Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/IyZX3_ZqvBKUMiPMV7VcmpN0j8s.roa
File: IyZX3_ZqvBKUMiPMV7VcmpN0j8s.roa (raw, json)
Hash identifier: soR7fHRbRkLs8yOdGjiqhzJdMwZtTEDF56CdZExx6Ik=
Subject key identifier: 23:26:57:DF:F6:6A:BC:12:94:32:23:CC:57:B5:5C:9A:93:74:8F:CB
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CC82AD0B6CE8C35EDB6912878155B2E26
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/IyZX3_ZqvBKUMiPMV7VcmpN0j8s.roa
Signing time: Tue 02 Jan 2024 03:14:58 +0000
ROA not before: Tue 02 Jan 2024 03:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:2a:d0:b6:ce:8c:35:ed:b6:91:28:78:15:5b:2e:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 2 03:14:58 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=232657dff66abc12943223cc57b55c9a93748fcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:8a:90:28:89:e4:59:bb:16:33:8a:45:07:22:
2f:4c:43:66:fa:f2:2f:00:80:fe:1e:df:0e:11:1a:
e5:b8:dd:44:ba:88:52:b6:00:95:58:24:82:f6:c2:
85:03:3f:73:85:f7:4c:5d:ee:94:ff:19:1b:fa:9a:
dd:aa:0e:7e:fa:4e:00:1c:2c:42:58:df:5a:b1:de:
49:82:51:27:55:e1:52:d8:fe:e2:ed:fe:3e:9c:5a:
b6:58:41:19:ba:d6:28:b4:f2:4e:77:b1:49:34:d0:
73:9d:f4:ca:13:27:dd:d1:ae:c0:5b:29:3d:e1:2c:
bf:6d:3b:4b:74:2e:d9:06:26:b6:ec:8f:6a:7a:3d:
fb:5b:98:b3:89:54:7d:0e:4a:aa:ee:25:e6:8d:42:
f5:01:b7:3a:3c:e1:96:17:1f:20:60:6a:ca:4a:37:
53:20:2c:5c:0e:3d:e3:47:73:dd:b1:ec:98:ec:7c:
24:4e:19:e3:9f:92:30:e1:3a:9d:70:b0:aa:58:e9:
3e:18:aa:ba:52:fb:12:8e:06:6e:3a:d4:57:df:d4:
2e:70:0e:bd:4c:b4:e1:df:88:a0:65:ad:58:32:35:
f4:82:c0:ae:69:99:e0:8b:e3:fd:66:59:4c:64:05:
98:18:da:03:ea:90:d0:a0:fa:8f:fe:fc:a4:f9:47:
5b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:26:57:DF:F6:6A:BC:12:94:32:23:CC:57:B5:5C:9A:93:74:8F:CB
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/IyZX3_ZqvBKUMiPMV7VcmpN0j8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2b:71:79:29:24:f5:67:79:55:5e:54:14:3e:5a:53:6f:6a:57:
f6:a0:fd:fe:64:4c:8b:37:33:d2:86:4f:17:c7:ee:a3:7b:01:
89:92:08:96:fc:7e:2b:d4:68:a3:b9:58:16:c9:7f:56:05:15:
c3:e5:26:5c:06:0c:c0:a0:ca:47:a3:70:7a:2b:e9:0d:57:3d:
c5:5e:c8:ed:19:dc:3a:2d:30:c8:58:18:59:6c:68:fd:5d:ad:
f4:66:ac:9c:ff:4b:99:30:dd:c7:a3:6c:a6:9a:a7:de:7f:52:
7d:89:eb:99:53:2f:02:af:10:3a:c4:55:c6:03:f2:f7:3b:83:
9a:1e:8b:07:d1:bb:27:eb:95:d8:b7:1a:0c:c6:76:ea:cd:ec:
49:66:7e:f3:f6:06:07:b7:e5:30:de:48:f7:21:0c:5f:ff:80:
1b:a0:ac:30:65:a5:f7:51:dc:7a:3b:0b:ff:49:1f:d4:77:c9:
ba:a6:e3:3d:af:b4:b7:da:fd:ac:74:54:c2:39:d2:ca:53:23:
69:6a:a1:72:cd:7a:f6:be:2a:bf:0e:a0:e9:5b:88:e9:f4:e8:
77:c7:b4:3d:b1:8f:1b:8c:d3:f8:bb:50:54:95:4f:af:36:59:
9e:2a:f5:dd:9b:36:fd:20:0b:26:2f:18:17:15:4b:41:98:ee:
c7:ae:5f:11
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzIKtC2zow17baRKHgVWy4mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTAyMDMxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzI2NTdkZmY2NmFiYzEyOTQzMjIzY2M1N2I1NWM5YTkzNzQ4ZmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4qQKInkWbsWM4pFByIvTENm+vIv
AID+Ht8OERrluN1EuohStgCVWCSC9sKFAz9zhfdMXe6U/xkb+prdqg5++k4AHCxC
WN9asd5JglEnVeFS2P7i7f4+nFq2WEEZutYotPJOd7FJNNBznfTKEyfd0a7AWyk9
4Sy/bTtLdC7ZBia27I9qej37W5iziVR9Dkqq7iXmjUL1Abc6POGWFx8gYGrKSjdT
ICxcDj3jR3PdseyY7HwkThnjn5Iw4TqdcLCqWOk+GKq6UvsSjgZuOtRX39QucA69
TLTh34igZa1YMjX0gsCuaZngi+P9ZllMZAWYGNoD6pDQoPqP/vyk+UdbfwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCMmV9/2arwSlDIjzFe1XJqTdI/LMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSXlaWDNfWnF2QktVTWlQTVY3VmNtcE4wajhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACtxeSkk9Wd5VV5UFD5a
U29qV/ag/f5kTIs3M9KGTxfH7qN7AYmSCJb8fivUaKO5WBbJf1YFFcPlJlwGDMCg
ykejcHor6Q1XPcVeyO0Z3DotMMhYGFlsaP1drfRmrJz/S5kw3cejbKaap95/Un2J
65lTLwKvEDrEVcYD8vc7g5oeiwfRuyfrldi3GgzGdurN7ElmfvP2Bge35TDeSPch
DF//gBugrDBlpfdR3Ho7C/9JH9R3ybqm4z2vtLfa/ax0VMI50spTI2lqoXLNeva+
Kr8OoOlbiOn06HfHtD2xjxuM0/i7UFSVT682WZ4q9d2bNv0gCyYvGBcVS0GY7seu
XxE=
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:55:36 2024 by rpki-client on console.sobornost.net