Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/x5X5nTEgcsUbKODXCXBlLs6uuG4.roa
File: x5X5nTEgcsUbKODXCXBlLs6uuG4.roa (raw, json)
Hash identifier: ItN4vjF5CHMhv4VW4C17Q+M7wo87hD+8mU57wkbKKjo=
Subject key identifier: C7:95:F9:9D:31:20:72:C5:1B:28:E0:D7:09:70:65:2E:CE:AE:B8:6E
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E5F344729E408FF66B61FEAEE082B1624
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/x5X5nTEgcsUbKODXCXBlLs6uuG4.roa
Signing time: Thu 21 Mar 2024 04:10:45 +0000
ROA not before: Thu 21 Mar 2024 04:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 21 Mar 2024 05:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5f:34:47:29:e4:08:ff:66:b6:1f:ea:ee:08:2b:16:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 21 04:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c795f99d312072c51b28e0d70970652eceaeb86e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:6f:d6:e8:be:17:a9:0b:92:fd:cf:c2:c4:ba:
6b:94:d4:cf:96:aa:01:4c:54:4a:94:63:f8:24:7f:
42:82:30:25:58:4e:4c:b1:23:c2:43:49:b9:a3:6a:
96:97:01:a1:89:81:b3:a1:65:c0:c3:02:cf:a8:c6:
f9:f5:71:f9:e2:27:25:12:6c:eb:40:d0:62:81:3f:
08:5f:0d:32:9e:6c:ad:50:c9:d4:73:2e:20:9e:9e:
ca:af:2e:d3:14:2f:f1:ea:42:dc:2b:3f:ee:dc:49:
62:ca:75:02:28:9f:d5:04:f5:9d:6c:d0:d1:79:fa:
2c:46:49:cc:b5:55:44:63:4f:23:b2:6b:b5:7c:53:
19:14:f0:1f:7b:59:bd:c6:48:f7:d7:42:fe:b6:3b:
4c:e3:71:45:22:89:fa:8d:c9:e0:3b:4b:8b:35:f8:
4b:e5:01:32:05:2f:dd:6f:87:12:01:3a:f5:e8:e0:
35:33:66:da:be:41:5c:c8:93:60:11:12:17:c5:57:
f1:77:fa:07:84:0e:08:56:e0:12:51:6e:ca:4a:e2:
a0:a0:04:4c:c3:9e:7c:2f:b7:9f:f9:d0:92:30:4a:
06:cc:ee:eb:e9:70:e3:24:64:0b:b5:21:1e:b1:f0:
e7:4b:b8:1b:d4:4f:4c:4a:e1:14:18:45:88:40:1a:
3f:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:95:F9:9D:31:20:72:C5:1B:28:E0:D7:09:70:65:2E:CE:AE:B8:6E
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/x5X5nTEgcsUbKODXCXBlLs6uuG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3b:b3:fb:fe:5c:31:bb:2e:65:45:4f:9e:3f:89:2a:51:c8:54:
da:0f:e7:a7:14:a0:8d:06:da:3c:95:ae:8c:30:31:a7:46:de:
83:76:37:d3:72:45:3b:a3:06:04:f4:83:6d:ae:35:b2:45:64:
4b:8d:fc:d3:f9:8f:24:e3:69:cd:3e:a2:ad:a0:ec:cc:4f:c1:
0c:5e:c9:c1:9b:78:08:00:e8:02:c0:05:25:44:ca:70:15:fa:
1f:16:88:5f:ff:3d:07:d1:14:22:72:01:9d:3b:e1:ad:92:bf:
a2:f8:b4:20:b8:5b:e1:fc:00:12:88:7b:87:d0:f3:d6:1e:cd:
f9:7b:0e:61:58:90:8a:8e:0d:f3:84:2e:71:4c:f3:ca:b4:20:
7b:fd:b9:c6:9f:a0:76:ce:38:75:b7:16:76:08:f0:e3:34:bd:
c2:44:e8:62:a4:f6:0d:e2:67:f4:4f:aa:76:f9:7f:67:35:96:
49:b0:95:70:87:bf:26:a5:67:cb:d5:98:5d:71:b0:e4:08:a9:
7f:4a:bc:be:5b:e9:4e:50:75:f6:ca:86:97:11:2c:18:88:2c:
c8:17:af:30:ce:0f:2b:3b:cd:b0:56:4b:d1:e8:dd:04:cc:e9:
e4:0e:68:83:58:8f:f1:bb:43:68:32:9f:05:06:a4:8b:0b:4e:
43:b2:51:51
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5fNEcp5Aj/ZrYf6u4IKxYkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzIxMDQxMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzk1Zjk5ZDMxMjA3MmM1MWIyOGUwZDcwOTcwNjUyZWNlYWViODZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhW/W6L4XqQuS/c/CxLprlNTPlqoB
TFRKlGP4JH9CgjAlWE5MsSPCQ0m5o2qWlwGhiYGzoWXAwwLPqMb59XH54iclEmzr
QNBigT8IXw0ynmytUMnUcy4gnp7Kry7TFC/x6kLcKz/u3EliynUCKJ/VBPWdbNDR
efosRknMtVVEY08jsmu1fFMZFPAfe1m9xkj310L+tjtM43FFIon6jcngO0uLNfhL
5QEyBS/db4cSATr16OA1M2bavkFcyJNgERIXxVfxd/oHhA4IVuASUW7KSuKgoARM
w558L7ef+dCSMEoGzO7r6XDjJGQLtSEesfDnS7gb1E9MSuEUGEWIQBo/aQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMeV+Z0xIHLFGyjg1wlwZS7OrrhuMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEveDVYNW5URWdjc1ViS09EWENYQmxMczZ1dUc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADuz+/5cMbsuZUVPnj+J
KlHIVNoP56cUoI0G2jyVrowwMadG3oN2N9NyRTujBgT0g22uNbJFZEuN/NP5jyTj
ac0+oq2g7MxPwQxeycGbeAgA6ALABSVEynAV+h8WiF//PQfRFCJyAZ074a2Sv6L4
tCC4W+H8ABKIe4fQ89Yezfl7DmFYkIqODfOELnFM88q0IHv9ucafoHbOOHW3FnYI
8OM0vcJE6GKk9g3iZ/RPqnb5f2c1lkmwlXCHvyalZ8vVmF1xsOQIqX9KvL5b6U5Q
dfbKhpcRLBiILMgXrzDODys7zbBWS9Ho3QTM6eQOaINYj/G7Q2gynwUGpIsLTkOy
UVE=
-----END CERTIFICATE-----
Generated at Thu Mar 21 11:25:59 2024 by rpki-client on console.sobornost.net