Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2HOkytNCj3spzToeeWDyzg6R5pE.roa
File: 2HOkytNCj3spzToeeWDyzg6R5pE.roa (raw, json)
Hash identifier: miwK/BynAwlC+jgf49kspN/12hRr3jOear23RX4YMQY=
Subject key identifier: D8:73:A4:CA:D3:42:8F:7B:29:CD:3A:1E:79:60:F2:CE:0E:91:E6:91
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CB57D0383867F97F4EBCCE79FEA2042A2
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2HOkytNCj3spzToeeWDyzg6R5pE.roa
Signing time: Fri 29 Dec 2023 12:11:58 +0000
ROA not before: Fri 29 Dec 2023 12:11:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b5:7d:03:83:86:7f:97:f4:eb:cc:e7:9f:ea:20:42:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 29 12:11:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d873a4cad3428f7b29cd3a1e7960f2ce0e91e691
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:cc:de:59:76:a2:d0:20:54:7e:4e:83:d1:15:
27:e3:0f:87:98:7a:82:34:d7:60:16:97:8d:d4:0b:
d1:3a:a7:7c:23:b5:ec:1c:82:16:34:4f:ad:9a:0a:
08:ba:cf:e6:ab:10:0d:f0:39:3f:3f:78:c7:4c:07:
80:28:7e:c7:55:48:a4:82:62:47:cf:c0:cc:b8:c3:
23:19:39:f6:ba:da:47:04:0c:d8:c5:c1:bc:d3:1c:
64:e1:47:b6:3b:42:b5:c5:5a:ef:41:0f:5a:48:63:
fa:e6:76:ed:85:55:e7:ff:cb:16:5c:0c:84:a2:66:
a5:ab:bb:0e:c7:e9:a5:4f:3b:dc:65:6a:e4:33:21:
2e:f3:99:31:59:19:a7:47:d2:25:6c:d2:62:74:23:
b9:cd:3b:f6:1e:08:df:24:83:75:76:73:bd:ce:49:
8f:b9:54:58:d3:af:1f:85:48:50:88:1e:4a:4c:d8:
48:06:66:3f:a4:85:9e:21:c7:fa:37:5f:83:94:3f:
20:7d:5b:49:3b:57:f8:e2:b0:1e:c9:a2:5d:6a:26:
b3:e4:e2:d4:9d:11:b7:8f:fe:c8:a1:29:de:5c:7d:
8b:49:dd:49:12:b9:b1:e7:1d:1c:07:46:59:41:20:
bf:2a:87:3b:51:40:10:ad:de:ff:8c:a6:b5:95:fd:
38:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:73:A4:CA:D3:42:8F:7B:29:CD:3A:1E:79:60:F2:CE:0E:91:E6:91
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2HOkytNCj3spzToeeWDyzg6R5pE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5e:15:12:d2:54:35:cf:ac:17:11:24:91:cf:0a:97:41:37:bd:
0f:3c:2b:66:3d:38:5b:8c:37:4e:d1:ff:e7:a2:09:ec:9f:48:
30:a1:ef:15:da:0a:1e:e7:b0:2b:f5:72:b1:1d:db:67:81:3b:
4f:dc:dc:e3:42:96:4f:d9:6e:af:a1:f8:a4:db:17:cf:71:32:
74:33:8c:3b:63:41:90:aa:14:29:76:a3:e5:c5:74:51:37:a5:
73:b1:27:a4:f2:ed:50:b3:82:68:33:be:aa:72:36:9a:3e:9b:
b6:89:90:60:b3:4a:57:56:7a:4c:77:57:73:e6:02:15:a1:bb:
66:a6:b6:6e:6e:ce:49:9c:c0:b0:2a:1d:0b:21:eb:09:9b:c5:
c3:3a:3a:55:52:98:e9:9b:1d:7e:5c:70:ae:39:bc:96:31:6a:
ad:62:a6:14:28:99:cf:4c:58:1a:2e:b6:69:4b:c4:e3:35:62:
0f:b9:e1:1e:5b:b0:3a:d9:9d:b9:ae:e0:74:de:72:97:a8:ae:
76:39:59:e7:08:da:43:02:b2:91:c4:32:f1:80:fb:87:cf:ba:
fe:a3:a6:d4:80:a3:7b:b9:bc:4c:d4:14:da:91:c5:61:51:c5:
39:f6:23:a4:de:b6:5a:f8:11:72:fb:53:7a:e4:18:86:a9:ff:
34:a8:27:e9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYy1fQODhn+X9OvM55/qIEKiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI5MTIxMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODczYTRjYWQzNDI4ZjdiMjljZDNhMWU3OTYwZjJjZTBlOTFlNjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMzeWXai0CBUfk6D0RUn4w+HmHqC
NNdgFpeN1AvROqd8I7XsHIIWNE+tmgoIus/mqxAN8Dk/P3jHTAeAKH7HVUikgmJH
z8DMuMMjGTn2utpHBAzYxcG80xxk4Ue2O0K1xVrvQQ9aSGP65nbthVXn/8sWXAyE
omalq7sOx+mlTzvcZWrkMyEu85kxWRmnR9IlbNJidCO5zTv2HgjfJIN1dnO9zkmP
uVRY068fhUhQiB5KTNhIBmY/pIWeIcf6N1+DlD8gfVtJO1f44rAeyaJdaiaz5OLU
nRG3j/7IoSneXH2LSd1JErmx5x0cB0ZZQSC/Koc7UUAQrd7/jKa1lf046QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNhzpMrTQo97Kc06Hnlg8s4OkeaRMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMkhPa3l0TkNqM3NwelRvZWVXRHl6ZzZSNXBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF4VEtJUNc+sFxEkkc8K
l0E3vQ88K2Y9OFuMN07R/+eiCeyfSDCh7xXaCh7nsCv1crEd22eBO0/c3ONClk/Z
bq+h+KTbF89xMnQzjDtjQZCqFCl2o+XFdFE3pXOxJ6Ty7VCzgmgzvqpyNpo+m7aJ
kGCzSldWekx3V3PmAhWhu2amtm5uzkmcwLAqHQsh6wmbxcM6OlVSmOmbHX5ccK45
vJYxaq1iphQomc9MWBoutmlLxOM1Yg+54R5bsDrZnbmu4HTecpeornY5WecI2kMC
spHEMvGA+4fPuv6jptSAo3u5vEzUFNqRxWFRxTn2I6Tetlr4EXL7U3rkGIap/zSo
J+k=
-----END CERTIFICATE-----
Generated at Fri Dec 29 15:36:25 2023 by rpki-client on console.sobornost.net