Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/CxEvnLRXhQVnzVLQpilfbgV04p4.roa
File: CxEvnLRXhQVnzVLQpilfbgV04p4.roa (raw, json)
Hash identifier: SSGjbv9Hi82r5paPBcFGjw5uME6nRAyfjiMZ/m7+ok8=
Subject key identifier: 0B:11:2F:9C:B4:57:85:05:67:CD:52:D0:A6:29:5F:6E:05:74:E2:9E
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CAF44E9D6F7A6166FEA2034A96B36B891
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/CxEvnLRXhQVnzVLQpilfbgV04p4.roa
Signing time: Thu 28 Dec 2023 07:12:58 +0000
ROA not before: Thu 28 Dec 2023 07:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:af:44:e9:d6:f7:a6:16:6f:ea:20:34:a9:6b:36:b8:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 28 07:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b112f9cb457850567cd52d0a6295f6e0574e29e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a4:38:91:20:87:2f:58:f7:be:0d:e7:16:dc:
69:80:5a:d1:b8:fc:68:2d:36:ac:13:b8:48:3f:1d:
7c:1d:4d:69:b6:32:00:d2:2b:fc:06:5c:d1:8b:7e:
5b:37:cd:e5:63:3b:e1:57:4b:8c:2a:1b:4b:81:ef:
5b:13:db:d4:0e:d5:3c:fd:82:ca:6e:1a:01:99:6f:
9c:a4:6a:e1:e0:41:81:02:55:5b:46:a9:dd:88:2e:
a8:14:3e:30:55:22:9d:ff:30:cf:ff:a7:23:4d:65:
c0:d0:0d:88:3b:95:ff:e9:01:ec:81:ba:a8:29:5d:
d1:10:86:f6:6d:4c:e6:16:40:e9:0d:71:48:6a:33:
de:9a:7d:2a:9c:ac:7a:86:5b:4e:f3:09:b3:b6:be:
70:d0:e2:60:13:52:d9:8b:fc:5c:c3:d8:b6:14:86:
b9:92:71:ab:eb:bb:a5:7e:fd:ae:7d:6a:f0:fb:3d:
a5:41:3e:5d:53:a8:7b:2b:42:e8:c2:9f:a8:10:df:
f1:6b:69:38:57:f8:bd:77:22:4f:47:d9:7f:a9:ef:
2a:99:d7:0a:0a:e9:ca:5e:98:8f:a1:d5:19:cf:c2:
2c:e7:2e:b3:14:10:8b:b1:ab:ec:6c:b2:81:07:1f:
48:23:dd:27:fc:76:a8:29:b2:cf:4e:35:dc:c8:9f:
1e:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:11:2F:9C:B4:57:85:05:67:CD:52:D0:A6:29:5F:6E:05:74:E2:9E
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/CxEvnLRXhQVnzVLQpilfbgV04p4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
63:25:5e:65:14:a3:e6:0c:06:84:2a:ee:c6:ff:8d:a7:dc:ad:
4d:fe:cc:2b:76:ef:b3:53:d5:5d:0b:75:58:8a:df:ef:fe:a1:
fe:4a:d3:7c:d2:d7:7e:41:dd:e1:3b:e1:df:7c:ca:73:ff:2b:
ca:bd:8c:7a:01:0a:38:cc:b7:ec:7b:e4:ca:8a:4c:26:7a:84:
66:1b:e4:35:43:ec:5f:0e:e9:4a:6f:cb:fe:25:60:1d:70:b6:
5a:df:9c:42:76:c8:08:78:8d:43:78:1c:bf:36:7b:ba:06:63:
06:32:90:7b:ae:66:65:1f:e6:d7:f9:01:e9:6a:07:ba:21:f0:
86:cd:2b:49:6e:86:a8:2c:13:81:a0:de:94:b6:6a:ef:1f:8f:
6d:12:fa:87:90:19:42:b3:a7:17:0e:72:60:b4:0c:9c:23:6c:
60:08:e0:6f:b2:9c:ca:14:ba:3d:b2:a6:b8:c4:ee:59:9b:99:
17:94:8f:75:75:23:3f:75:6b:51:ee:10:f2:bd:4f:79:8d:1f:
d8:62:57:fb:38:83:93:4e:f3:64:38:0b:76:70:11:c0:de:36:
07:45:35:82:48:4c:49:22:ff:0b:da:b2:cb:81:50:fe:69:1f:
a0:ef:7c:42:b4:d5:97:d0:b5:6d:a4:19:19:3e:be:6f:eb:b8:
95:57:d1:83
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyvROnW96YWb+ogNKlrNriRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI4MDcxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjExMmY5Y2I0NTc4NTA1NjdjZDUyZDBhNjI5NWY2ZTA1NzRlMjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKQ4kSCHL1j3vg3nFtxpgFrRuPxo
LTasE7hIPx18HU1ptjIA0iv8BlzRi35bN83lYzvhV0uMKhtLge9bE9vUDtU8/YLK
bhoBmW+cpGrh4EGBAlVbRqndiC6oFD4wVSKd/zDP/6cjTWXA0A2IO5X/6QHsgbqo
KV3REIb2bUzmFkDpDXFIajPemn0qnKx6hltO8wmztr5w0OJgE1LZi/xcw9i2FIa5
knGr67ulfv2ufWrw+z2lQT5dU6h7K0Lowp+oEN/xa2k4V/i9dyJPR9l/qe8qmdcK
CunKXpiPodUZz8Is5y6zFBCLsavsbLKBBx9II90n/HaoKbLPTjXcyJ8ewwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAsRL5y0V4UFZ81S0KYpX24FdOKeMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvQ3hFdm5MUlhoUVZuelZMUXBpbGZiZ1YwNHA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGMlXmUUo+YMBoQq7sb/
jafcrU3+zCt277NT1V0LdViK3+/+of5K03zS135B3eE74d98ynP/K8q9jHoBCjjM
t+x75MqKTCZ6hGYb5DVD7F8O6Upvy/4lYB1wtlrfnEJ2yAh4jUN4HL82e7oGYwYy
kHuuZmUf5tf5AelqB7oh8IbNK0luhqgsE4Gg3pS2au8fj20S+oeQGUKzpxcOcmC0
DJwjbGAI4G+ynMoUuj2yprjE7lmbmReUj3V1Iz91a1HuEPK9T3mNH9hiV/s4g5NO
82Q4C3ZwEcDeNgdFNYJITEki/wvassuBUP5pH6DvfEK01ZfQtW2kGRk+vm/ruJVX
0YM=
-----END CERTIFICATE-----
Generated at Thu Dec 28 09:36:28 2023 by rpki-client on console.sobornost.net