5qo8Tv+Az6bfgpeZYW
Gc7bZGkv9Mw8Ua+v57hmppdEToEnB+IXd3yzRwfSTEGgJjLh8g72w7y/A7Ae5UeG
XDI=
-----END CERTIFICATE-----
Generated at Tue Apr 16 00:10:51 2024 by rpki-client on console.sobornost.net