Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2haSDjbldHSUMSCEp5q2KpY_xds.roa
File: 2haSDjbldHSUMSCEp5q2KpY_xds.roa (raw, json)
Hash identifier: HXpTwDm4vGrtsq2BH9VC7km08+sogxhpuokWxLKbAaY=
Subject key identifier: DA:16:92:0E:36:E5:74:74:94:31:20:84:A7:9A:B6:2A:96:3F:C5:DB
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CEC6C29D9C5D1467403812367657B14B0
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2haSDjbldHSUMSCEp5q2KpY_xds.roa
Signing time: Tue 09 Jan 2024 04:12:40 +0000
ROA not before: Tue 09 Jan 2024 04:12:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 09 Jan 2024 05:04:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ec:6c:29:d9:c5:d1:46:74:03:81:23:67:65:7b:14:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 9 04:12:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da16920e36e5747494312084a79ab62a963fc5db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f2:63:85:3d:3f:ff:67:e5:75:26:9a:0e:18:
b9:a8:0c:be:ed:2a:6e:99:83:87:f7:e9:1a:14:df:
d2:42:ec:a9:e7:84:15:b6:41:06:df:41:a8:b9:b0:
8c:59:c2:b3:b6:ec:e2:62:bf:c0:f0:04:fe:f9:6c:
9f:72:ec:cf:e6:2f:6e:76:48:15:cd:f5:b9:c9:8c:
6e:5b:ba:c6:ff:72:b4:13:fa:3b:94:b4:43:29:18:
8e:6d:10:a4:97:7f:d9:81:b4:f3:2c:b3:7b:e0:6b:
3a:3c:f1:84:97:5f:4c:3c:39:27:72:95:2f:03:42:
06:a4:1c:6d:80:a6:bb:9d:f3:bc:d6:cc:e2:95:f0:
39:82:5c:85:e6:9c:d1:4d:ee:bf:24:a6:44:fd:6e:
e8:65:4b:0e:ec:33:f6:1a:ff:bb:ff:f8:1b:dc:40:
85:39:6c:2f:9a:21:7e:1f:44:92:ee:0a:0b:b0:a0:
6e:ec:5f:a0:d8:68:73:02:a8:d0:b1:68:59:17:2a:
e1:9d:13:c5:08:75:02:98:06:79:01:f7:10:1c:90:
4c:d6:a2:6d:45:08:67:7a:d0:db:1a:36:5e:0d:79:
9a:6a:2b:42:35:18:16:d0:25:51:90:03:7c:a8:58:
b1:41:a4:16:d6:e7:b9:61:65:f9:9d:4d:e5:02:be:
84:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:16:92:0E:36:E5:74:74:94:31:20:84:A7:9A:B6:2A:96:3F:C5:DB
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2haSDjbldHSUMSCEp5q2KpY_xds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
12:01:a0:dc:16:59:0d:9e:ec:58:6d:2e:c7:86:5d:30:2c:de:
3b:cc:a2:16:21:b7:44:48:3d:1e:6b:40:6b:5e:0c:8f:74:dc:
a4:f7:2b:2f:f9:36:ce:6a:ad:c1:10:a5:0a:39:cf:1a:9b:b9:
45:38:3d:9a:27:53:2f:ea:67:a4:c2:03:04:57:90:f3:d5:d4:
2f:c6:ab:70:d9:d6:c4:02:3a:ee:18:44:8f:04:79:10:d1:5e:
9f:e0:7e:3b:8f:5a:6e:43:77:ab:c8:b9:a7:ab:d0:69:f5:a9:
9d:90:c5:7b:fb:30:a3:f7:17:7a:6f:e6:af:9c:98:8b:49:f1:
03:60:3d:64:3f:b6:1b:d1:4f:27:6c:9c:f1:f1:07:bd:21:46:
e6:3c:89:6a:c4:cd:94:63:5d:0d:7b:71:91:31:0e:88:05:2f:
6b:2b:ad:17:2f:78:42:a2:8a:3d:ab:29:c1:cc:30:d2:9d:83:
28:4d:f9:d0:5f:4c:82:b4:0c:5a:98:82:e6:5f:03:4b:65:8c:
eb:64:48:a6:04:77:3c:04:b2:6c:4d:9e:c8:43:f9:82:65:06:
54:f1:5e:de:6e:60:22:a4:89:f7:42:f3:77:fb:cb:68:64:b2:
50:f2:ca:44:f1:b6:da:9c:8c:20:9e:51:3d:15:64:82:8f:f7:
58:9d:69:4e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzsbCnZxdFGdAOBI2dlexSwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA5MDQxMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTE2OTIwZTM2ZTU3NDc0OTQzMTIwODRhNzlhYjYyYTk2M2ZjNWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/JjhT0//2fldSaaDhi5qAy+7Spu
mYOH9+kaFN/SQuyp54QVtkEG30GoubCMWcKztuziYr/A8AT++WyfcuzP5i9udkgV
zfW5yYxuW7rG/3K0E/o7lLRDKRiObRCkl3/ZgbTzLLN74Gs6PPGEl19MPDkncpUv
A0IGpBxtgKa7nfO81szilfA5glyF5pzRTe6/JKZE/W7oZUsO7DP2Gv+7//gb3ECF
OWwvmiF+H0SS7goLsKBu7F+g2GhzAqjQsWhZFyrhnRPFCHUCmAZ5AfcQHJBM1qJt
RQhnetDbGjZeDXmaaitCNRgW0CVRkAN8qFixQaQW1ue5YWX5nU3lAr6E6wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNoWkg425XR0lDEghKeatiqWP8XbMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMmhhU0RqYmxkSFNVTVNDRXA1cTJLcFlfeGRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABIBoNwWWQ2e7FhtLseG
XTAs3jvMohYht0RIPR5rQGteDI903KT3Ky/5Ns5qrcEQpQo5zxqbuUU4PZonUy/q
Z6TCAwRXkPPV1C/Gq3DZ1sQCOu4YRI8EeRDRXp/gfjuPWm5Dd6vIuaer0Gn1qZ2Q
xXv7MKP3F3pv5q+cmItJ8QNgPWQ/thvRTydsnPHxB70hRuY8iWrEzZRjXQ17cZEx
DogFL2srrRcveEKiij2rKcHMMNKdgyhN+dBfTIK0DFqYguZfA0tljOtkSKYEdzwE
smxNnshD+YJlBlTxXt5uYCKkifdC83f7y2hkslDyykTxttqcjCCeUT0VZIKP91id
aU4=
-----END CERTIFICATE-----
Generated at Tue Jan 9 07:58:45 2024 by rpki-client on console.sobornost.net