Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/8r4a5tR1-sAoJXfmAMbypXrIjS8.roa
File: 8r4a5tR1-sAoJXfmAMbypXrIjS8.roa (raw, json)
Hash identifier: 5yUphak0+Yj1bAVlttOvsFTECfMAxAurUCtGUCMgnIo=
Subject key identifier: F2:BE:1A:E6:D4:75:FA:C0:28:25:77:E6:00:C6:F2:A5:7A:C8:8D:2F
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CDA68C4422CDD2B1820287A79E069317B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/8r4a5tR1-sAoJXfmAMbypXrIjS8.roa
Signing time: Fri 05 Jan 2024 16:15:48 +0000
ROA not before: Fri 05 Jan 2024 16:15:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:da:68:c4:42:2c:dd:2b:18:20:28:7a:79:e0:69:31:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 5 16:15:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2be1ae6d475fac0282577e600c6f2a57ac88d2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:6e:8b:d1:9c:bf:d2:18:09:b4:f1:71:db:54:
14:e9:f6:03:d8:5b:0d:0d:fd:de:42:bb:a9:b9:51:
e1:d1:43:c0:06:b4:cc:b0:6b:ed:dc:8d:08:cb:84:
27:11:b9:13:b7:bf:af:ef:68:cd:30:1e:35:55:f3:
10:48:15:4b:38:f4:e3:85:fe:73:b9:1f:76:ab:d3:
a2:f2:4e:88:fa:15:d0:a4:90:85:4e:df:99:97:1b:
78:8b:67:13:8d:e0:23:0d:f1:0e:a5:6f:06:ec:ef:
08:d9:79:89:21:2b:40:3d:ce:57:db:72:ea:fc:73:
45:7b:5c:8a:a9:6a:44:f6:d4:fc:93:b4:9f:5d:e8:
40:b9:f5:9f:e3:1e:28:d8:85:77:b9:62:06:cc:26:
a2:35:02:bb:53:68:32:37:d9:94:a1:aa:59:51:6f:
5b:b1:fc:17:47:6a:57:68:b2:0c:57:17:8f:26:9c:
2d:0e:dd:b0:35:74:86:5b:84:29:61:80:a6:03:99:
14:42:26:85:f5:d5:07:ec:2d:bc:f0:51:3d:66:7d:
0b:5b:96:32:1b:69:26:8f:62:79:7c:b7:60:34:6f:
d5:ff:2c:c2:bc:a8:5b:b0:cc:d2:66:ad:3f:43:2b:
57:e1:ce:36:59:03:d5:25:2a:22:f4:84:98:a9:ab:
e3:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:BE:1A:E6:D4:75:FA:C0:28:25:77:E6:00:C6:F2:A5:7A:C8:8D:2F
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/8r4a5tR1-sAoJXfmAMbypXrIjS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
62:42:46:82:08:ed:c2:5a:db:a0:ed:40:bc:9d:a0:bb:09:8e:
6a:0a:04:bc:6a:af:ed:ac:6e:5d:9a:92:c9:1f:02:45:89:42:
22:6e:4d:7c:61:0f:f8:c7:fb:97:85:0a:bf:41:32:1c:57:ff:
69:e7:14:36:5b:d0:be:cc:0f:b3:9a:29:76:80:91:01:1a:58:
5c:75:c8:87:e9:a2:42:d2:76:65:a5:43:d5:22:7c:13:7a:ee:
77:7d:52:ad:8b:5f:04:d2:46:fa:2b:db:8c:63:33:83:19:47:
e7:a2:83:4d:0e:af:1d:03:95:51:57:7c:91:c2:d8:f8:3e:09:
6a:a7:83:a9:b6:6b:3d:63:dd:c4:0f:9a:5b:29:2e:78:bc:f3:
d5:8c:69:5a:50:cb:98:80:28:2f:84:06:b4:a7:75:a7:a7:5a:
6e:65:6e:ff:48:70:0e:66:b1:e2:de:2a:67:04:0a:d4:f9:95:
59:90:aa:64:d6:65:1e:09:93:fd:67:41:fb:2c:ab:78:f4:de:
52:75:8d:3b:37:d0:33:ec:87:30:33:8a:b7:b1:30:c7:8b:58:
d1:60:01:e9:53:30:bd:a2:19:43:58:fb:fd:42:c7:ad:9a:b3:
03:b8:ef:e0:eb:75:9d:76:02:87:46:59:64:81:a3:e0:0d:93:
89:7c:ee:f4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzaaMRCLN0rGCAoenngaTF7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA1MTYxNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmJlMWFlNmQ0NzVmYWMwMjgyNTc3ZTYwMGM2ZjJhNTdhYzg4ZDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu26L0Zy/0hgJtPFx21QU6fYD2FsN
Df3eQrupuVHh0UPABrTMsGvt3I0Iy4QnEbkTt7+v72jNMB41VfMQSBVLOPTjhf5z
uR92q9Oi8k6I+hXQpJCFTt+Zlxt4i2cTjeAjDfEOpW8G7O8I2XmJIStAPc5X23Lq
/HNFe1yKqWpE9tT8k7SfXehAufWf4x4o2IV3uWIGzCaiNQK7U2gyN9mUoapZUW9b
sfwXR2pXaLIMVxePJpwtDt2wNXSGW4QpYYCmA5kUQiaF9dUH7C288FE9Zn0LW5Yy
G2kmj2J5fLdgNG/V/yzCvKhbsMzSZq0/QytX4c42WQPVJSoi9ISYqavjgwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPK+GubUdfrAKCV35gDG8qV6yI0vMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvOHI0YTV0UjEtc0FvSlhmbUFNYnlwWHJJalM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGJCRoII7cJa26DtQLyd
oLsJjmoKBLxqr+2sbl2akskfAkWJQiJuTXxhD/jH+5eFCr9BMhxX/2nnFDZb0L7M
D7OaKXaAkQEaWFx1yIfpokLSdmWlQ9UifBN67nd9Uq2LXwTSRvor24xjM4MZR+ei
g00Orx0DlVFXfJHC2Pg+CWqng6m2az1j3cQPmlspLni889WMaVpQy5iAKC+EBrSn
daenWm5lbv9IcA5mseLeKmcECtT5lVmQqmTWZR4Jk/1nQfssq3j03lJ1jTs30DPs
hzAzirexMMeLWNFgAelTML2iGUNY+/1Cx62aswO47+DrdZ12AodGWWSBo+ANk4l8
7vQ=
Generated at Fri Jan 5 19:38:16 2024 by rpki-client on console.sobornost.net