Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/yw86VWPNbVHKOYgMHh6hrOvMqoQ.roa
File: yw86VWPNbVHKOYgMHh6hrOvMqoQ.roa (raw, json)
Hash identifier: 9Xk0OcGQXSnyVBHQBKhJBiLxdX2k/Zogw0R0IS+fvFk=
Subject key identifier: CB:0F:3A:55:63:CD:6D:51:CA:39:88:0C:1E:1E:A1:AC:EB:CC:AA:84
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DF7940151A818EC49A198F2E899453400
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/yw86VWPNbVHKOYgMHh6hrOvMqoQ.roa
Signing time: Fri 01 Mar 2024 01:14:48 +0000
ROA not before: Fri 01 Mar 2024 01:14:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 01 Mar 2024 02:04:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f7:94:01:51:a8:18:ec:49:a1:98:f2:e8:99:45:34:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 1 01:14:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb0f3a5563cd6d51ca39880c1e1ea1acebccaa84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:9f:97:96:45:d7:a0:ec:03:ec:c7:7f:df:ed:
6f:20:1e:29:d4:82:6c:4e:e7:51:94:9a:e9:cb:af:
94:8a:dc:1b:4b:19:1f:f1:7a:7d:91:54:58:85:1a:
1a:52:c9:99:0c:89:39:8b:a8:5a:2a:59:f8:63:19:
77:b0:75:4b:61:8c:f8:0b:6a:e4:ed:42:75:b5:43:
c8:61:83:68:46:8e:cc:2d:46:6e:b3:94:a3:ad:86:
9a:ab:06:99:2c:b2:80:9c:88:2b:f0:15:8b:f0:89:
e7:29:5d:cc:8c:d2:31:b5:95:50:aa:be:b5:9e:5c:
3b:7e:cd:83:ec:6a:39:47:8b:4a:e8:26:b2:58:be:
5d:62:3b:13:de:5c:f6:38:a7:22:0a:9a:3f:6c:2e:
c4:2b:4d:0c:80:0e:d6:4f:a0:c5:02:96:e4:5a:41:
e0:81:06:af:72:20:f0:dd:8a:a7:5f:e0:4d:04:fc:
76:a2:03:bc:ba:0d:13:4d:a1:52:87:b7:6e:40:8c:
7b:34:0b:d6:47:9b:3a:af:75:09:87:a6:fc:71:4c:
a0:1b:b3:31:5e:bc:c9:fa:00:77:84:f1:ec:eb:1b:
96:22:1a:a6:66:a1:ab:6f:e2:b4:d8:b7:22:73:30:
90:bb:ff:fa:4d:f1:1f:45:2f:ad:45:aa:b5:f8:1e:
b4:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:0F:3A:55:63:CD:6D:51:CA:39:88:0C:1E:1E:A1:AC:EB:CC:AA:84
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/yw86VWPNbVHKOYgMHh6hrOvMqoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
16:6d:df:80:d1:96:53:9e:28:2a:ae:63:58:c1:87:0c:2b:4a:
03:90:df:b2:34:3c:81:0b:d8:f0:fa:71:d3:10:42:7e:2a:e6:
e4:20:b7:9f:7a:a3:9e:35:ac:4a:f1:89:41:39:6a:74:23:36:
fe:02:99:c6:e1:ce:ca:c7:12:e0:0c:ea:78:09:16:79:77:a9:
88:98:7d:a8:96:53:d8:ca:3c:24:f2:16:62:24:72:15:1f:4c:
17:0b:c5:5b:fb:f4:d9:a5:6e:d1:ed:75:70:4c:6a:2e:4e:af:
7c:87:3d:12:c5:3b:7c:3a:a7:cd:07:71:f3:a6:0c:57:02:52:
15:ed:30:45:35:be:24:52:34:4f:4e:73:82:06:e6:9a:44:d0:
c3:c1:2a:96:f7:31:b5:ca:62:88:53:04:35:16:92:04:51:2b:
03:ae:e7:8b:13:94:f5:cd:52:4d:ad:24:a8:11:10:aa:eb:3d:
9a:36:72:09:30:f0:a7:d1:a8:e0:e4:77:d3:43:e1:51:aa:8c:
81:80:ab:a1:26:86:b3:ff:26:8a:2f:0c:1b:41:bc:e4:d8:9f:
78:02:be:5b:2d:9c:38:0e:7f:72:d5:ca:f3:fc:04:49:64:52:
54:26:e5:86:6e:1e:d6:af:3a:8f:34:eb:11:fb:9c:e6:da:3c:
17:6b:63:a9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY33lAFRqBjsSaGY8uiZRTQAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzAxMDExNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjBmM2E1NTYzY2Q2ZDUxY2EzOTg4MGMxZTFlYTFhY2ViY2NhYTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZ+XlkXXoOwD7Md/3+1vIB4p1IJs
TudRlJrpy6+UitwbSxkf8Xp9kVRYhRoaUsmZDIk5i6haKln4Yxl3sHVLYYz4C2rk
7UJ1tUPIYYNoRo7MLUZus5SjrYaaqwaZLLKAnIgr8BWL8InnKV3MjNIxtZVQqr61
nlw7fs2D7Go5R4tK6CayWL5dYjsT3lz2OKciCpo/bC7EK00MgA7WT6DFApbkWkHg
gQavciDw3YqnX+BNBPx2ogO8ug0TTaFSh7duQIx7NAvWR5s6r3UJh6b8cUygG7Mx
XrzJ+gB3hPHs6xuWIhqmZqGrb+K02LciczCQu//6TfEfRS+tRaq1+B60XwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMsPOlVjzW1RyjmIDB4eoazrzKqEMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEveXc4NlZXUE5iVkhLT1lnTUhoNmhyT3ZNcW9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABZt34DRllOeKCquY1jB
hwwrSgOQ37I0PIEL2PD6cdMQQn4q5uQgt596o541rErxiUE5anQjNv4CmcbhzsrH
EuAM6ngJFnl3qYiYfaiWU9jKPCTyFmIkchUfTBcLxVv79NmlbtHtdXBMai5Or3yH
PRLFO3w6p80HcfOmDFcCUhXtMEU1viRSNE9Oc4IG5ppE0MPBKpb3MbXKYohTBDUW
kgRRKwOu54sTlPXNUk2tJKgREKrrPZo2cgkw8KfRqODkd9ND4VGqjIGAq6EmhrP/
JoovDBtBvOTYn3gCvlstnDgOf3LVyvP8BElkUlQm5YZuHtavOo806xH7nObaPBdr
Y6k=
-----END CERTIFICATE-----
Generated at Fri Mar 1 07:06:29 2024 by rpki-client on console.sobornost.net