Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4-l0T1K1MpZ_OpBlI5M5IzjhT1k.roa
File: 4-l0T1K1MpZ_OpBlI5M5IzjhT1k.roa (raw, json)
Hash identifier: iLFBCwKykwq5TAU+tsSSJ+CnWhPTafG7jmBuKcKFINk=
Subject key identifier: E3:E9:74:4F:52:B5:32:96:7F:3A:90:65:23:93:39:23:38:E1:4F:59
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CDBE5A08889E5347B6E99B836751144E0
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4-l0T1K1MpZ_OpBlI5M5IzjhT1k.roa
Signing time: Fri 05 Jan 2024 23:11:48 +0000
ROA not before: Fri 05 Jan 2024 23:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:db:e5:a0:88:89:e5:34:7b:6e:99:b8:36:75:11:44:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 5 23:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e3e9744f52b532967f3a90652393392338e14f59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:3a:28:24:cc:8f:15:0f:9c:09:dc:bc:f4:e1:
76:75:51:ec:08:57:a8:72:2a:eb:1a:d8:90:f1:40:
68:06:40:bb:bf:a8:26:eb:2c:b9:6c:59:06:c2:4a:
cb:ad:8d:a1:cf:89:06:6c:5b:ba:02:05:99:9a:79:
6e:fb:c8:43:4d:7c:e3:2c:5c:54:c9:67:e7:42:c1:
22:22:13:37:ee:04:75:04:b1:62:fe:8b:69:8f:6e:
20:25:4f:f6:90:f5:91:db:4b:22:b7:59:cd:e2:55:
83:b7:01:d0:00:e4:26:f6:67:e1:e5:20:a0:9e:d0:
cf:45:19:ad:63:bd:e1:a2:66:ce:34:d1:12:1d:49:
0f:6d:1e:64:bc:20:09:e6:cc:ec:38:2d:6b:77:27:
bc:ea:73:8f:ca:fe:62:e4:6e:ca:7e:6b:58:c3:72:
fc:8e:6a:fc:a6:55:2e:5b:a1:42:5e:aa:80:c6:14:
f6:da:ac:0b:55:3c:58:69:c2:c7:99:82:48:c5:df:
32:c6:46:f8:01:8a:ff:af:c1:b7:dc:12:49:c9:04:
6e:a8:7f:cb:10:84:09:55:47:66:5d:40:f9:34:91:
e7:cc:19:01:91:94:0c:f7:65:bd:ed:39:f7:47:c8:
06:b9:2a:09:bb:d5:9a:78:32:84:dd:55:fc:aa:61:
21:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:E9:74:4F:52:B5:32:96:7F:3A:90:65:23:93:39:23:38:E1:4F:59
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4-l0T1K1MpZ_OpBlI5M5IzjhT1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
76:01:71:04:69:bc:1d:b7:66:a3:64:77:a5:4d:ef:b3:1d:61:
fe:ed:32:ad:40:c9:03:33:6a:02:b9:04:85:78:40:83:7c:c4:
d4:7b:b5:b7:9c:87:84:0e:fc:56:b1:6e:b9:78:43:54:ec:a6:
ef:37:e7:20:dd:94:ca:e9:74:33:60:ad:57:98:51:3f:27:23:
ab:27:27:a6:ed:c1:e9:ac:6a:1a:c9:e2:f1:f2:73:94:a8:a4:
1a:d0:73:b1:b4:30:a5:32:2d:93:8a:e8:d2:fa:c0:8c:db:f3:
60:f8:00:c8:a4:12:1d:1d:bc:83:0a:1f:07:3c:55:f5:23:07:
95:7f:65:f6:29:8d:0c:f8:e4:a5:a8:d0:b1:45:46:b9:ff:11:
02:32:89:b1:56:83:b1:10:41:9f:99:43:e2:ae:88:9d:e7:38:
72:7e:47:df:c6:7c:eb:fe:e3:7e:97:28:23:df:47:50:01:55:
56:31:e5:12:ce:6c:bb:66:7c:43:c5:98:e8:a9:4d:f0:f7:f4:
22:2f:73:e5:66:e5:79:45:55:7c:4c:11:93:44:e5:a6:37:f0:
bb:41:56:13:69:cd:8c:b9:c5:d2:dd:e4:45:12:5d:09:0e:83:
84:1a:08:92:1b:0b:c6:a4:5c:41:48:8b:6b:a4:ed:40:3c:af:
62:c3:fa:54
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzb5aCIieU0e26ZuDZ1EUTgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA1MjMxMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2U5NzQ0ZjUyYjUzMjk2N2YzYTkwNjUyMzkzMzkyMzM4ZTE0ZjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojooJMyPFQ+cCdy89OF2dVHsCFeo
cirrGtiQ8UBoBkC7v6gm6yy5bFkGwkrLrY2hz4kGbFu6AgWZmnlu+8hDTXzjLFxU
yWfnQsEiIhM37gR1BLFi/otpj24gJU/2kPWR20sit1nN4lWDtwHQAOQm9mfh5SCg
ntDPRRmtY73hombONNESHUkPbR5kvCAJ5szsOC1rdye86nOPyv5i5G7KfmtYw3L8
jmr8plUuW6FCXqqAxhT22qwLVTxYacLHmYJIxd8yxkb4AYr/r8G33BJJyQRuqH/L
EIQJVUdmXUD5NJHnzBkBkZQM92W97Tn3R8gGuSoJu9WaeDKE3VX8qmEhVwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOPpdE9StTKWfzqQZSOTOSM44U9ZMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvNC1sMFQxSzFNcFpfT3BCbEk1TTVJempoVDFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHYBcQRpvB23ZqNkd6VN
77MdYf7tMq1AyQMzagK5BIV4QIN8xNR7tbech4QO/Faxbrl4Q1Tspu835yDdlMrp
dDNgrVeYUT8nI6snJ6btwemsahrJ4vHyc5SopBrQc7G0MKUyLZOK6NL6wIzb82D4
AMikEh0dvIMKHwc8VfUjB5V/ZfYpjQz45KWo0LFFRrn/EQIyibFWg7EQQZ+ZQ+Ku
iJ3nOHJ+R9/GfOv+436XKCPfR1ABVVYx5RLObLtmfEPFmOipTfD39CIvc+Vm5XlF
VXxMEZNE5aY38LtBVhNpzYy5xdLd5EUSXQkOg4QaCJIbC8akXEFIi2uk7UA8r2LD
+lQ=
-----END CERTIFICATE-----
Generated at Sat Jan 6 01:57:25 2024 by rpki-client on console.sobornost.net