Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ywaFE0WV6OGPiu4uCYg5Z8GDd_M.roa
File: ywaFE0WV6OGPiu4uCYg5Z8GDd_M.roa (raw, json)
Hash identifier: 3ECDIGDdMDw6J6Cm5S5u1ENM2aZvTMfHvk3IrksefX0=
Subject key identifier: CB:06:85:13:45:95:E8:E1:8F:8A:EE:2E:09:88:39:67:C1:83:77:F3
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E7698BCBD1605D4C1685370E6DE3A663D
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ywaFE0WV6OGPiu4uCYg5Z8GDd_M.roa
Signing time: Mon 25 Mar 2024 17:11:45 +0000
ROA not before: Mon 25 Mar 2024 17:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 25 Mar 2024 18:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:76:98:bc:bd:16:05:d4:c1:68:53:70:e6:de:3a:66:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 25 17:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb0685134595e8e18f8aee2e09883967c18377f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:c1:be:7f:5d:bb:a9:33:e3:48:aa:c0:0f:57:
70:b3:de:f7:8a:57:43:c0:ad:18:bb:0c:05:e7:34:
a0:5e:32:00:e2:58:52:c2:3c:59:cf:2e:96:af:b6:
3e:8b:e0:6b:c8:83:e9:6c:7b:ec:f6:87:04:7b:97:
a2:bc:50:17:2a:38:30:e8:2a:67:a6:23:97:15:35:
31:8a:4c:45:b6:91:4f:f8:3b:25:b1:0b:e6:ae:0a:
e9:e0:85:f2:92:18:eb:04:11:09:66:4a:c0:07:d4:
f2:44:cc:c1:69:d3:ec:6f:76:9c:68:1f:0c:eb:09:
73:f7:cb:e8:72:ed:66:44:24:df:17:61:8c:4c:59:
69:f8:66:7d:d8:a8:14:bb:7e:c6:62:c6:de:06:d1:
44:ef:6a:d2:2c:6f:0a:71:f6:e8:2c:67:7a:23:69:
fd:d6:12:7b:ef:ba:2f:56:35:70:dd:e1:6a:2c:16:
fb:5e:c0:f4:83:6b:ba:bd:a4:89:35:36:22:32:1f:
be:69:bc:c6:27:1e:4b:8c:65:a4:00:04:26:45:f7:
17:b4:b6:e1:4a:2d:7d:d1:24:98:69:c2:f5:34:b6:
0d:49:3f:d3:80:fc:be:7c:2c:ba:ff:e6:b6:3b:06:
43:2f:8e:de:46:84:e2:ee:b8:ac:e4:cd:f8:b9:d5:
7c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:06:85:13:45:95:E8:E1:8F:8A:EE:2E:09:88:39:67:C1:83:77:F3
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ywaFE0WV6OGPiu4uCYg5Z8GDd_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
65:5a:20:49:bc:a1:d0:32:4a:f7:f4:c0:26:53:f5:3d:03:e4:
4b:f5:81:44:83:48:63:04:c2:73:93:d4:f5:58:a9:b6:45:a9:
87:61:25:01:24:02:b9:37:c8:ac:f3:65:ad:55:8c:13:eb:c4:
8c:d5:29:9c:90:44:3d:d2:ac:52:10:05:8c:2e:60:77:9f:39:
fb:18:b6:db:62:79:07:7c:88:7f:4f:aa:16:eb:aa:5b:c0:60:
59:35:45:37:90:3d:a2:d1:ec:fb:a4:2b:cb:e9:5c:86:93:2c:
37:aa:61:00:80:82:5c:1c:1c:c5:62:04:03:20:37:7e:f4:f4:
fd:31:94:38:fb:3c:44:f5:55:6d:25:d5:8f:7f:4e:db:af:b5:
bc:ad:73:37:c0:62:0f:23:52:1f:71:24:b2:5e:43:fb:68:c2:
44:f9:d2:a9:75:67:15:18:e5:1f:82:f8:8e:5c:4e:0c:95:8d:
16:63:96:d9:bc:c4:1d:f8:9e:be:f3:a0:68:02:84:fd:a4:25:
8f:a0:32:5e:e5:b0:cb:14:f9:a8:71:5e:3d:89:ef:07:46:09:
c5:00:7a:6f:4c:34:39:ae:21:83:53:77:63:a1:2b:b0:2a:4f:
4c:a2:f1:dd:68:f3:79:9e:e2:90:39:10:f0:db:e4:10:7e:55:
89:e1:50:5f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY52mLy9FgXUwWhTcObeOmY9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI1MTcxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjA2ODUxMzQ1OTVlOGUxOGY4YWVlMmUwOTg4Mzk2N2MxODM3N2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8G+f127qTPjSKrAD1dws973ildD
wK0YuwwF5zSgXjIA4lhSwjxZzy6Wr7Y+i+BryIPpbHvs9ocEe5eivFAXKjgw6Cpn
piOXFTUxikxFtpFP+DslsQvmrgrp4IXykhjrBBEJZkrAB9TyRMzBadPsb3acaB8M
6wlz98vocu1mRCTfF2GMTFlp+GZ92KgUu37GYsbeBtFE72rSLG8KcfboLGd6I2n9
1hJ777ovVjVw3eFqLBb7XsD0g2u6vaSJNTYiMh++abzGJx5LjGWkAAQmRfcXtLbh
Si190SSYacL1NLYNST/TgPy+fCy6/+a2OwZDL47eRoTi7ris5M34udV8eQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMsGhRNFlejhj4ruLgmIOWfBg3fzMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEveXdhRkUwV1Y2T0dQaXU0dUNZZzVaOEdEZF9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGVaIEm8odAySvf0wCZT
9T0D5Ev1gUSDSGMEwnOT1PVYqbZFqYdhJQEkArk3yKzzZa1VjBPrxIzVKZyQRD3S
rFIQBYwuYHefOfsYtttieQd8iH9PqhbrqlvAYFk1RTeQPaLR7PukK8vpXIaTLDeq
YQCAglwcHMViBAMgN3709P0xlDj7PET1VW0l1Y9/TtuvtbytczfAYg8jUh9xJLJe
Q/towkT50ql1ZxUY5R+C+I5cTgyVjRZjltm8xB34nr7zoGgChP2kJY+gMl7lsMsU
+ahxXj2J7wdGCcUAem9MNDmuIYNTd2OhK7AqT0yi8d1o83me4pA5EPDb5BB+VYnh
UF8=
-----END CERTIFICATE-----
Generated at Mon Mar 25 23:33:21 2024 by rpki-client on console.sobornost.net