Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9ZsRyanj0SWfZeniMuRi308NZms.roa
File: 9ZsRyanj0SWfZeniMuRi308NZms.roa (raw, json)
Hash identifier: HZ4D0QNDssckSsh8s7O57gKjzCtCgLRzWgV08Punyhk=
Subject key identifier: F5:9B:11:C9:A9:E3:D1:25:9F:65:E9:E2:32:E4:62:DF:4F:0D:66:6B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CE09E1EFA9D33029F87DEE58EAEB43EFE
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9ZsRyanj0SWfZeniMuRi308NZms.roa
Signing time: Sat 06 Jan 2024 21:11:48 +0000
ROA not before: Sat 06 Jan 2024 21:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 06 Jan 2024 22:06:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e0:9e:1e:fa:9d:33:02:9f:87:de:e5:8e:ae:b4:3e:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 6 21:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f59b11c9a9e3d1259f65e9e232e462df4f0d666b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:30:8a:e0:e3:f5:2c:7a:7d:b4:bf:26:06:9d:
7d:4f:03:97:2b:51:5a:cc:96:c9:f3:ab:88:64:0a:
9b:3d:ba:50:ed:74:23:6b:10:53:30:b0:40:eb:92:
a4:3c:2f:e4:64:ec:e4:86:6e:60:fa:ce:be:b0:b2:
cf:75:36:7a:3e:c6:16:d5:8c:0c:47:09:4e:68:ff:
dd:99:27:96:0f:63:cd:0b:b8:60:73:73:3d:55:a6:
e0:85:b7:94:09:d6:6c:f3:df:d1:b7:bd:ac:09:8d:
fd:45:c3:8d:30:ce:38:03:ab:8a:85:c8:78:9d:da:
c2:a0:8c:b8:8e:21:61:93:db:f9:59:9c:cf:2b:bc:
e4:7a:de:68:de:8a:47:51:dc:9e:c6:46:86:8b:8a:
c9:b9:82:77:26:5b:8d:fb:a8:63:de:0b:f5:44:d7:
30:9e:16:88:29:80:c9:70:05:13:ee:a7:80:8d:fa:
ea:09:aa:3d:52:86:12:9c:9c:28:64:5a:d0:5d:74:
00:5a:3a:06:ef:10:9d:55:30:6f:55:69:ef:75:43:
2a:fa:30:7d:cd:ce:16:21:50:f6:b3:65:3b:2e:dd:
f1:05:24:28:86:f6:f3:c4:d7:af:b6:50:91:ff:22:
59:3c:25:67:23:60:7f:f6:ab:79:e3:ab:31:f4:fa:
e7:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:9B:11:C9:A9:E3:D1:25:9F:65:E9:E2:32:E4:62:DF:4F:0D:66:6B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9ZsRyanj0SWfZeniMuRi308NZms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6f:28:33:71:77:a3:33:25:28:a4:cc:d1:ad:cc:b3:11:71:7b:
9f:b9:bb:2a:ce:a4:1a:b7:65:14:62:eb:55:54:d6:71:3b:0d:
4d:ab:c3:d6:a6:bf:bc:1b:9f:ed:76:d5:89:91:7a:9b:19:1f:
f4:c8:84:d8:72:e9:d2:37:78:f8:2b:26:cf:46:8d:18:68:a7:
64:7d:b9:dd:4e:38:42:48:6a:8f:e6:e9:27:79:8b:78:01:7c:
d1:36:88:37:41:c8:6c:6d:5b:94:4e:ac:16:ce:65:e0:ec:ff:
84:74:b7:2a:c3:5c:40:66:ca:fa:5f:26:e8:1f:86:27:81:bd:
1b:36:18:68:79:21:e0:a2:d6:f7:55:83:79:e0:88:60:ca:4d:
da:9a:99:5b:35:1b:a0:ed:f4:02:5d:bc:bd:26:f3:f2:cf:f7:
ea:ef:89:33:c9:64:f4:86:5d:f7:14:79:3c:d9:76:a5:3a:5d:
5e:ed:ea:c8:85:4e:7d:32:2f:3a:ef:3f:16:c0:2a:99:fe:c4:
57:6a:c7:92:ca:b1:7a:42:bc:c5:07:6c:44:a8:ec:4d:de:fc:
5c:21:0a:1b:04:dc:4e:62:54:66:fb:09:0a:fa:24:66:02:d0:
e0:63:4f:ac:ce:a9:ac:18:82:25:7d:53:f0:06:7a:00:f8:36:
89:55:ed:cd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzgnh76nTMCn4fe5Y6utD7+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA2MjExMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTliMTFjOWE5ZTNkMTI1OWY2NWU5ZTIzMmU0NjJkZjRmMGQ2NjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDCK4OP1LHp9tL8mBp19TwOXK1Fa
zJbJ86uIZAqbPbpQ7XQjaxBTMLBA65KkPC/kZOzkhm5g+s6+sLLPdTZ6PsYW1YwM
RwlOaP/dmSeWD2PNC7hgc3M9VabghbeUCdZs89/Rt72sCY39RcONMM44A6uKhch4
ndrCoIy4jiFhk9v5WZzPK7zket5o3opHUdyexkaGi4rJuYJ3JluN+6hj3gv1RNcw
nhaIKYDJcAUT7qeAjfrqCao9UoYSnJwoZFrQXXQAWjoG7xCdVTBvVWnvdUMq+jB9
zc4WIVD2s2U7Lt3xBSQohvbzxNevtlCR/yJZPCVnI2B/9qt546sx9PrnNQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPWbEcmp49Eln2Xp4jLkYt9PDWZrMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvOVpzUnlhbmowU1dmWmVuaU11UmkzMDhOWm1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG8oM3F3ozMlKKTM0a3M
sxFxe5+5uyrOpBq3ZRRi61VU1nE7DU2rw9amv7wbn+121YmRepsZH/TIhNhy6dI3
ePgrJs9GjRhop2R9ud1OOEJIao/m6Sd5i3gBfNE2iDdByGxtW5ROrBbOZeDs/4R0
tyrDXEBmyvpfJugfhieBvRs2GGh5IeCi1vdVg3ngiGDKTdqamVs1G6Dt9AJdvL0m
8/LP9+rviTPJZPSGXfcUeTzZdqU6XV7t6siFTn0yLzrvPxbAKpn+xFdqx5LKsXpC
vMUHbESo7E3e/FwhChsE3E5iVGb7CQr6JGYC0OBjT6zOqawYgiV9U/AGegD4NolV
7c0=
Generated at Sun Jan 7 00:55:55 2024 by rpki-client on console.sobornost.net