Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/wL0XEM6dzwcqzzNrUoF53wux5CM.roa
File: wL0XEM6dzwcqzzNrUoF53wux5CM.roa (raw, json)
Hash identifier: OJgCiV+oA8F2yVjHsSiqWtt4u0iSPhEp8hQz1gv6IuQ=
Subject key identifier: C0:BD:17:10:CE:9D:CF:07:2A:CF:33:6B:52:81:79:DF:0B:B1:E4:23
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DEDEB2A648496493B11A6AAC4F2E1458D
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/wL0XEM6dzwcqzzNrUoF53wux5CM.roa
Signing time: Wed 28 Feb 2024 04:13:48 +0000
ROA not before: Wed 28 Feb 2024 04:13:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 28 Feb 2024 05:04:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ed:eb:2a:64:84:96:49:3b:11:a6:aa:c4:f2:e1:45:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 28 04:13:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c0bd1710ce9dcf072acf336b528179df0bb1e423
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0f:a8:bf:4a:2b:27:ce:2e:7f:af:e0:48:a5:
e7:11:44:e2:92:52:0b:cd:ce:cf:89:07:04:92:c6:
d8:b5:d3:02:3b:43:99:79:59:83:dd:e8:12:5b:cb:
b1:31:ee:23:af:7e:ca:38:14:c7:30:b4:92:78:26:
27:7a:08:50:8f:bb:eb:af:a5:87:da:da:1e:59:8b:
4a:20:6f:2b:a1:64:77:98:12:76:15:33:a9:9c:15:
f0:d6:d4:ab:97:3c:0d:a5:4e:69:f3:51:1c:dc:6a:
f0:e4:de:04:8e:e2:23:0e:ac:4f:c6:31:50:a6:68:
45:b9:06:45:88:46:00:f0:77:ca:9b:df:d9:f9:11:
3d:fd:ca:08:d9:f3:06:09:ee:04:7e:32:37:55:78:
d0:4b:63:d3:6b:44:a6:40:6e:52:1a:1f:b3:56:76:
27:8e:6b:7e:c0:ff:67:aa:b7:4c:46:05:fa:62:9a:
99:6f:b3:62:f2:68:99:e7:97:94:0a:66:7d:11:1b:
d8:69:d7:b1:88:ce:05:54:5b:fe:dc:d9:1b:a3:61:
6e:71:a6:27:89:73:86:59:ca:4f:f1:33:1e:fb:8e:
cd:1a:5d:32:e2:7c:90:0a:9d:94:6a:5e:33:bb:ca:
46:7e:de:02:67:d0:3a:dc:99:22:91:a5:fe:3c:2b:
29:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:BD:17:10:CE:9D:CF:07:2A:CF:33:6B:52:81:79:DF:0B:B1:E4:23
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/wL0XEM6dzwcqzzNrUoF53wux5CM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
01:a0:bd:3b:37:f7:c1:07:96:d2:d5:74:1a:c7:36:e0:3c:fa:
12:33:9a:f9:f3:1e:53:aa:16:d2:c8:45:3e:3d:9b:4d:e1:ed:
49:43:5c:45:b2:97:67:92:59:78:89:8a:74:fb:60:be:02:bd:
b8:b7:40:34:0c:df:4d:4a:d0:46:ab:34:9e:57:1e:f4:8f:0a:
72:98:f5:a6:6a:76:b2:b5:44:75:7f:5e:e7:9a:55:4a:dc:5f:
62:d3:8c:dd:d0:ea:52:6f:ea:b0:3d:6d:fc:d1:43:3a:eb:69:
3e:f6:42:91:d8:63:6f:37:fd:cd:df:fa:40:45:e8:57:86:5e:
3a:1a:92:93:b0:73:75:c0:bd:3b:82:28:40:e0:8a:ea:66:4d:
55:2f:34:19:0c:bb:b2:66:32:3c:a6:7e:7d:4a:8a:fd:cb:ca:
70:db:25:f0:21:18:1f:bc:b2:11:79:62:7d:a4:27:ac:a3:13:
27:00:66:6e:86:6f:e3:5a:a8:bc:49:a3:d3:a5:ab:a7:70:db:
13:cd:51:81:3d:83:14:65:24:75:18:73:12:e8:8c:97:d5:43:
03:0b:a9:14:ce:d8:f3:df:17:de:76:d3:3a:9b:fb:ef:47:06:
41:82:62:a1:00:8e:1d:cc:c0:b3:06:b2:7c:57:8f:4d:8a:f9:
ed:df:56:66
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3t6ypkhJZJOxGmqsTy4UWNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI4MDQxMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGJkMTcxMGNlOWRjZjA3MmFjZjMzNmI1MjgxNzlkZjBiYjFlNDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxw+ov0orJ84uf6/gSKXnEUTiklIL
zc7PiQcEksbYtdMCO0OZeVmD3egSW8uxMe4jr37KOBTHMLSSeCYneghQj7vrr6WH
2toeWYtKIG8roWR3mBJ2FTOpnBXw1tSrlzwNpU5p81Ec3Grw5N4EjuIjDqxPxjFQ
pmhFuQZFiEYA8HfKm9/Z+RE9/coI2fMGCe4EfjI3VXjQS2PTa0SmQG5SGh+zVnYn
jmt+wP9nqrdMRgX6YpqZb7Ni8miZ55eUCmZ9ERvYadexiM4FVFv+3Nkbo2FucaYn
iXOGWcpP8TMe+47NGl0y4nyQCp2Ual4zu8pGft4CZ9A63JkikaX+PCspmQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMC9FxDOnc8HKs8za1KBed8LseQjMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvd0wwWEVNNmR6d2NxenpOclVvRjUzd3V4NUNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAGgvTs398EHltLVdBrH
NuA8+hIzmvnzHlOqFtLIRT49m03h7UlDXEWyl2eSWXiJinT7YL4Cvbi3QDQM301K
0EarNJ5XHvSPCnKY9aZqdrK1RHV/XueaVUrcX2LTjN3Q6lJv6rA9bfzRQzrraT72
QpHYY283/c3f+kBF6FeGXjoakpOwc3XAvTuCKEDgiupmTVUvNBkMu7JmMjymfn1K
iv3LynDbJfAhGB+8shF5Yn2kJ6yjEycAZm6Gb+NaqLxJo9Olq6dw2xPNUYE9gxRl
JHUYcxLojJfVQwMLqRTO2PPfF9520zqb++9HBkGCYqEAjh3MwLMGsnxXj02K+e3f
VmY=
-----END CERTIFICATE-----
Generated at Wed Feb 28 10:08:04 2024 by rpki-client on console.sobornost.net