Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1rkZgkRjYbL9tPbwEf54A98drAI.roa
File: 1rkZgkRjYbL9tPbwEf54A98drAI.roa (raw, json)
Hash identifier: 4d1eXS0a3NIZ4kPFVAWKbmhoAhR/aaQMnY6wFBjS+fM=
Subject key identifier: D6:B9:19:82:44:63:61:B2:FD:B4:F6:F0:11:FE:78:03:DF:1D:AC:02
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CC895059ABB599715C0EC4E21DF1ADBE5
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1rkZgkRjYbL9tPbwEf54A98drAI.roa
Signing time: Tue 02 Jan 2024 05:10:58 +0000
ROA not before: Tue 02 Jan 2024 05:10:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:95:05:9a:bb:59:97:15:c0:ec:4e:21:df:1a:db:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 2 05:10:58 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6b91982446361b2fdb4f6f011fe7803df1dac02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:72:de:36:0c:de:87:36:b4:bf:e8:64:c2:50:
2b:e0:d8:28:d4:90:17:12:74:56:8f:ee:68:6f:a3:
69:e0:36:eb:02:2d:9b:86:bd:60:b3:56:cb:97:eb:
5b:07:a7:5c:ef:c0:24:f5:f2:f6:c3:ef:67:21:fa:
d3:3d:0f:bc:4a:b6:f6:96:7f:7a:86:fe:84:5e:ab:
b5:2f:75:9b:ba:41:37:45:23:8f:83:d7:90:21:4b:
aa:6b:37:22:3f:94:58:8b:4a:a3:b7:e6:71:97:97:
c2:c5:0b:e4:67:1d:fd:5e:83:f8:2e:a2:f7:87:db:
40:7f:72:8d:b7:b6:33:4f:c6:de:6f:e4:34:6d:da:
10:e4:81:d6:95:e9:c8:dd:2e:45:39:37:fa:ac:05:
95:11:56:c3:5e:dd:bf:83:78:d1:7a:97:1f:4e:62:
ba:41:5d:b6:cb:32:78:4a:96:d3:63:d4:f0:76:07:
0c:9a:19:83:e2:8e:d0:f5:15:4a:40:54:d7:b7:5f:
29:2b:06:09:a4:2e:48:b2:94:ee:fa:4b:27:44:a0:
c4:18:b7:04:7d:6c:32:78:d3:25:ca:78:2b:d5:50:
6c:bd:87:1c:93:42:ed:13:d5:99:7c:09:36:0d:41:
7b:87:88:d4:12:53:42:04:a3:e2:61:b7:9f:00:c5:
98:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:B9:19:82:44:63:61:B2:FD:B4:F6:F0:11:FE:78:03:DF:1D:AC:02
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1rkZgkRjYbL9tPbwEf54A98drAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
85:bb:9d:0b:6a:9b:9a:6c:f5:b8:23:a5:d3:d5:aa:50:d2:37:
19:5d:ab:b2:ff:52:22:9d:27:a4:c6:bb:31:70:1b:5c:67:95:
5e:ce:c0:3f:20:0a:91:58:c2:c4:c8:ca:37:37:cf:81:90:01:
e7:71:dc:88:aa:93:10:13:0b:75:85:bc:af:ea:65:8a:85:90:
32:f7:66:83:9f:c9:15:76:98:c7:b2:0c:57:2d:09:69:09:6f:
18:16:fd:74:85:cb:1c:ce:85:a0:25:7e:6d:72:f0:c2:64:5d:
2f:5d:e0:04:06:2b:10:44:f2:eb:f4:17:2a:0e:ef:31:b7:ea:
34:31:b5:86:6c:b6:59:7d:01:98:d5:f1:b5:59:a1:76:8e:7f:
51:27:c5:05:45:1e:f5:8c:4d:42:b1:8c:94:a7:17:64:51:75:
24:aa:60:52:8b:b5:63:5e:b4:77:2b:ce:5c:9c:dd:f2:22:58:
90:a7:f6:67:c4:9f:90:a1:a8:a7:78:15:97:9d:8c:8a:b5:a4:
68:bd:aa:0e:00:d3:a8:0d:75:b9:a7:c9:57:8a:f3:bb:0f:2b:
d2:d7:11:63:cc:47:df:f9:7d:a2:65:87:c1:bc:d3:a3:58:3d:
92:aa:38:83:da:3c:e0:82:01:d5:ae:f6:cf:5b:3d:d2:07:f5:
61:45:e8:b5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzIlQWau1mXFcDsTiHfGtvlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTAyMDUxMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmI5MTk4MjQ0NjM2MWIyZmRiNGY2ZjAxMWZlNzgwM2RmMWRhYzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXLeNgzehza0v+hkwlAr4Ngo1JAX
EnRWj+5ob6Np4DbrAi2bhr1gs1bLl+tbB6dc78Ak9fL2w+9nIfrTPQ+8Srb2ln96
hv6EXqu1L3WbukE3RSOPg9eQIUuqazciP5RYi0qjt+Zxl5fCxQvkZx39XoP4LqL3
h9tAf3KNt7YzT8beb+Q0bdoQ5IHWlenI3S5FOTf6rAWVEVbDXt2/g3jRepcfTmK6
QV22yzJ4SpbTY9TwdgcMmhmD4o7Q9RVKQFTXt18pKwYJpC5IspTu+ksnRKDEGLcE
fWwyeNMlyngr1VBsvYcck0LtE9WZfAk2DUF7h4jUElNCBKPiYbefAMWYKwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNa5GYJEY2Gy/bT28BH+eAPfHawCMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMXJrWmdrUmpZYkw5dFBid0VmNTRBOThkckFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIW7nQtqm5ps9bgjpdPV
qlDSNxldq7L/UiKdJ6TGuzFwG1xnlV7OwD8gCpFYwsTIyjc3z4GQAedx3IiqkxAT
C3WFvK/qZYqFkDL3ZoOfyRV2mMeyDFctCWkJbxgW/XSFyxzOhaAlfm1y8MJkXS9d
4AQGKxBE8uv0FyoO7zG36jQxtYZstll9AZjV8bVZoXaOf1EnxQVFHvWMTUKxjJSn
F2RRdSSqYFKLtWNetHcrzlyc3fIiWJCn9mfEn5ChqKd4FZedjIq1pGi9qg4A06gN
dbmnyVeK87sPK9LXEWPMR9/5faJlh8G806NYPZKqOIPaPOCCAdWu9s9bPdIH9WFF
6LU=
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:14:36 2024 by rpki-client on console.sobornost.net