Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/MhKNY6e-ELghLkm2aWYlG6vFT84.roa
File: MhKNY6e-ELghLkm2aWYlG6vFT84.roa (raw, json)
Hash identifier: m41ZfW+RbuSRYOol1byl1FWdR/rXuXYsJLBV7W5jb/8=
Subject key identifier: 32:12:8D:63:A7:BE:10:B8:21:2E:49:B6:69:66:25:1B:AB:C5:4F:CE
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CC4F1024E60E2E6542E62EBD197447D0D
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/MhKNY6e-ELghLkm2aWYlG6vFT84.roa
Signing time: Mon 01 Jan 2024 12:12:58 +0000
ROA not before: Mon 01 Jan 2024 12:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:f1:02:4e:60:e2:e6:54:2e:62:eb:d1:97:44:7d:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 1 12:12:58 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32128d63a7be10b8212e49b66966251babc54fce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c3:bd:8f:c9:5d:61:87:81:15:81:ef:d9:16:
a8:d4:73:80:bc:71:94:ca:0c:e4:23:cf:f5:a0:0e:
03:37:98:bc:11:e4:03:b3:87:6c:0b:dd:fb:52:b9:
0c:93:37:41:53:d4:db:23:e6:02:66:38:ee:39:65:
37:9f:98:b3:59:ba:7d:99:df:f8:a6:b5:fb:3a:88:
8b:e5:d5:89:4d:41:bd:a8:07:b4:34:b4:4e:ae:a3:
84:63:c6:bf:a3:3d:87:69:8a:9f:07:b2:fd:d8:c3:
fe:f4:0d:a0:9c:0b:dd:26:a4:50:85:a5:85:cc:c9:
ab:07:57:10:38:1c:c1:df:bf:c3:aa:07:c5:91:62:
34:dc:7f:ed:3e:87:85:d5:68:36:63:8b:b8:1a:d3:
6e:0d:83:d6:6a:1f:20:3f:93:33:3b:51:cf:02:50:
04:50:00:9c:a9:2a:4c:15:5d:2f:ca:d9:41:e4:82:
1e:f1:c1:a0:f1:75:f6:5f:37:e9:4b:2a:16:de:e8:
d1:f2:21:76:58:04:a5:8b:5f:be:f3:94:5a:79:0a:
23:6a:73:c7:a2:ef:0d:fc:6f:ec:24:1b:9f:27:3e:
15:7c:b4:b5:f1:a7:6a:a5:9a:d7:ff:ea:b5:ea:04:
63:5d:6a:01:1e:70:3a:ee:d7:99:fe:e6:28:9d:88:
9c:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:12:8D:63:A7:BE:10:B8:21:2E:49:B6:69:66:25:1B:AB:C5:4F:CE
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/MhKNY6e-ELghLkm2aWYlG6vFT84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
69:77:1d:32:42:29:4e:77:02:39:00:7f:7f:27:64:2e:04:7b:
7f:42:a4:95:03:9f:57:2c:42:c5:fb:ce:62:ff:f4:40:ee:67:
c7:11:b1:01:0b:4e:61:4c:4f:81:1b:41:fc:6f:41:4e:0c:e8:
cf:45:7c:8a:7d:40:64:ef:84:b1:76:80:d0:33:36:9c:f1:31:
8e:f1:82:4d:1e:21:01:5f:c6:45:77:8c:2e:39:1f:cb:ac:0e:
34:9a:4e:a3:08:7e:ba:bb:8d:4e:4c:4a:ae:68:ef:a5:03:d0:
22:44:e6:40:e6:2e:8d:ad:a8:00:96:1e:6d:6f:9e:5f:5b:07:
1b:b4:6c:e7:a9:30:0d:82:e8:65:7a:d6:11:7e:db:75:f8:c4:
71:9b:73:1b:75:09:24:d0:8e:4d:62:9f:b1:be:27:bb:79:fa:
34:e6:21:b9:7d:c6:d4:4c:c0:b9:6e:7f:3a:9a:b0:4a:6e:2b:
f2:f0:24:14:73:58:8b:83:00:06:0a:59:2a:36:0c:d7:41:97:
96:fd:65:5f:11:70:cd:d2:e7:bd:6c:ff:9c:35:f1:99:59:e2:
4c:91:04:8c:9f:0c:7d:1e:3d:9b:5c:95:16:4d:80:a8:30:01:
ef:2d:8b:71:e7:ad:38:e1:fa:1f:b0:11:46:0c:6c:24:9b:d9:
de:86:25:35
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzE8QJOYOLmVC5i69GXRH0NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTAxMTIxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjEyOGQ2M2E3YmUxMGI4MjEyZTQ5YjY2OTY2MjUxYmFiYzU0ZmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsO9j8ldYYeBFYHv2Rao1HOAvHGU
ygzkI8/1oA4DN5i8EeQDs4dsC937UrkMkzdBU9TbI+YCZjjuOWU3n5izWbp9md/4
prX7OoiL5dWJTUG9qAe0NLROrqOEY8a/oz2HaYqfB7L92MP+9A2gnAvdJqRQhaWF
zMmrB1cQOBzB37/DqgfFkWI03H/tPoeF1Wg2Y4u4GtNuDYPWah8gP5MzO1HPAlAE
UACcqSpMFV0vytlB5IIe8cGg8XX2XzfpSyoW3ujR8iF2WASli1++85RaeQojanPH
ou8N/G/sJBufJz4VfLS18adqpZrX/+q16gRjXWoBHnA67teZ/uYonYicnwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDISjWOnvhC4IS5JtmlmJRurxU/OMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTWhLTlk2ZS1FTGdoTGttMmFXWWxHNnZGVDg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGl3HTJCKU53AjkAf38n
ZC4Ee39CpJUDn1csQsX7zmL/9EDuZ8cRsQELTmFMT4EbQfxvQU4M6M9FfIp9QGTv
hLF2gNAzNpzxMY7xgk0eIQFfxkV3jC45H8usDjSaTqMIfrq7jU5MSq5o76UD0CJE
5kDmLo2tqACWHm1vnl9bBxu0bOepMA2C6GV61hF+23X4xHGbcxt1CSTQjk1in7G+
J7t5+jTmIbl9xtRMwLlufzqasEpuK/LwJBRzWIuDAAYKWSo2DNdBl5b9ZV8RcM3S
571s/5w18ZlZ4kyRBIyfDH0ePZtclRZNgKgwAe8ti3HnrTjh+h+wEUYMbCSb2d6G
JTU=
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:02:33 2024 by rpki-client on console.sobornost.net