Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/MmnRYg6bxVtgPoFhKEkxE__d1ec.roa
File: MmnRYg6bxVtgPoFhKEkxE__d1ec.roa (raw, json)
Hash identifier: bzfhn/JEwt238D58CGehYFjcropjf1TU2MTshL7A30M=
Subject key identifier: 32:69:D1:62:0E:9B:C5:5B:60:3E:81:61:28:49:31:13:FF:DD:D5:E7
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CC2251186DFF0A1BFC27ABE0B014326CA
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/MmnRYg6bxVtgPoFhKEkxE__d1ec.roa
Signing time: Sun 31 Dec 2023 23:10:58 +0000
ROA not before: Sun 31 Dec 2023 23:10:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:25:11:86:df:f0:a1:bf:c2:7a:be:0b:01:43:26:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 31 23:10:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3269d1620e9bc55b603e816128493113ffddd5e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:d2:8d:3c:d2:db:c7:af:cc:5f:9d:e2:7f:26:
38:92:d5:b9:5e:d8:d2:f1:af:a5:ce:cf:08:6b:13:
2f:01:47:c0:82:93:ca:e4:86:91:93:4c:50:8a:a0:
a9:3b:6a:be:ef:e4:e8:05:6d:25:0a:04:6c:61:01:
91:a3:48:cb:9f:7a:94:ca:0a:8a:9c:e6:65:93:6f:
c4:25:8b:ae:df:f5:68:3a:39:70:f8:c9:65:16:cf:
b1:09:d8:8c:d3:9e:37:4d:2e:6c:3c:ef:50:67:0f:
48:05:de:c3:5f:ae:8d:63:c2:14:ad:0f:f5:83:8e:
e7:36:7f:22:dd:bd:16:67:22:91:ee:6d:11:75:85:
73:c1:97:aa:b9:80:0c:73:8e:99:35:61:c4:97:62:
e9:aa:f1:3a:b7:76:f9:d5:e0:2d:67:7a:3d:61:c5:
6c:bc:7b:50:91:f3:90:89:be:ff:20:16:18:6b:91:
23:fc:d6:af:47:f0:1a:6a:28:fd:0c:ce:7f:74:1b:
1d:ee:c3:5c:e9:61:7f:79:ce:fb:6e:9b:7b:3d:53:
4d:e8:f2:52:7a:cb:12:7d:a2:56:c2:1c:a0:b6:6f:
de:59:ad:39:04:6f:45:37:69:60:73:1b:37:d1:47:
4d:ea:d0:5b:72:bb:4f:56:d1:7f:fe:db:2a:19:f4:
09:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:69:D1:62:0E:9B:C5:5B:60:3E:81:61:28:49:31:13:FF:DD:D5:E7
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/MmnRYg6bxVtgPoFhKEkxE__d1ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
08:cb:2c:26:53:cd:2a:87:bc:69:b0:43:ef:e0:b4:c1:f2:35:
f7:e8:22:ef:1e:d5:f4:74:6a:d1:54:71:d7:d9:f4:e7:6a:71:
45:e3:4d:00:4d:72:84:cf:4c:36:36:50:ed:e0:e0:7b:41:7d:
f5:85:0a:58:75:a2:e7:5f:17:36:e6:bf:8e:22:17:d9:a1:23:
23:80:73:b6:c3:5b:f5:42:89:6e:4e:a4:e7:62:15:83:fa:ec:
3d:97:e2:01:10:bc:c0:01:60:bb:09:c3:9f:61:b9:16:a2:f0:
02:fe:96:67:df:b0:9b:79:f3:4b:d1:1c:0a:c8:31:77:23:1b:
74:76:da:c1:6c:58:b2:7f:60:06:da:ba:d6:ec:38:c6:52:62:
f6:05:a3:9a:a5:82:96:31:53:2c:1d:8e:cd:4b:0d:78:f6:7c:
79:b5:05:64:f9:05:20:11:43:b2:8f:6f:4a:52:93:7f:c4:28:
20:37:8a:40:f8:dd:4b:5a:48:d9:83:b8:b6:9b:5c:56:72:ba:
90:98:4a:eb:d3:9f:82:a1:9e:00:41:38:a2:0b:2f:fb:6f:bc:
a6:2b:82:e3:83:2a:ec:f8:14:6f:f3:04:63:61:5e:c8:8b:08:
9e:13:98:9f:fe:34:78:f9:ed:de:0e:68:f7:36:a3:bf:2a:3c:
24:48:b7:03
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzCJRGG3/Chv8J6vgsBQybKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjMxMjMxMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjY5ZDE2MjBlOWJjNTViNjAzZTgxNjEyODQ5MzExM2ZmZGRkNWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9KNPNLbx6/MX53ifyY4ktW5XtjS
8a+lzs8IaxMvAUfAgpPK5IaRk0xQiqCpO2q+7+ToBW0lCgRsYQGRo0jLn3qUygqK
nOZlk2/EJYuu3/VoOjlw+MllFs+xCdiM0543TS5sPO9QZw9IBd7DX66NY8IUrQ/1
g47nNn8i3b0WZyKR7m0RdYVzwZequYAMc46ZNWHEl2LpqvE6t3b51eAtZ3o9YcVs
vHtQkfOQib7/IBYYa5Ej/NavR/Aaaij9DM5/dBsd7sNc6WF/ec77bpt7PVNN6PJS
essSfaJWwhygtm/eWa05BG9FN2lgcxs30UdN6tBbcrtPVtF//tsqGfQJ2wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDJp0WIOm8VbYD6BYShJMRP/3dXnMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTW1uUllnNmJ4VnRnUG9GaEtFa3hFX19kMWVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAjLLCZTzSqHvGmwQ+/g
tMHyNffoIu8e1fR0atFUcdfZ9OdqcUXjTQBNcoTPTDY2UO3g4HtBffWFClh1oudf
Fzbmv44iF9mhIyOAc7bDW/VCiW5OpOdiFYP67D2X4gEQvMABYLsJw59huRai8AL+
lmffsJt580vRHArIMXcjG3R22sFsWLJ/YAbautbsOMZSYvYFo5qlgpYxUywdjs1L
DXj2fHm1BWT5BSARQ7KPb0pSk3/EKCA3ikD43UtaSNmDuLabXFZyupCYSuvTn4Kh
ngBBOKILL/tvvKYrguODKuz4FG/zBGNhXsiLCJ4TmJ/+NHj57d4OaPc2o78qPCRI
twM=
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:13:27 2024 by rpki-client on console.sobornost.net