Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xr9JCPUZ_Co0-7f7CsL19nw5SPE.roa
File: xr9JCPUZ_Co0-7f7CsL19nw5SPE.roa (raw, json)
Hash identifier: EhV4UVKpoZ0ErGOK4GJVfld2VCBovHcphOaBsMTIXSM=
Subject key identifier: C6:BF:49:08:F5:19:FC:2A:34:FB:B7:FB:0A:C2:F5:F6:7C:39:48:F1
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E90F6ECAE376541BF4899F7F9AD03329C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xr9JCPUZ_Co0-7f7CsL19nw5SPE.roa
Signing time: Sat 30 Mar 2024 20:04:45 +0000
ROA not before: Sat 30 Mar 2024 20:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
2001:67c:64:ffff:0:18e:90f6:74f7/128 maxlen: 128
Validation: Failed, certificate revoked on Sat 30 Mar 2024 20:12:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:90:f6:ec:ae:37:65:41:bf:48:99:f7:f9:ad:03:32:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 30 20:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c6bf4908f519fc2a34fbb7fb0ac2f5f67c3948f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:15:36:89:3d:48:fd:16:e2:45:9a:7c:d7:53:
a3:8d:ab:15:d9:4f:9e:26:c5:b6:00:98:eb:e5:0c:
4b:c4:c3:2b:a3:40:bf:8a:c0:c3:aa:ad:6f:62:96:
a3:61:cd:09:e2:0e:8d:44:44:44:60:9c:af:5a:31:
74:2f:16:4b:25:be:dc:81:b1:e2:98:1a:73:6a:65:
f9:2e:da:1e:9b:ec:4c:08:12:ff:fd:2f:47:4b:21:
cc:80:8a:64:b5:7a:23:a6:b4:e4:7a:b6:b9:14:f8:
f1:cd:8d:da:63:6c:81:ef:eb:67:89:78:6e:5a:6c:
6a:07:73:b4:0e:db:2c:c6:7d:34:e9:e9:43:df:a1:
35:aa:bf:2a:c7:e9:a1:b6:db:0f:40:a6:88:4a:b0:
b2:b7:e5:22:1f:31:b6:ca:31:d3:61:02:49:dc:d8:
0c:98:a9:0c:6c:21:1e:42:8e:fa:da:67:d0:16:42:
52:50:c1:62:61:b4:89:17:aa:8c:8f:44:45:e9:8b:
04:ad:6f:e8:1d:54:73:e3:7b:3f:a2:cf:8a:7f:11:
cf:4c:03:fc:4a:75:87:cd:ec:ad:df:03:9a:66:cc:
a7:de:fd:f5:34:f5:01:78:3f:e7:37:27:6a:32:2c:
90:0a:f3:29:3f:56:61:f9:54:3e:d5:b4:72:a0:ad:
54:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:BF:49:08:F5:19:FC:2A:34:FB:B7:FB:0A:C2:F5:F6:7C:39:48:F1
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xr9JCPUZ_Co0-7f7CsL19nw5SPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
82:e5:7c:b7:01:d4:7d:ac:97:76:cc:63:06:65:c6:42:02:5d:
18:24:36:8c:19:7a:a7:ae:38:ca:fc:a1:87:8c:89:0e:d1:e1:
b7:a2:04:6d:76:d0:e0:fb:9a:99:bd:3c:32:7d:8f:20:53:a3:
93:b7:da:2d:3e:84:7e:7e:49:fe:33:a1:da:e3:dd:7e:78:d9:
a8:2d:cc:73:c8:78:9c:ce:fb:23:46:32:a2:ae:44:96:86:6e:
6c:79:a2:26:d2:1e:45:a8:dd:f5:7f:67:52:a1:66:dd:ee:16:
6d:71:e9:63:34:a1:b4:5d:04:c5:09:0b:ca:8e:a2:ac:32:95:
c9:23:a8:95:66:1a:76:58:8c:57:e8:26:61:5b:c7:81:48:21:
fc:44:59:c9:b5:1d:27:7d:8c:a2:bc:d4:88:f4:40:60:da:4b:
7d:a6:bd:0c:4a:66:31:05:46:77:58:83:f0:54:11:a0:d9:24:
da:85:66:55:8d:bb:95:04:9d:0e:33:d5:0e:72:b4:20:cf:b3:
cb:fc:4a:32:2e:76:d0:4c:2d:3e:10:f2:1b:88:9c:51:97:5b:
e4:1b:be:3a:dd:91:16:76:04:23:28:5a:14:3f:d4:0f:d8:b8:
48:d3:07:fe:59:83:da:8d:69:d4:8e:e4:1a:0a:a1:c7:86:7d:
f8:37:5f:81
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6Q9uyuN2VBv0iZ9/mtAzKcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzMwMjAwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmJmNDkwOGY1MTlmYzJhMzRmYmI3ZmIwYWMyZjVmNjdjMzk0OGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBU2iT1I/RbiRZp811OjjasV2U+e
JsW2AJjr5QxLxMMro0C/isDDqq1vYpajYc0J4g6NREREYJyvWjF0LxZLJb7cgbHi
mBpzamX5Ltoem+xMCBL//S9HSyHMgIpktXojprTkera5FPjxzY3aY2yB7+tniXhu
WmxqB3O0Dtssxn006elD36E1qr8qx+mhttsPQKaISrCyt+UiHzG2yjHTYQJJ3NgM
mKkMbCEeQo762mfQFkJSUMFiYbSJF6qMj0RF6YsErW/oHVRz43s/os+KfxHPTAP8
SnWHzeyt3wOaZsyn3v31NPUBeD/nNydqMiyQCvMpP1Zh+VQ+1bRyoK1USwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMa/SQj1GfwqNPu3+wrC9fZ8OUjxMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEveHI5SkNQVVpfQ28wLTdmN0NzTDE5bnc1U1BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAILlfLcB1H2sl3bMYwZl
xkICXRgkNowZeqeuOMr8oYeMiQ7R4beiBG120OD7mpm9PDJ9jyBTo5O32i0+hH5+
Sf4zodrj3X542agtzHPIeJzO+yNGMqKuRJaGbmx5oibSHkWo3fV/Z1KhZt3uFm1x
6WM0obRdBMUJC8qOoqwylckjqJVmGnZYjFfoJmFbx4FIIfxEWcm1HSd9jKK81Ij0
QGDaS32mvQxKZjEFRndYg/BUEaDZJNqFZlWNu5UEnQ4z1Q5ytCDPs8v8SjIudtBM
LT4Q8huInFGXW+QbvjrdkRZ2BCMoWhQ/1A/YuEjTB/5Zg9qNadSO5BoKoceGffg3
X4E=
-----END CERTIFICATE-----
Generated at Sun Mar 31 06:26:09 2024 by rpki-client on console.sobornost.net