Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xXOSyhDDvMnsa3szDUhNTnja9oc.roa
File: xXOSyhDDvMnsa3szDUhNTnja9oc.roa (raw, json)
Hash identifier: 60yHjCWjPtoJFsRLfan0tMNZCaYBGtEaMgFXPBWuFBs=
Subject key identifier: C5:73:92:CA:10:C3:BC:C9:EC:6B:7B:33:0D:48:4D:4E:78:DA:F6:87
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E558E2FC1D62A3964DDB4840E38C43ACC
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xXOSyhDDvMnsa3szDUhNTnja9oc.roa
Signing time: Tue 19 Mar 2024 07:12:45 +0000
ROA not before: Tue 19 Mar 2024 07:12:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 19 Mar 2024 08:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:55:8e:2f:c1:d6:2a:39:64:dd:b4:84:0e:38:c4:3a:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 19 07:12:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c57392ca10c3bcc9ec6b7b330d484d4e78daf687
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:f2:95:ea:ca:d3:23:f5:5d:01:05:5e:b5:b4:
e2:d6:c6:2a:d8:1d:9e:a2:9d:ee:9d:4f:73:8a:34:
46:90:e8:93:87:33:18:35:9e:ae:f4:83:dd:32:ac:
89:78:96:ca:5c:50:4a:e0:3d:69:74:3b:56:b5:9a:
44:14:56:46:f3:44:37:8a:3b:63:1b:4b:73:2b:31:
3f:cd:a1:c0:20:0a:34:54:03:1e:01:7f:8e:6f:89:
dc:0d:47:cc:1d:2e:20:6b:a1:9c:1f:be:0e:14:c5:
a8:17:4f:81:d3:5c:1d:31:61:57:fd:bb:57:5e:4d:
a6:56:2f:13:b6:a2:5c:fb:81:df:22:52:7a:24:0d:
d5:65:de:d3:98:cc:73:21:dc:fd:ec:04:d5:41:52:
5d:ef:20:c2:52:87:ab:5e:ab:c3:38:7e:d8:7d:23:
0f:37:8e:56:cb:1a:ae:ba:8e:56:f1:81:54:af:2d:
81:ac:b4:71:b5:bf:49:70:9d:ee:0b:b8:e9:42:16:
a7:0f:ff:df:03:f6:af:1a:9e:b8:3e:3e:25:0e:c5:
87:7f:3d:94:7d:50:81:e1:9a:fd:85:a9:26:c0:89:
52:bc:81:26:8a:c8:0f:44:0c:6b:b0:a9:b3:77:85:
7a:7c:38:e6:27:20:e6:08:5f:75:3f:95:24:97:fd:
de:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:73:92:CA:10:C3:BC:C9:EC:6B:7B:33:0D:48:4D:4E:78:DA:F6:87
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xXOSyhDDvMnsa3szDUhNTnja9oc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
23:aa:35:0c:78:69:1c:4b:6a:2c:88:8b:7c:e3:a5:13:f2:31:
43:0f:49:a6:b4:fc:bb:c2:98:9d:2b:48:db:3e:e6:29:cd:4c:
d2:35:5e:b0:fe:5e:49:6f:08:7d:44:ca:12:09:c7:02:86:5e:
e4:27:de:82:0b:57:9b:63:3e:e1:17:4d:29:b3:36:2c:3b:2e:
42:4c:4a:48:45:4a:2c:62:30:75:cd:a6:06:84:e4:c3:22:c3:
fb:70:c1:40:1a:7f:f1:ae:32:4a:bb:a5:20:ff:87:13:2c:c7:
cf:0d:cd:f3:bf:ce:dd:89:d8:70:36:ca:56:2c:14:e2:81:0b:
04:7c:bf:d9:9d:aa:37:3c:96:b9:34:2d:23:50:d3:c1:0d:66:
84:f1:41:7e:ca:ea:4d:57:9a:ac:25:24:89:ed:69:72:1f:a5:
79:b6:0c:2f:22:9a:f3:6f:ae:22:20:63:31:d8:cf:d5:8e:86:
cc:68:be:94:ba:69:07:55:20:04:05:c0:10:06:8a:e7:53:fb:
4f:9e:3d:c4:29:18:58:bf:ae:03:ad:e4:62:bf:9d:56:79:c8:
5a:af:70:f9:e4:a1:da:5e:b1:63:af:dd:f3:39:1f:d5:ba:a2:
2f:b3:1e:30:bc:01:9c:a4:1d:71:63:56:d0:04:db:73:a5:e7:
66:db:ab:6b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5Vji/B1io5ZN20hA44xDrMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE5MDcxMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTczOTJjYTEwYzNiY2M5ZWM2YjdiMzMwZDQ4NGQ0ZTc4ZGFmNjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfKV6srTI/VdAQVetbTi1sYq2B2e
op3unU9zijRGkOiThzMYNZ6u9IPdMqyJeJbKXFBK4D1pdDtWtZpEFFZG80Q3ijtj
G0tzKzE/zaHAIAo0VAMeAX+Ob4ncDUfMHS4ga6GcH74OFMWoF0+B01wdMWFX/btX
Xk2mVi8TtqJc+4HfIlJ6JA3VZd7TmMxzIdz97ATVQVJd7yDCUoerXqvDOH7YfSMP
N45Wyxquuo5W8YFUry2BrLRxtb9JcJ3uC7jpQhanD//fA/avGp64Pj4lDsWHfz2U
fVCB4Zr9hakmwIlSvIEmisgPRAxrsKmzd4V6fDjmJyDmCF91P5Ukl/3e7wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMVzksoQw7zJ7Gt7Mw1ITU542vaHMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEveFhPU3loRER2TW5zYTNzekRVaE5UbmphOW9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACOqNQx4aRxLaiyIi3zj
pRPyMUMPSaa0/LvCmJ0rSNs+5inNTNI1XrD+XklvCH1EyhIJxwKGXuQn3oILV5tj
PuEXTSmzNiw7LkJMSkhFSixiMHXNpgaE5MMiw/twwUAaf/GuMkq7pSD/hxMsx88N
zfO/zt2J2HA2ylYsFOKBCwR8v9mdqjc8lrk0LSNQ08ENZoTxQX7K6k1XmqwlJInt
aXIfpXm2DC8imvNvriIgYzHYz9WOhsxovpS6aQdVIAQFwBAGiudT+0+ePcQpGFi/
rgOt5GK/nVZ5yFqvcPnkodpesWOv3fM5H9W6oi+zHjC8AZykHXFjVtAE23Ol52bb
q2s=
-----END CERTIFICATE-----
Generated at Tue Mar 19 13:49:25 2024 by rpki-client on console.sobornost.net