Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/KIRQqYZZicrFIcQ5JOMyMrWoPRk.roa
File: KIRQqYZZicrFIcQ5JOMyMrWoPRk.roa (raw, json)
Hash identifier: DckMtIv3Z6rK0CGjEAL2a1EPWc1o9R+axZ2RgfUNsvk=
Subject key identifier: 28:84:50:A9:86:59:89:CA:C5:21:C4:39:24:E3:32:32:B5:A8:3D:19
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CAC44C8FDA3C753E118A963165CEF579D
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/KIRQqYZZicrFIcQ5JOMyMrWoPRk.roa
Signing time: Wed 27 Dec 2023 17:13:58 +0000
ROA not before: Wed 27 Dec 2023 17:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ac:44:c8:fd:a3:c7:53:e1:18:a9:63:16:5c:ef:57:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 27 17:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=288450a9865989cac521c43924e33232b5a83d19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:a7:88:ad:8c:fa:cf:70:27:7e:07:98:50:71:
3e:73:84:d9:b7:12:54:cc:28:3d:13:63:fe:01:85:
40:86:3b:66:91:5c:c1:80:dd:99:f3:97:57:e9:f7:
c5:06:6a:e4:df:79:23:d8:45:02:8f:8d:6c:a0:a9:
eb:30:5e:dd:44:e8:28:85:ff:fd:1c:85:14:71:3f:
8b:a8:a3:60:a0:e3:3a:b1:2a:b6:bd:3f:2e:08:9c:
af:46:dd:bd:48:85:30:60:cd:fa:33:3a:13:8d:40:
08:27:51:37:2d:3c:a0:bf:ea:7e:17:a1:08:d4:f3:
25:88:46:5e:7a:79:04:77:2f:ea:29:7f:92:6e:79:
9a:06:ba:1d:99:47:5c:07:75:c7:7b:67:41:bb:be:
28:89:a3:4e:14:94:b4:03:7a:06:d4:c5:c9:94:08:
7e:cc:b6:10:b8:96:b5:d6:b0:97:c2:a8:be:b6:ca:
ec:20:67:4a:c0:d1:57:a9:81:a5:2b:da:91:73:46:
c5:9c:6c:29:25:de:e7:a2:90:56:32:93:34:18:3a:
98:9b:e3:b1:1f:c0:58:71:fd:5a:d5:ed:2f:cf:68:
79:34:8e:4d:9a:9b:22:ea:5a:f8:63:f8:55:6c:0b:
d9:a8:0f:9d:20:a6:b7:5c:d3:5b:1f:e9:1d:3a:73:
64:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:84:50:A9:86:59:89:CA:C5:21:C4:39:24:E3:32:32:B5:A8:3D:19
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/KIRQqYZZicrFIcQ5JOMyMrWoPRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
71:99:c1:6c:33:44:b8:6d:33:fa:59:10:31:2b:3c:1f:f6:71:
a3:1b:2e:f1:f9:25:a2:d0:58:1b:12:d2:4c:10:83:65:67:9d:
ac:2f:e7:10:90:13:fa:fa:b4:e3:b5:6c:e4:49:67:c5:37:9e:
94:df:4a:81:7b:93:b3:75:aa:45:92:e3:80:26:38:50:f4:0d:
d3:0e:7d:74:bf:95:cd:ba:df:f1:77:ae:ea:97:88:28:75:dc:
0c:78:e5:cd:76:da:79:df:1c:cc:88:a2:1d:d9:f4:d5:0b:0b:
7e:19:70:1e:13:00:49:08:72:6d:df:3f:76:1a:b8:9e:5b:6f:
00:71:bb:f6:27:4b:71:11:97:62:bb:76:9e:45:0f:5f:d0:63:
9b:f1:ed:0d:97:71:22:d1:17:43:07:77:3d:d7:d9:54:19:74:
75:c1:ff:08:cf:6b:dc:47:0a:8a:ee:e4:c4:e0:45:a2:0f:18:
b2:83:4b:74:8b:b7:c1:eb:ad:d7:a1:d8:94:c7:c8:a5:96:4b:
25:88:30:6e:1e:16:57:c2:98:30:87:e2:5e:00:cc:83:25:49:
a7:95:93:3e:7f:39:bb:39:ac:50:f6:1e:c4:38:df:f6:32:66:
f7:b4:1b:8f:cc:bd:2d:51:58:2c:91:f2:c1:5c:70:40:e1:a6:
60:c5:0e:1f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYysRMj9o8dT4RipYxZc71edMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI3MTcxMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODg0NTBhOTg2NTk4OWNhYzUyMWM0MzkyNGUzMzIzMmI1YTgzZDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5KeIrYz6z3AnfgeYUHE+c4TZtxJU
zCg9E2P+AYVAhjtmkVzBgN2Z85dX6ffFBmrk33kj2EUCj41soKnrMF7dROgohf/9
HIUUcT+LqKNgoOM6sSq2vT8uCJyvRt29SIUwYM36MzoTjUAIJ1E3LTygv+p+F6EI
1PMliEZeenkEdy/qKX+SbnmaBrodmUdcB3XHe2dBu74oiaNOFJS0A3oG1MXJlAh+
zLYQuJa11rCXwqi+tsrsIGdKwNFXqYGlK9qRc0bFnGwpJd7nopBWMpM0GDqYm+Ox
H8BYcf1a1e0vz2h5NI5Nmpsi6lr4Y/hVbAvZqA+dIKa3XNNbH+kdOnNkxQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCiEUKmGWYnKxSHEOSTjMjK1qD0ZMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvS0lSUXFZWlppY3JGSWNRNUpPTXlNcldvUFJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHGZwWwzRLhtM/pZEDEr
PB/2caMbLvH5JaLQWBsS0kwQg2Vnnawv5xCQE/r6tOO1bORJZ8U3npTfSoF7k7N1
qkWS44AmOFD0DdMOfXS/lc263/F3ruqXiCh13Ax45c122nnfHMyIoh3Z9NULC34Z
cB4TAEkIcm3fP3YauJ5bbwBxu/YnS3ERl2K7dp5FD1/QY5vx7Q2XcSLRF0MHdz3X
2VQZdHXB/wjPa9xHCoru5MTgRaIPGLKDS3SLt8Hrrdeh2JTHyKWWSyWIMG4eFlfC
mDCH4l4AzIMlSaeVkz5/Obs5rFD2HsQ43/YyZve0G4/MvS1RWCyR8sFccEDhpmDF
Dh8=
-----END CERTIFICATE-----
Generated at Wed Dec 27 20:34:58 2023 by rpki-client on console.sobornost.net