Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/819TZSgAahNna2a7iT3AZIJx7l8.roa
File: 819TZSgAahNna2a7iT3AZIJx7l8.roa (raw, json)
Hash identifier: O2QA68dsWvXTRbSvuo5x/LrEqXLJkk4pWTz21NFHIxI=
Subject key identifier: F3:5F:53:65:28:00:6A:13:67:6B:66:BB:89:3D:C0:64:82:71:EE:5F
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CC9068AE6C1D1AF838994CEAF32473DD2
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/819TZSgAahNna2a7iT3AZIJx7l8.roa
Signing time: Tue 02 Jan 2024 07:14:58 +0000
ROA not before: Tue 02 Jan 2024 07:14:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:06:8a:e6:c1:d1:af:83:89:94:ce:af:32:47:3d:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 2 07:14:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f35f536528006a13676b66bb893dc0648271ee5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:0b:47:82:22:40:55:c3:36:ca:fd:e3:d2:c6:
25:90:0c:ff:4c:7d:44:39:d0:2e:d3:51:45:6a:36:
fc:78:b5:6f:9a:c8:66:0e:9b:f2:96:8c:6f:d8:d0:
2f:a4:cf:ec:dc:39:ac:48:63:54:c1:d7:7a:16:a7:
14:74:c5:1c:e5:e2:73:29:fc:f6:0b:c4:92:1f:f4:
b1:cb:61:93:13:6d:d8:91:08:a5:1e:b0:ea:80:72:
89:97:49:72:58:a1:32:b2:be:db:03:a1:65:06:2e:
c7:79:ce:2e:84:b7:2d:8d:bb:7d:26:ea:26:da:1b:
e1:a4:6e:6b:9a:1f:1c:4c:d1:ee:eb:31:d4:da:14:
81:20:75:8e:2f:69:51:99:c3:ef:d4:66:8e:6f:ed:
7f:02:a9:30:b5:b4:f8:55:6f:bf:d9:54:61:c8:fa:
58:27:ce:ec:86:ee:4a:5d:f4:14:d0:3a:68:8f:a6:
fe:c5:b2:08:af:05:ae:02:c6:af:4a:d4:58:94:0e:
f0:2b:6b:04:e9:a1:73:21:cd:ab:e4:96:e7:9f:1b:
bd:03:a4:e7:66:b6:34:2d:f9:a1:3e:16:5b:5a:55:
45:3c:24:e1:3e:09:b3:75:f1:e5:41:5d:26:2d:35:
76:d0:19:0c:b6:a8:8f:85:f5:9b:47:1d:70:3a:e3:
81:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:5F:53:65:28:00:6A:13:67:6B:66:BB:89:3D:C0:64:82:71:EE:5F
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/819TZSgAahNna2a7iT3AZIJx7l8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
21:0e:b2:54:15:f5:72:8b:51:cc:fa:81:e8:26:aa:4b:61:02:
de:11:af:f6:fe:c2:19:22:8e:4b:38:88:e1:52:6a:9b:5a:40:
40:87:d3:f0:de:d9:7e:27:0c:98:3a:f6:89:93:1f:02:9b:35:
53:ac:15:d8:3b:ba:94:b5:27:59:4c:f4:0e:01:d4:ac:52:51:
ef:87:b3:be:e7:ac:c9:43:3b:c1:4a:b7:0c:d8:45:33:ea:1b:
47:23:c1:c5:c4:45:f3:d1:88:0a:2b:3d:25:ab:84:37:cb:31:
d8:4a:12:7e:2d:b7:ef:0d:66:11:3e:c1:5c:49:15:27:76:25:
ee:67:4e:49:47:b8:5f:b7:08:c6:0c:cb:74:49:eb:7d:d6:99:
ca:d7:92:5a:6c:3c:f5:e0:fd:8b:ce:b7:c6:e5:00:39:c4:e8:
76:6a:61:e5:a6:84:5e:3c:bd:95:42:7c:58:79:3b:49:da:7f:
b2:2e:71:5f:c7:0a:a4:fd:a9:6c:59:16:eb:30:e0:e8:57:a8:
90:f4:40:44:8a:e9:52:3c:7d:dd:00:a8:f9:e3:77:ca:54:3e:
31:fd:c2:84:d3:f0:d4:4b:a9:8b:49:d6:d6:7c:c1:25:7f:43:
a1:6a:0d:14:21:4c:d2:a6:f1:4f:24:dd:0f:8f:6b:5d:41:b5:
17:9c:cb:96
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzJBormwdGvg4mUzq8yRz3SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTAyMDcxNDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzVmNTM2NTI4MDA2YTEzNjc2YjY2YmI4OTNkYzA2NDgyNzFlZTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowtHgiJAVcM2yv3j0sYlkAz/TH1E
OdAu01FFajb8eLVvmshmDpvyloxv2NAvpM/s3DmsSGNUwdd6FqcUdMUc5eJzKfz2
C8SSH/Sxy2GTE23YkQilHrDqgHKJl0lyWKEysr7bA6FlBi7Hec4uhLctjbt9Juom
2hvhpG5rmh8cTNHu6zHU2hSBIHWOL2lRmcPv1GaOb+1/AqkwtbT4VW+/2VRhyPpY
J87shu5KXfQU0Dpoj6b+xbIIrwWuAsavStRYlA7wK2sE6aFzIc2r5Jbnnxu9A6Tn
ZrY0LfmhPhZbWlVFPCThPgmzdfHlQV0mLTV20BkMtqiPhfWbRx1wOuOBmwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPNfU2UoAGoTZ2tmu4k9wGSCce5fMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvODE5VFpTZ0FhaE5uYTJhN2lUM0FaSUp4N2w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACEOslQV9XKLUcz6gegm
qkthAt4Rr/b+whkijks4iOFSaptaQECH0/De2X4nDJg69omTHwKbNVOsFdg7upS1
J1lM9A4B1KxSUe+Hs77nrMlDO8FKtwzYRTPqG0cjwcXERfPRiAorPSWrhDfLMdhK
En4tt+8NZhE+wVxJFSd2Je5nTklHuF+3CMYMy3RJ633WmcrXklpsPPXg/YvOt8bl
ADnE6HZqYeWmhF48vZVCfFh5O0naf7IucV/HCqT9qWxZFusw4OhXqJD0QESK6VI8
fd0AqPnjd8pUPjH9woTT8NRLqYtJ1tZ8wSV/Q6FqDRQhTNKm8U8k3Q+Pa11BtRec
y5Y=
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:15:01 2024 by rpki-client on console.sobornost.net