Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/F0K4gH8yxA79lnwZnKShbKsR_Lg.roa
File: F0K4gH8yxA79lnwZnKShbKsR_Lg.roa (raw, json)
Hash identifier: 3C4BRIfHglFde/m+8sGARQ7gg1BZm5gz3OeQ54ahUHA=
Subject key identifier: 17:42:B8:80:7F:32:C4:0E:FD:96:7C:19:9C:A4:A1:6C:AB:11:FC:B8
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CE2C45AFD17A4DDA0FF3C1581E9076AEA
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/F0K4gH8yxA79lnwZnKShbKsR_Lg.roa
Signing time: Sun 07 Jan 2024 07:12:48 +0000
ROA not before: Sun 07 Jan 2024 07:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 07 Jan 2024 08:07:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e2:c4:5a:fd:17:a4:dd:a0:ff:3c:15:81:e9:07:6a:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 7 07:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1742b8807f32c40efd967c199ca4a16cab11fcb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:5d:48:c2:a9:60:45:69:63:ec:85:c7:c5:f7:
0d:13:3d:20:8b:d0:84:6a:7f:e3:2a:04:2d:be:02:
eb:64:0f:e0:16:38:0f:ef:cf:af:dc:0b:ad:50:a2:
13:25:dc:e9:83:7c:a9:40:8f:51:f1:b0:58:b9:6a:
f0:1a:40:52:1b:d8:68:31:2e:cd:69:25:95:3f:d9:
84:db:ba:2b:a7:02:1a:ab:90:73:87:ef:f9:5b:af:
68:9b:c7:ef:f4:35:c1:af:20:5d:c7:e7:b4:34:d2:
5d:dd:62:c7:f7:0a:6f:8b:2e:9c:bc:c3:a1:3f:d3:
9a:2c:de:95:03:05:c7:07:ae:f4:7f:4a:b4:ae:2d:
e7:76:7b:52:f5:69:9a:3e:b5:0e:72:3c:97:ac:af:
cd:0f:a5:3f:79:d0:e0:f1:4f:5a:c6:ee:b3:b1:8f:
d7:92:6b:71:77:a4:7d:28:72:eb:95:2b:a0:2b:1e:
ea:95:14:36:ab:a9:d1:d5:8f:5f:11:df:17:f0:0d:
79:31:2b:1e:58:a7:20:97:83:d2:46:24:a1:71:20:
95:0a:5f:f3:5a:d7:7c:e4:e9:c8:72:1c:2c:64:06:
ab:6c:bf:c6:93:5e:42:29:04:34:a7:2c:fe:de:fb:
e2:85:af:ee:39:29:09:32:f3:55:83:56:62:43:a1:
02:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:42:B8:80:7F:32:C4:0E:FD:96:7C:19:9C:A4:A1:6C:AB:11:FC:B8
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/F0K4gH8yxA79lnwZnKShbKsR_Lg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
91:f6:c5:16:92:31:25:15:a9:f1:4e:ce:f6:74:30:7c:80:6e:
f4:f8:0c:b4:4b:78:63:b5:95:78:56:69:37:f1:0b:e2:21:fe:
7c:09:cf:3d:8f:8c:08:f1:5e:cd:d3:6c:73:f7:c6:d2:22:e9:
7d:29:08:6d:10:79:6c:b2:5f:83:d9:5a:9b:57:75:00:99:13:
e0:f0:ab:4a:fd:aa:5f:d3:e3:5d:04:36:13:1a:a8:90:c1:1a:
f2:0d:f7:bf:ed:e1:b2:da:cc:b2:3b:7e:ad:a7:6c:60:89:45:
b2:1d:53:27:81:d8:f2:7e:03:44:21:94:b8:3d:4e:cf:51:9a:
01:95:c7:41:cf:61:80:a8:48:2b:fd:a7:f3:a4:60:7c:12:26:
1a:04:bf:68:73:8a:e3:d0:19:27:3b:86:27:6a:03:01:b6:3b:
43:54:5d:8e:6d:c9:0d:10:2f:43:7e:bb:57:9e:17:3c:48:b8:
91:c0:1e:22:2c:1d:b5:e3:70:8e:f9:f8:1c:7a:6b:89:f6:93:
1c:31:2f:d6:ca:8b:dd:d7:1f:ce:c8:55:e3:28:c3:cd:d0:c2:
32:36:2a:11:1d:3b:d8:99:0e:00:31:2f:d5:46:eb:71:e9:a4:
96:70:c6:8e:79:9c:05:35:fc:50:7c:93:3a:5d:c8:d2:d8:d5:
aa:fd:f3:39
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzixFr9F6TdoP88FYHpB2rqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA3MDcxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzQyYjg4MDdmMzJjNDBlZmQ5NjdjMTk5Y2E0YTE2Y2FiMTFmY2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA111IwqlgRWlj7IXHxfcNEz0gi9CE
an/jKgQtvgLrZA/gFjgP78+v3AutUKITJdzpg3ypQI9R8bBYuWrwGkBSG9hoMS7N
aSWVP9mE27orpwIaq5Bzh+/5W69om8fv9DXBryBdx+e0NNJd3WLH9wpviy6cvMOh
P9OaLN6VAwXHB670f0q0ri3ndntS9WmaPrUOcjyXrK/ND6U/edDg8U9axu6zsY/X
kmtxd6R9KHLrlSugKx7qlRQ2q6nR1Y9fEd8X8A15MSseWKcgl4PSRiShcSCVCl/z
Wtd85OnIchwsZAarbL/Gk15CKQQ0pyz+3vviha/uOSkJMvNVg1ZiQ6ECmwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBdCuIB/MsQO/ZZ8GZykoWyrEfy4MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvRjBLNGdIOHl4QTc5bG53Wm5LU2hiS3NSX0xnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJH2xRaSMSUVqfFOzvZ0
MHyAbvT4DLRLeGO1lXhWaTfxC+Ih/nwJzz2PjAjxXs3TbHP3xtIi6X0pCG0QeWyy
X4PZWptXdQCZE+Dwq0r9ql/T410ENhMaqJDBGvIN97/t4bLazLI7fq2nbGCJRbId
UyeB2PJ+A0QhlLg9Ts9RmgGVx0HPYYCoSCv9p/OkYHwSJhoEv2hziuPQGSc7hidq
AwG2O0NUXY5tyQ0QL0N+u1eeFzxIuJHAHiIsHbXjcI75+Bx6a4n2kxwxL9bKi93X
H87IVeMow83QwjI2KhEdO9iZDgAxL9VG63HppJZwxo55nAU1/FB8kzpdyNLY1ar9
8zk=
-----END CERTIFICATE-----
Generated at Sun Jan 7 14:03:18 2024 by rpki-client on console.sobornost.net